問題描述

首先，這可能不是一個編程問題，而是一個如何配置 LDAPS 的問題，但這里...

First of all, this may be less of a programming question and more of a how do I configure LDAPS question, but here goes...

背景信息:

我有兩臺 Windows 2008 R2 服務器.一個是帶有 Active Directory (AD) 的域控制器 (DC)，我想通過 LDAP 與之通信.這個名為 TestBox.TestDomain.local.另一臺服務器正在運行 IIS、PHP(使用 ldap 和 openssl)和 mySQL.

I have two Windows 2008 R2 servers. One is a domain controller (DC) with Active Directory (AD) that I want to communicate with via LDAP. This one is named TestBox.TestDomain.local. The other server is running IIS, PHP (with ldap and openssl), and mySQL.

什么有效/無效:

我可以通過端口 389 成功連接到不安全的 DC 并將數據讀/寫到 AD.我不能更改或設置用戶密碼，因為這需要使用 LDAPS(帶 SSL 的 LDAP)通過端口 636 進行安全連接.

I can successfully connect to the DC unsecured over port 389 and read/write data to AD. What I can't do is change or set user passwords since this requires a secure connection using LDAPS (LDAP w/ SSL) over port 636.

我需要什么幫助:

我已嘗試使用此處提供的信息安裝 Active Directory 證書服務 (AD CS) 并將 DC 配置為充當證書頒發機構 (CA):http://technet.microsoft.com/en-us/library/cc770357(WS.10).aspx 但不管我的嘗試無法通過 LDAPS 建立連接.

I have tried installing Active Directory Certificate Services (AD CS) and configuring the DC to act as a Certificate Authority (CA) using information found here: http://technet.microsoft.com/en-us/library/cc770357(WS.10).aspx but no matter what I try I can't get a connection over LDAPS to work.

示例代碼:

創建 LDAP 連接

function ldapConnect(){
    $ip = "100.200.300.400";  // WAN IP goes here;
    $ldap_url = "ldap://$ip";
    $ldaps_url = "ldaps://$ip";
    $ldap_domain = 'testdomain.local';
    $ldap_dn = "dc=testdomain,dc=local";

    // Unsecure - WORKS
    $ldap_conn = ldap_connect( $ldap_url ) or die("Could not connect to LDAP server ($ldap_url)");
    //alternate connection method 
    //$ldap_conn=ldap_connect( $ip, 389 ) or die("Could not connect to LDAP server (IP: $ip, PORT: 389)");  

    // Secure - DOESN'T WORK
    //$ldap_conn = ldap_connect( $ldaps_url ) or die("Could not connect to LDAP server ($ldaps_url)");
    //alternate connection method 
    //$ldap_conn=ldap_connect( $ip, 636 ) or die("Could not connect to LDAP server (IP: $ip, PORT: 636)");  

    ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);

    $username = "AdminUser";
    $password = "AdminPass"; 

    // bind using admin username and password
    // could also use dn... ie. CN=Administrator,CN=Users,DC=TestDomain,DC=local
    $result = ldap_bind($ldap_conn, "$username@$ldap_domain", $password ) or die("<br>Error: Couldn't bind to server using supplied credentials!");

    if($result){
        return $ldap_conn;
    }else{
        die("<br>Error: Couldn't bind to server using supplied credentials!");
    }
}

向 Active Directory 添加新用戶

Adding a New User to Active Directory

function ldapAddUser($ldap_conn, $ou_dn, $firstName, $lastName, $username, $pwdtxt, $email){
    $dn = "CN=$firstName $lastName,".$ou_dn;

    ## Create Unicode password
    $newPassword = """ . $pwdtxt . """;
    $len = strlen($newPassword);
    $newPassw = "";
    for($i=0;$i<$len;$i++) {
        $newPassw .= "{$newPassword{$i}}

主站蜘蛛池模板：
99精品99|
欧美精品中文字幕久久二区
|
免费中文字幕日韩欧美
|
久久亚洲精品视频
|
国产精品成人在线播放
|
伊人色综合久久久天天蜜桃
|
欧美国产精品一区二区三区
|
求个av网址
|
h视频在线免费观看
|
亚洲精品免费观看
|
亚洲精品电影网在线观看
|
午夜影院普通用户体验区
|
91精品国产91综合久久蜜臀
|
麻豆国产一区二区三区四区
|
国产精品www
|
wwwww在线观看
|
久久久成人精品
|
成人做爰www免费看
午夜精品久久久久久久久久久久
|
一区二区不卡
|
福利视频一区二区三区
|
欧美性网
|
青草青草久热精品视频在线观看
|
日韩欧美一区在线
|
欧美国产精品一区二区
|
h肉视频|
欧美九九
|
狠狠色狠狠色综合系列
|
免费精品
|
激情网站|
欧美在线a
|
久久高清国产视频
|
亚洲精品一区二区三区丝袜
|
男人天堂999
|
欧美一区二区在线观看
|
国内自拍视频在线观看
|
日韩精品二区
|
国产免费自拍
|
每日更新av
|
欧美v在线观看
|
亚洲午夜精品在线观看
|
国产精品久久国产精品
|