BestHub
Sign in
Backend Development 5 min read

Using PHP LDAP Functions for Connecting, Binding, and Authenticating Users

This article demonstrates how to use PHP's LDAP functions to connect to an LDAP server, bind with credentials, and authenticate users by searching the directory, providing complete example code for each step.

php中文网 Courses
php中文网 Courses
php中文网 Courses
Using PHP LDAP Functions for Connecting, Binding, and Authenticating Users

LDAP (Lightweight Directory Access Protocol) is a protocol used to access and maintain distributed directory information. In web applications, LDAP is commonly used for user authentication and authorization. PHP provides a set of functions to implement LDAP connections and user authentication; let’s see how to use these functions.

1. Connect to LDAP Server

To connect to an LDAP server, we can use the ldap_connect function. Below is a sample code for connecting to an LDAP server:

<?php
$ldapserver = 'ldap.example.com';
$ldapport = 389; // default port

$ldapconn = ldap_connect($ldapserver, $ldapport)
    or die("Unable to connect to LDAP server: $ldapserver");
?>

In the code above, the ldap_connect function is used to connect to the specified LDAP server. If the connection succeeds, it returns an LDAP connection resource; otherwise it returns false . The or die statement handles connection failures.

2. Bind to LDAP Server

After connecting, we need to bind a user to the server using the ldap_bind function. Below is a sample binding code:

<?php
$ldaprdn = 'cn=admin,dc=example,dc=com';
$ldappass = 'adminpassword';

ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); // set protocol version to 3

$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);

if ($ldapbind) {
    echo "LDAP bind successful!";
} else {
    echo "LDAP bind failed!";
}
?>

In this code, ldap_bind binds the administrator user cn=admin,dc=example,dc=com to the LDAP server. Before binding, ldap_set_option sets the LDAP protocol version to 3.

3. User Authentication

Once bound, we can verify a user's username and password using ldap_search and ldap_get_entries . Below is a sample authentication script:

<?php
$username = 'user1';
$password = 'password1';

$searchFilter = "(uid=$username)";
$searchResult = ldap_search($ldapconn, 'ou=users,dc=example,dc=com', $searchFilter);
$entry = ldap_get_entries($ldapconn, $searchResult);

if ($entry['count'] == 1) {
    $ldaprdn = $entry[0]['dn'];
    $ldapbind = ldap_bind($ldapconn, $ldaprdn, $password);

    if ($ldapbind) {
        echo "User authentication successful!";
    } else {
        echo "Username or password incorrect!";
    }
} else {
    echo "User does not exist!";
}
?>

The script first uses ldap_search to locate the user's DN (Distinguished Name), then retrieves the entry with ldap_get_entries . If exactly one entry is found, the user's DN is used for a second ldap_bind to verify the password.

The above demonstrates the basic workflow and example code for connecting to an LDAP server and performing user authentication with PHP functions, enabling web applications to securely manage and authorize user access.

PHP8 Video Tutorial

Scan the QR code to receive free learning materials

BackendsecurityAuthenticationWeb DevelopmentPHPLDAP
php中文网 Courses
Written by

php中文网 Courses

php中文网's platform for the latest courses and technical articles, helping PHP learners advance quickly.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment