LDAPS未与PHP连接 [英] LDAPS not connecting with PHP

问题描述

在使用Windows连接到安全的LDAP服务器时遇到了问题，到目前为止，我在网上看到的都是一样的东西，到目前为止还没有解决方案.

I'm having issues using Windows to connect to a secure LDAP server, and I see the same thing everywhere online with no solution thats worked so far.

我尝试同时使用IIS和WAMPSERVER.我已经将libeay32.dll和ssleay32.dll放在了SYSTEM32目录中，并启用了LDAP扩展.

I have tried using both IIS and WAMPSERVER. I have put libeay32.dll and ssleay32.dll in my SYSTEM32 directory and enabled the LDAP extension.

这是我的代码:

putenv('LDAPTLS_REQCERT=never');
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
$resource = ldap_connect("ldaps://{redacted}/", 636) or die ("Could not connect.");
ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3)
$bound = ldap_bind($resource, "{redacted}\ldap", "****");

echo ldap_error($resource);

我从ldap_error和PHP警告Warning: ldap_bind() [function.ldap-bind]: Unable to bind to server: Can't contact LDAP server in C:\wamp\www\ldapTest.php

I get Can't contact LDAP server from ldap_error and the PHP warning Warning: ldap_bind() [function.ldap-bind]: Unable to bind to server: Can't contact LDAP server in C:\wamp\www\ldapTest.php

我尝试连接的服务器正在运行Active Directory，并且我已确认可以使用其他LDAP工具进行连接.我知道此服务器的证书有问题-我正在使用的LDAP工具说The server you are trying to connect to is using a certificate which could not be verified! - Issuer certificate not found

The server I am attempting to connect to is running Active Directory and I have confirmed that I can connect by using other LDAP tools. I know this server has an issue with it's certificate - the LDAP tool I am using says The server you are trying to connect to is using a certificate which could not be verified! - Issuer certificate not found

我怀疑不良证书导致了绑定问题，这就是为什么我尝试使用LDAPTLS_REQCERT = never的原因.

My suspicion is that the bad certificate is causing the bind issue which is why I've tried the LDAPTLS_REQCERT=never.

推荐答案

我不记得我在哪找到这篇文章.但是我发现默认情况下，即使您指定TLS_REQCERT，也永远不会忽略它.

I can't recall where I found this one article; however I found out that by default even if you specify the TLS_REQCERT never it is ignored.

我发现/然后忘记并再次发现的是，您需要执行以下操作(对于Windows计算机)

What I found out / then forgot about and found out again is you need to do the following (for windows machines)

1. 在驱动器c的根目录中创建以下目录结构 c:\ OpenLDAP \ sysconf(创建两个文件夹)
2. 在sysconf文件夹中创建一个名为"ldap.conf"的文本文件.
3. 在您创建的文本文件中，将以下内容放在第一行，然后保存 "TLS_REQCERT永不"(不带引号)
4. 重新启动Apache，它现在应该可以工作了.

1. Create the following directory structure on your drive c in the root c:\OpenLDAP\sysconf (create the two folders)
2. Inside the sysconf folder create a text file called "ldap.conf"
3. In the text file you created put the following on the first line and then save "TLS_REQCERT never" (Without the quotes)
4. Restart Apache and it should work now.

尝试一下.祝你好运！

这篇关于LDAPS未与PHP连接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！