无法连接LDAP服务器-ldap_bind()中的问题;
[英]Can't connect LDAP server - issue in ldap_bind();
问题描述
I am tried to implement a LDAP authentication in my web application developed in ZF2. 
我试图在以ZF2开发的Web应用程序中实现LDAP身份验证。 LDAP authentication is working fine in Windows 7. LDAP身份验证在Windows 7中工作正常。
But, after moving the application to LINUX machine, LDAP authentication is not working. 但是,将应用程序移至LINUX计算机后,LDAP身份验证不起作用。 I am always getting the error as : Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server in LdapConnect.php on line 20 我总是收到以下错误消息: 警告:ldap_bind():无法绑定到服务器:无法在第20行的LdapConnect.php中联系LDAP服务器
I have used the scripts as: 我将脚本用作:
$ldaphost = "ldap://xxxx.net";
$ldapport = 389;
$ds = ldap_connect($ldaphost, $ldapport) or die("Could not connect to $ldaphost");
if ($ds)
{
$username = "username@xxxx.net";
$upasswd = "password";
$ldapbind = ldap_bind($ds, $username, $upasswd);
if ($ldapbind)
{
print "Congratulations! you are authenticated successfully.";
}else{
print "Better luck next time!";
}
}
Should I install any software package or should I do any config settings? 我应该安装任何软件包还是应该进行任何配置设置?
Note: If I give the IP adress then it is working fine, but if I give the domain name, then it is not working. 注意: 如果提供IP地址,则可以正常工作;但是,如果提供域名,则不能正常工作。
Please help me to solve the problem. 请帮我解决问题。
1 个解决方案
解决方案1
2 已采纳 2014-07-17 09:47:18
The library may be different between the 2, or a different version. 2之间的库可能不同,也可能不同。 You'd be amazed how many variations of the ldap client there are. 您会惊讶于ldap客户端有多少种变体。 In your position I would (if available) use ldap client to make the same kind of connection a few different ways. 在您的位置,我将(如果可用)使用ldap客户端以几种不同方式进行相同类型的连接。
eg the "-x" on the standard ldapsearch: -x Use simple authentication instead of SASL. 例如,标准ldapsearch上的“ -x”:-x使用简单身份验证而不是SASL。
So you could express the connection like this: 因此,您可以这样表示连接:
ldapsearch -h xxxx.net -p 389 (etc) ldapsearch -x -h ldap://xxxx.net:389 (this should actually be -H..) ldapsearch -h xxxx.net -p 389(等)ldapsearch -x -h ldap://xxxx.net:389(实际上应该是-H ..)
and so on. 等等。 It is also possible for things outside of your code to be an issue. 代码之外的内容也可能成为问题。 Prod servers often have firewalls and proxies (eg F5) that are transparent to the server/client. 产品服务器通常具有对服务器/客户端透明的防火墙和代理(例如F5)。 Make sure your final code has exception handling for binding and searching. 确保最终代码具有绑定和搜索的异常处理。 I'm not too familiar with the php implementation, and the doco is a tad thin. 我对php实现不太熟悉,doco有点薄。 Normally you'd use a synchronous bind. 通常,您将使用同步绑定。
Can you verify that the code above is exactly as you had it on Windows? 您可以验证上面的代码与Windows上的代码完全一样吗? The reason I ask is that looking here: http://php.net/manual/en/function.ldap-connect.php it seems that you may be mixing 2 types of bind. 我问的原因是看这里: http : //php.net/manual/en/function.ldap-connect.php看来您可能正在混合两种类型的绑定。 I definitely wouldn't have done it like that in standard python. 我绝对不会在标准python中那样做。
So if using a URI normally you'd do it like this: 因此,如果通常使用URI,则可以这样做:
ldap_connect("ldap://blah:389")
and if you're connecting via host/port combo: 如果您通过主机/端口组合进行连接:
ldap_connect("blah","389")
With minimal exception info my best guess is that its actually trying to bind to a hostname "ldap://xxxx.net" on port "389". 在异常信息最少的情况下,我最好的猜测是它实际上试图绑定到端口“ 389”上的主机名“ ldap://xxxx.net”。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.