![](/img/trans.png)
[英]Php and openldap get more specific error code for an expired password
[英]PHP and OPENLDAP, can't change password expired error: Invalid credentials
我使用以下 passowod 策略配置了我的 OPENLDAP ($OpenLDAP: slapd 2.4.44):
dn: cn=DefaultPPolicy,ou=Policies,cn=Manager,dc=mydomain,dc=com
cn: DefaultPPolicy
objectClass: pwdPolicy
objectClass: device
objectClass: top
pwdAttribute: userPassword
passwordExp: ON
pwdMaxAge: 2592000
pwdExpireWarning: 2160000
pwdInHistory: 3
pwdCheckQuality: 1
pwdMinLength: 8
pwdMaxFailure: 3
pwdLockout: TRUE
pwdLockoutDuration: 30
pwdGraceAuthNLimit: 0
pwdFailureCountInterval: 0
pwdMustChange: TRUE
pwdAllowUserChange: TRUE
pwdSafeModify: FALSE
pwdReset: TRUE
現在我寫了這個 PHP 函數來更新密碼。
function checkPassword($username, $password){
include '../conf/config.inc.php';
$ldap_Userdn = getUserDN($username);
if($ldap_Userdn!=""){
$ldap_con = ldap_connect($ldap_hostname,$ldap_port);
ldap_set_option($ldap_con, LDAP_OPT_PROTOCOL_VERSION, 3);
if(ldap_bind($ldap_con, $ldap_Userdn, $password)){
$authenticated = true;
} else {
$authenticated = false;
define('LDAP_OPT_DIAGNOSTIC_MESSAGE', 0x0032);
ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($conn, LDAP_OPT_REFERRALS, 0);
$auth_error = ldap_error($ldap_con) . '<br />' . ldap_get_option($ldap_con, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error);
echo "<br/><br/>extended_error: " . $extended_error;
echo "<br/><br/>auth_error: " . $auth_error;
if ($errno == 532){
echo "<br/><br/>-----------Unable to login: Password expired.---------<br/><br/>";
}
}
} else {
echo "<br/>Error to find user DN";
}
return $authenticated;
ldap_close($ldap_con);
}
但是當密碼過期時,我總是收到這個錯誤:
錯誤 49 - 無效的憑據
試試這個代碼:
$r = ldap_bind_ext($link, "uid=username,ou=people,dc=unimore,dc=it" , "password", [['oid' => LDAP_CONTROL_PASSWORDPOLICYREQUEST]]);
if (ldap_parse_result($link, $r, $errcode, $matcheddn, $errmsg, $referrals, $ctrls)) {
if ($errcode != 0) {
echo("Error: ($errcode) $errmsg \n");
}
print_r($ctrls);
}
openldap 有 0 作為代碼來表示密碼過期。 532 在活動目錄中
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.