Menu
I've following problem with my php script:
PHP Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server in ....
ldap_connect() says "Success" but ldap_bind() fails, how to fix that issue?
489
Cannot contact LDAP Server: If you receive a "Cannot connect to the LDAP Server" error message, try to connect using the LDAP Server IP address. You should also check to be sure the LDAP machine is running. Another possibility is that the SSL certificate files are not valid.
The ldap_bind function asynchronously authenticates a client with the LDAP server. The bind operation identifies a client to the directory server by providing a distinguished name and some type of authentication credential, such as a password. The authentication method used determines the type of required credential.
Either the LDAP server is unreachable, or there is a domain alias or load-balancing failure. There are other causes for error code 81, including: You are trying to authenticate to port 389 when the LDAP server is set for SSL only. If the bind account is invalid, you can get an error code 81.
Anonymous binding is an LDAP server function. Anonymous binding allows a client to connect and search the directory (bind and search) without logging in because binddn and bindpasswd are not needed. You also do not need to log in when you configure LDAP authentication using Management Console.
Had this error on RHEL7 ( CentOS7 ) due to SELinux restricting ports HTTPD can use.
LDAP ports 389 and 636 are not on the default allow list, you can unblock with:
setsebool -P httpd_can_network_connect 1
You can test for the restriction by trying a socket to the LDAP server:
fsockopen('LDAP-Server-IP', 389);
It will give 'Permission Denied' showing it's blocked and not a credentials issue.
Also check your SELinux audit log file for other things being blocked.
168
Connect opens the session. Bind is what actually authenticates you. Thus you connected but did not login with valid credentials.
29
Sometime the problem will depend of your environment(Linux, Windows...) Try to bind with one of this options:
$connect = ldap_connect("ldap://".$ldap_server);
$auth_user = 'CN=XXX,OU=XXX,DC=XXX,DC=com';
$bind = ldap_bind($connect, $auth_user , $auth_pass);
or
$bind = ldap_bind($connect, 'YourDomaine\\'.$auth_user , $auth_pass);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
