Menu
I've seen the following code snippet in many PHP scripts that are using the ldap extension. I've searched online but didn't find something helpful.
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
I know that the first line sets the ldap protocol version to 3. But what is the advantage of this version? Why is it needed?
But i really don't know what the second line is doing, can someone explain it to me?
449
asked Oct 15 '25 12:10
Over time there's been multiple versions of the LDAP protocol with incompatibilities. The latest version and the only viable one is version 3 (LDAPv2 has been set historical and deprecated). Many LDAP client libraries still offer support for both LDAPv2 and LDAPv3, and to show their age, they are still defaulting to LDAPv2, unless setting the option to use LDAPv3 (I don't know if that's still the case for PHP, but better be safe and set it explicitly).
The second line defines how the client library should handle Referrals returned by the server. A referral is an indication that the server cannot proceed with the request, but if you send the same request to the referred server, it should proceed. Client libraries can chase referrals automatically or not, but when they do, they will reuse exactly the same credentials as the initial request. Chasing referrals automatically can result to security issues. So it's wise to disable this by default as well.
172
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
