BestHub
Sign in
Backend Development 4 min read

Using PHP LDAP Functions for Connecting, Binding, and Authenticating Users

This article explains how to use PHP's LDAP functions to connect to an LDAP server, bind with credentials, and authenticate users, providing step‑by‑step code examples for each stage of the process.

php中文网 Courses
php中文网 Courses
php中文网 Courses
Using PHP LDAP Functions for Connecting, Binding, and Authenticating Users

LDAP (Lightweight Directory Access Protocol) is a protocol for accessing and maintaining distributed directory information, commonly used for user authentication and authorization in web applications. This guide demonstrates how to use PHP's LDAP functions to connect to an LDAP server, bind with credentials, and authenticate users.

1. Connect to LDAP Server

Use ldap_connect to establish a connection. The example below connects to ldap.example.com on the default port 389 and terminates with an error message if the connection fails.

<?php
$ldapserver = 'ldap.example.com';
$ldapport = 389; // 默认端口号
$ldapconn = ldap_connect($ldapserver, $ldapport)
    or die("无法连接到LDAP服务器:$ldapserver");
?>

2. Bind to LDAP Server

After establishing a connection, ldap_bind binds a user (e.g., the admin) to the server. The example sets the LDAP protocol version to 3 with ldap_set_option , then attempts the bind and reports success or failure.

<?php
$ldaprdn = 'cn=admin,dc=example,dc=com';
$ldappass = 'adminpassword';

ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); // 设置LDAP协议版本为3

$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);

if ($ldapbind) {
    echo "LDAP绑定成功!";
} else {
    echo "LDAP绑定失败!";
}
?>

3. User Authentication

To verify a user's credentials, ldap_search and ldap_get_entries retrieve the user's distinguished name (DN). If the user exists, ldap_bind is called again with the supplied password to confirm authentication, and appropriate messages are displayed.

<?php
$username = 'user1';
$password = 'password1';

$searchFilter = "(uid=$username)";
$searchResult = ldap_search($ldapconn, 'ou=users,dc=example,dc=com', $searchFilter);
$entry = ldap_get_entries($ldapconn, $searchResult);

if ($entry['count'] == 1) {
    $ldaprdn = $entry[0]['dn'];
    $ldapbind = ldap_bind($ldapconn, $ldaprdn, $password);

    if ($ldapbind) {
        echo "用户认证成功!";
    } else {
        echo "用户名或密码错误!";
    }
} else {
    echo "用户不存在!";
}
?>

The complete process shows how PHP can interact with LDAP to manage secure user authentication in web applications.

BackendAuthenticationPHPLDAPDirectory Services
php中文网 Courses
Written by

php中文网 Courses

php中文网's platform for the latest courses and technical articles, helping PHP learners advance quickly.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment