Comments (7)
Hi
This error is generated by PHP's ldap_bind()
function which is reporting that the credentials you've provided are not being accepted by the server. As such it is hard for me to tell you what exactly is wrong, but I might be able to point you in the right direction for figuring it out.
The top comment on the ldap_bind PHP manual page is about debugging issues binding with Active Directory. I would suggest that you take the PHP code from their comment, put it into a test.php
file with the correct LDAP server and login details and try running it from the command line (eg. php test.php
). Hopefully this might get you a more useful error message.
from ssh-key-authority.
Thanks for the reply.
I modified a little this diagnostic script.
<?php
$ldaphost = "xxx.xxx.xxx.xxx";
$ldapport = 389;
$bind_dn = "[email protected]";
$bind_password = "SomeStrongPass";
define(LDAP_OPT_DIAGNOSTIC_MESSAGE, 0x0032);
$handle = ldap_connect($ldaphost, $ldapport);
echo "$handle\n";
if ($handle) {
ldap_set_option($handle, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($handle, LDAP_OPT_REFERRALS, 0);
$bind = ldap_bind($handle, $bind_dn, $bind_password);
echo "$bind\n";
ldap_get_option($handle, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error);
echo "$extended_error\n";
}
?>
First run:
Resource id #4
1
Then I checked Reset User Passwords and Force Password Change at Next Logon in AD for ska user
Second run:
Resource id #4
PHP Warning: ldap_bind(): Unable to bind to server: Invalid credentials in /root/ad_bind_test.php on line 14
80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 773, v2580
Then I unchecked Reset User Passwords and Force Password Change at Next Logon and set Account has expired to 02.07.18.
3rd run:
Resource id #4
PHP Warning: ldap_bind(): Unable to bind to server: Invalid credentials in /root/ad_bind_test.php on line 14
80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 701, v2580
If I change $bind_dn to ska (without domain part after at) then I get error Invalid credentials too
4th run:
Resource id #4
PHP Warning: ldap_bind(): Unable to bind to server: Invalid credentials in /root/ad_bind_test.php on line 14
80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580
All of these tries mean that binding should be successfull, as I use settings in config.ini from 1st run.
from ssh-key-authority.
After escaping bind_dn and bind_password error Invalid credentials disappeared.
from ssh-key-authority.
Now I am having ldap_search error)
from ssh-key-authority.
Looks like you had success? You needed to escape some special characters in the bind_dn
and bind_password
?
from ssh-key-authority.
Sorry, term misuse. Actually I told about quoting not escaping.
Like this:
bind_dn = '[email protected]'
bind_password = 'SomeStrongPass'
from ssh-key-authority.
Right, it might be wise then for me to quote these values in config-sample.ini
so that others are less likely to encounter this problem.
from ssh-key-authority.
Related Issues (20)
- Help me for installation
- Allow admins to remove/revoke public keys of regular users HOT 1
- Data
- Problem with SQL Injection HOT 3
- Cant sync ssh HOT 4
- LDAP groups HOT 60
- Delete/Rename Server/Groups/User HOT 4
- Multiple hosts behind NAT HOT 9
- Logout Button
- Compatibility issue with php7.4 HOT 6
- Add LDAP user_filter and group_filter config settings HOT 12
- Multiple hosts with same IP address HOT 1
- openssh 8.8 not working anymore HOT 11
- LDAP: User does not exist. in /var/www/ssh-key-authority/model/user.php HOT 1
- explanation : difference between group named "root" and "root-accounts" ? HOT 1
- Server behind jump host
- How to create admin user? HOT 1
- o key acess 13.55.235.3
- tor
- Question
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssh-key-authority.