From: Robert F. <rf...@mo...> - 2002-11-22 10:31:34
|
Hi Martin, >> >> Maybe I am missing something here, but why not just use ldap_bind() as >> normal? >> >> ldap_bind ($link [, string rdn [, string password]]) >> >> ldap_bind() in PHP is a small wrapper for ldap_bind(3) (found in >> ldap.h) >> which takes care of authentication for you. The idea is to do >> authentication independently of the actual ldap-tree so you *don't* have >> to write pages of code just for that. >> >> See http://www.php.net/manual/en/function.ldap-bind.php or >> ldap_bind(3) >> and then throw away all redundant ldap mantis code. :-) > >Hmm, my bad I guess. > >I thought you were trying to do ldapauth manually, and now see that >you are in fact using ldap_bind (though I cant really tell *why* the >code does what it does.) My LDAP server is set up so that users have to authenticate before reading any of the information, including any of the actual DN's. In addition, the Users are not in just one section of the tree. The code sample I supplied allows a known account with sufficient priviledges to look up any DN's matching the user name, and then iterates through the returned results, and does another ldap_bind on each record and the password to find the right record. (There are a few issues with this approach, I know, I just haven't had time to deal with them as yet) There are some other statements in there that are used to gather information that my App requires. It was late at night, and I couldn't be bothered cleaning up the example :) Rob. |