PHP ldap - Strong(er) authentication required

Question

I have a PHP script which does a LDAP connect, bind and search. It is working very well with most of the Active Directory servers, however one of our clients has a problem. The script returns

Strong(er) authentication required.

error when trying ldap_bind.

All the searches I made directed me to two possible problems:

1. I have to set LDAP_OPT_PROTOCOL_VERSION to 3 - which I do and did before, so this can not be my problem.
2. The AD server is configured to use SSL authentication - but our client insists that it is a default Windows 2008 R2 server installation, and that does not default to SSL for sure.

What other causes could be for this error to happen?

UPDATE

It was SSL required on Active Directory server ...

Answer 1

You have to use ldaps:// if it's required by the Active Directory server. If it's a problem with invalid certificate authority, you can ignore the validity in windows by issuing

putenv('LDAPTLS_REQCERT=never');

in your php code. In *nix you need to edit your /etc/ldap.conf to contain

TLS_REQCERT never

For other common problems, you can refer to my post at PHP cannot connect to LDAP Oracle Directory Server Enterprise Edition

For working example code, you can have a look at: Problems with secure bind to Active Directory using PHP

Answer 2

I had the same problem and it seems that there was a typo in my bind_rdn, so make sure that the credentials are correct.