I have been trying to find an answer to this for some time now and cannot find anything on my own.
I am trying to set up Active Directory authentication for some applications I am developing. I got the setup to initially work, but notice that it will work if I use an invalid password or even a blank password. I am not sure what I need to change in my code (listed below)
$ldaprdn = $_POST["username"];
$ldappass = $_POST["password"];
$host = "ad1.mysite.edu";
$basedn = "DC=ad1,DC=mysite,DC=edu";
$ds = ldap_connect ("ldap://" . $host);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
if ($ds)
{
$r = ldap_bind($ds, $user . "@mysite.edu", $pass);
if ($r)
{
session_start();
ldap_close($ds);
$_SESSION["username"] = $ldaprdn;
$_SESSION["login"] = true;
header ("Location: options.php");
}
else
{
ldap_close($ds);
header ("Location: index.php");
}
}
If it authenitcates, it should go to the options.php page. I can put a check to see if the password given is null or blank, but that doesn't solve the binding with an invalid password.
The one major thing I don't understand with the script are the DC= and what they do, and maybe its something in there that is the issue.
Thanks in advance for any help you may be able to provide.
