問題描述

首先，這可能不是一個編程問題，而是一個如何配置 LDAPS 的問題，但這里...

First of all, this may be less of a programming question and more of a how do I configure LDAPS question, but here goes...

背景信息:

我有兩臺 Windows 2008 R2 服務器.一個是帶有 Active Directory (AD) 的域控制器 (DC)，我想通過 LDAP 與之通信.這個名為 TestBox.TestDomain.local.另一臺服務器正在運行 IIS、PHP(使用 ldap 和 openssl)和 mySQL.

I have two Windows 2008 R2 servers. One is a domain controller (DC) with Active Directory (AD) that I want to communicate with via LDAP. This one is named TestBox.TestDomain.local. The other server is running IIS, PHP (with ldap and openssl), and mySQL.

什么有效/無效:

我可以通過端口 389 成功連接到不安全的 DC 并將數據讀/寫到 AD.我不能更改或設置用戶密碼，因為這需要使用 LDAPS(帶 SSL 的 LDAP)通過端口 636 進行安全連接.

I can successfully connect to the DC unsecured over port 389 and read/write data to AD. What I can't do is change or set user passwords since this requires a secure connection using LDAPS (LDAP w/ SSL) over port 636.

我需要什么幫助:

我已嘗試使用此處提供的信息安裝 Active Directory 證書服務 (AD CS) 并將 DC 配置為充當證書頒發機構 (CA):http://technet.microsoft.com/en-us/library/cc770357(WS.10).aspx 但不管我的嘗試無法通過 LDAPS 建立連接.

I have tried installing Active Directory Certificate Services (AD CS) and configuring the DC to act as a Certificate Authority (CA) using information found here: http://technet.microsoft.com/en-us/library/cc770357(WS.10).aspx but no matter what I try I can't get a connection over LDAPS to work.

示例代碼:

創建 LDAP 連接

function ldapConnect(){
    $ip = "100.200.300.400";  // WAN IP goes here;
    $ldap_url = "ldap://$ip";
    $ldaps_url = "ldaps://$ip";
    $ldap_domain = 'testdomain.local';
    $ldap_dn = "dc=testdomain,dc=local";

    // Unsecure - WORKS
    $ldap_conn = ldap_connect( $ldap_url ) or die("Could not connect to LDAP server ($ldap_url)");
    //alternate connection method 
    //$ldap_conn=ldap_connect( $ip, 389 ) or die("Could not connect to LDAP server (IP: $ip, PORT: 389)");  

    // Secure - DOESN'T WORK
    //$ldap_conn = ldap_connect( $ldaps_url ) or die("Could not connect to LDAP server ($ldaps_url)");
    //alternate connection method 
    //$ldap_conn=ldap_connect( $ip, 636 ) or die("Could not connect to LDAP server (IP: $ip, PORT: 636)");  

    ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);

    $username = "AdminUser";
    $password = "AdminPass"; 

    // bind using admin username and password
    // could also use dn... ie. CN=Administrator,CN=Users,DC=TestDomain,DC=local
    $result = ldap_bind($ldap_conn, "$username@$ldap_domain", $password ) or die("<br>Error: Couldn't bind to server using supplied credentials!");

    if($result){
        return $ldap_conn;
    }else{
        die("<br>Error: Couldn't bind to server using supplied credentials!");
    }
}

向 Active Directory 添加新用戶

Adding a New User to Active Directory

function ldapAddUser($ldap_conn, $ou_dn, $firstName, $lastName, $username, $pwdtxt, $email){
    $dn = "CN=$firstName $lastName,".$ou_dn;

    ## Create Unicode password
    $newPassword = """ . $pwdtxt . """;
    $len = strlen($newPassword);
    $newPassw = "";
    for($i=0;$i<$len;$i++) {
        $newPassw .= "{$newPassword{$i}}

主站蜘蛛池模板：
亚洲三级在线观看
|
久久久久久久国产
|
97超碰人人|
久久综合伊人
|
91精品久久久久久久久久入口
|
91亚洲一区
|
日韩精品一区二区三区在线观看
|
成人三级影院
|
91国内产香蕉
|
欧美一区二区三区在线看
|
密色视频
|
欧美日韩专区
|
欧美日韩亚洲国产综合
|
久久久久久99
|
欧美精品一区久久
|
91精品久久久久久久
|
日日操操|
国产91综合|
久久久久久久久久久久久9999
|
99日韩|
亚洲国产午夜
|
精品国产乱码久久久久久牛牛
|
国产高潮好爽受不了了夜色
|
成人性视频在线播放
|
久操亚洲|
人人天天操
|
国产精品精品视频
|
亚洲精品视频免费观看
|
国产色婷婷|
91精品一区二区
|
久久国产欧美日韩精品
|
a a毛片|
男女羞羞视频在线观看
|
成人影院在线
|
免费av观看|
国产精品视频网
|
国产成人精品午夜视频免费
|
伊人网伊人网
|
国产超碰人人爽人人做人人爱
|
免费在线一区二区
|
欧美日韩一区精品
|