警告:ldap_modify():修改:服务器不愿意执行
[英]Warning: ldap_modify(): Modify: Server is unwilling to perform
问题描述
I really struggling here with the integration between Active Directory and PHP. 
我真的在努力与Active Directory和PHP之间的集成。 The fields I am trying to update are: givenname, sn, mail, telephonenumber, company, department and title. 我想要更新的字段是:givenname,sn,mail,telephonenumber,company,department和title。 It is giving me the following error: 它给了我以下错误:
Warning: ldap_modify(): Modify: Server is unwilling to perform in E:\IIS^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
From searching the internet I have found that I have to use LDAPS instead of LDAP but I do not know what is wrong here: 从搜索互联网我发现我必须使用LDAPS而不是LDAP,但我不知道这里有什么问题:
function get_active_directory_info($username, $password)
{
$conn = ldap_connect("DC-1");
if($conn==FALSE)
{
return array(FALSE, FALSE);
}
else
{
$bind = ldap_bind($conn, $username, $password);
ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION,3);
ldap_set_option($conn, LDAP_OPT_REFERRALS,0);
$unit = "OU=Staff,OU=Users,DC=example,DC=internal";
$filter = "(&(objectCategory=person)(sAMAccountName=*)(!(UserAccountControl=514)))";
$results = array();
$justthese = array("sn", "givenname", "mail", "company","department","title","telephonenumber","samaccountname", "cn");
$sr=ldap_search($conn, $unit, $filter, $justthese);
$info = ldap_get_entries($conn, $sr);
for($i = 0; $i < $info["count"]; $i++)
{
$cn = $info[$i]["cn"][0];
if(substr($cn, -3) != "ADM")
{
$results[$i]["id"] = $i + 1;
if(empty($info[$i]["givenname"][0])==FALSE)
{
$results[$i]["first"] = $info[$i]["givenname"][0];
}
if(empty($info[$i]["sn"][0])==FALSE)
{
$results[$i]["last"] = $info[$i]["sn"][0];
}
if(empty($info[$i]["mail"][0])==FALSE)
{
$results[$i]["email"] = $info[$i]["mail"][0];
}
if(empty($info[$i]["company"][0])==FALSE)
{
$results[$i]["company"] = $info[$i]["company"][0];
}
if(empty($info[$i]["title"][0])==FALSE)
{
$results[$i]["title"] = $info[$i]["title"][0];
}
if(empty($info[$i]["department"][0])==FALSE)
{
$results[$i]["department"] = $info[$i]["department"][0];
}
if(empty($info[$i]["telephonenumber"][0])==FALSE)
{
$results[$i]["number"] = $info[$i]["telephonenumber"][0];
}
if(empty($info[$i]["samaccountname"][0])==FALSE)
{
$results[$i]["username"] = $info[$i]["samaccountname"][0];
}
}
}
}
return $results;
}
2 个解决方案
解决方案1
0 2017-05-11 14:22:47
If I remember correctly, you need LDAPs for changing passwords, I see you are not doing that. 如果我没记错的话,你需要LDAP来更改密码,我发现你没有这样做。 Have you also tried this with a more simplistic example, just to try if it works? 您是否也尝试过更简单的示例,只是尝试它是否有效?
I have changed the following code with the information you supplied but you should change the host, usernames and passwords. 我已使用您提供的信息更改了以下代码,但您应该更改主机,用户名和密码。 What happens when you try this. 尝试这个时会发生什么。
$r=ldap_bind($ds, "username", "password");
$ldapconn = ldap_connect("LDAP://HOST:389");
if ($ldapconn) {
// binding to ldap server
$ldapbind = ldap_bind($ldapconn, "username", "password");
$justthese = array("otherTelephone");
$search = ldap_search($ldapconn,"OU=Staff,OU=Users,DC=example,DC=internal", "(&(objectCategory=person)(sAMAccountName=*)(!(UserAccountControl=514)))", $justthese);
$entry = ldap_get_entries($ldapconn, $search);
$dn=$entry[0]["dn"];
$userdata=array();
$userdata["otherTelephone"][0]= "NEWPHONENUMBER";
ldap_modify($ldapconn, $dn, $userdata);
}
Let me know what happens. 让我知道发生什么事。
解决方案2
0 2017-05-13 15:19:14
您必须使用LDAP加密来设置Microsoft Active Directory的密码
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.