在Apache上使用PHP绑定到Active Directory时出现问题

Question

I have a PHP script on an apache server, and every time I try to run it, it tells me:

unable to bind to the AD

It connects fine though. I took it off the apache server, and ran it locally from my machine, and it was able to bind just fine. I'm assuming that there is something wrong with my configuration of apache.

I'm using the adLDAP API, and this is the following script I'm trying to run. It's basically a test to see whether I'm able to bind successfully or not and check to see if the credentials entered are in the Active Directory.

$username = $_POST["username"];
$password = $_POST["password"];
$formage =  $_POST["formage"];

if ($_POST["oldform"]) { //prevent null bind

    if ($username != NULL && $password != NULL){
        //include the class and create a connection
        include (dirname(__FILE__) . "/../src/adLDAP.php");
        try {
            $adldap = new adLDAP();
        }
        catch (adLDAPException $e) {
            echo $e;
            exit();
        }

        //authenticate the user
        if ($adldap->authenticate($username, $password)){
            //establish your session and redirect
            session_start();
            $_SESSION["username"] = $username;
            $_SESSION["userinfo"] = $adldap->user()->info($username);
            $redir = "Location: https://" . $_SERVER['HTTP_HOST'] .
                dirname($_SERVER['PHP_SELF']) . "/menu.php";
            header($redir);
            exit;
        }
    }
    $failed = 1;
}

Why am I getting this error: unable to bind to the AD ?

Answer 1

I figured out the issue.

Apparently SELinux was blocking the port I needed to connect to, so I just essentially told SELinux that it's ok to connect to that port. Now everything works like a charm. Here is how I allowed Apache access to the port:

grep httpd /var/log/audit/audit.log | audit2allow -M mypol
semodule -i mypol.pp