Error in LDAP bind (ldap_bind) when using SSL connection?

M

Max D.2015-01-14 16:28:19

PHP

Max D., 2015-01-14 16:28:19

Good day everyone!
Faced a problem when binding to LDAP (Active Directory on a Windows 2008 server) using an SSL connection (ldaps://...).
When executing the following code:

$ldapconn = ldap_connect("ldaps://192.168.11.0/", LDAP_PORT);
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
if ($ldapconn) {
  $ldapbind = ldap_bind($ldapconn, LDAP_DOMEN."\username", "passwd");
  ...
}

on the line with the ldap_bind function gives an error:

WARNING: ldap_bind() [function.ldap-bind]: Unable to bind to server: Can't contact LDAP server

If you use ldap:// instead of ldaps: // , that is, an unsecured connection, then the same code runs without errors. It is critical for me to use an SSL connection, since, apparently, it is necessary to change the password of an LDAP user by setting the unicodePwd parameter with the ldap_mod_replace function. Or perhaps there is another way to change the password in AD besides the above? PS By the way, in the comments on php.net there is a wonderful note on this subject: "Good luck! LDAPS can be a real bitch." :)