我如何从 LDAP 更改为 Ldaps

Question

I have a functioning code that creats an Ldap connection to an online test server.

<?php

$ldap_dn = "uid=".$_POST["username"].",dc=example,dc=com";
$ldap_password = $_POST["password"];

$ldap_con = ldap_connect("ldap.forumsys.com");
ldap_set_option($ldap_con, LDAP_OPT_PROTOCOL_VERSION, 3);

if(@ldap_bind($ldap_con,$ldap_dn,$ldap_password))
    {
    $_SESSION['username'] = $_POST["username"];

    header("Location: Startseite.php");

    }

else
    {
    echo "Invalid Credential";
    }
?>

Now i want to change the code to connect to a local Windows server and retrieve data from the active directory. This connection should be an Ldaps. Here is the code i tried.

<?php

$ldap_dn = "uid=".$_POST["username"].",dc=ULTIMATE,dc=local";
$ldap_password = $_POST["password"];

$ldap_con = ldap_connect("ldaps://192.168.***.**:636,OU=ULTIMATE,DC=ultimate,DC=local");
ldap_set_option($ldap_con, LDAP_OPT_PROTOCOL_VERSION, 3);

if(@ldap_bind($ldap_con,$ldap_dn,$ldap_password))
    {
    $_SESSION['username'] = $_POST["username"];

    header("Location: Startseite.php");

    }

else
    {
    echo "Invalid Credential";
    }
?>

And i get the following error

Warning: ldap_connect(): Could not create session handle: Bad parameter to an ldap routine in C:\\xampp\\htdocs\\Kulinarik\\ldap.php on line 10

Why is it a bad parameter ?

EDIT

So the Active directory is Passwort protected and the users who want to start the query have no rights. So i would have to make a Bind with the Credentials of the Sysadmin and then make a query inside the active directory with the Credentials of the users.

Is that right?

Answer 1

Try something like:

$ldap_con = ldap_connect("ldaps://192.168.***.**:636");

Without ,OU=ULTIMATE,DC=ultimate,DC=local part.