I have several other apps that are authentication against it and a couple of them do not allow plain (MD5 and CRYPT only).
Thanks, Steven On Mon, 30 Aug 2004 20:17:23 -0700, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I don't think this will work. Why do you need to MD5 the passwd if you > sending it over LDAPS:?? (LDAP over SSL)????? > > Thanks. > Saqib Ali > http://validate.sf.net > > Steven Hildreth <[EMAIL PROTECTED]> wrote on 08/30/2004 06:33:32 PM: > > > > > Hi, Attempting to connect to an OpenLDAP server to authenticate a > > user, just want to see if the password the user passes is the stored > > password if true. I can get the LDAP connection to connect to the > > server, but unless I switch the LDAP server to use only clear I > > continually get a 'Invalid Credentials' error (passwords dont match). > > I am using LDAP MD5 to hash passwords on the server. If I take and > > echo out the password the routine below is using and compare it to the > > password on the server they match exactly?! Even if I include "{MD5}" > > at the front it still always gives me "Invalid Credentials". > > > > Here is an example of the code I am using to check the password: > > > > function CheckPassword($username,$password){ > > $dn = "uid=" . $username . ",ou=People,dc=<domain>,dc=net"; > > $pw = trim(base64_encode(pack("H*",md5($password)))); > > > > $ldapconn = ldap_connect("ldaps://<server_address>/") or die("Could > > not connect to LDAP server!"); > > > > if ($ldapconn) { > > $ldapbind = ldap_bind($ldapconn,$dn,$pw); > > if ($ldapbind) { > > return true; > > } > > } > > } > > > > I am using OpenLDAP v2.1.30 and PHP 4.3.8, for what its worth I am > > using Gentoo and my make flags include "ldap". > > > > Thanks for any pointers. > > > > Regards, > > Steven > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
