ldap_sasl_bind

(PHP 5, PHP 7, PHP 8)

ldap_sasl_bind — Bind to LDAP directory using SASL

Description

ldap_sasl_bind(
LDAP\Connection $ldap,
? string $dn = null ,
#[\SensitiveParameter] ? string $password = null ,
? string $mech = null ,
? string $realm = null ,
? string $authc_id = null ,
? string $authz_id = null ,
? string $props = null
): bool

Warning

This function is currently not documented; only its argument list is available.

Return Values

Returns true on success or false on failure.

Changelog

Version	Description
8.1.0	The `ldap` parameter expects an LDAP\Connection instance now; previously, a valid `ldap link` resource was expected.
8.0.0	`dn`, `password`, `mech`, `realm`, `authc_id`, `authz_id` and `props` are nullable now.

Notes

Note: Requirement
ldap_sasl_bind() requires SASL support (sasl.h). Be sure --with-ldap-sasl is used when configuring PHP otherwise this function will be undefined.

Found A Problem?

Learn How To Improve This Page • Submit a Pull Request • Report a Bug

+add a note

User Contributed Notes 4 notes

down

mbaynton ¶

11 years ago

A hint for debugging bind failures in your environment: many of the warnings PHP issues from this mehod begin "PHP Warning: ldap_sasl_bind(): Unable to bind to server: [reason]" where [reason] can be a variety of strings. This makes it appear the failure originates with ldap_sasl_bind, but all [reason]s really come from the underlying c function ldap_sasl_interactive_bind_s. That function is used by lots of software besides php, so I've found a greater wealth of troubleshooting information by searching the web for "ldap_sasl_interactive_bind_s [reason]"

down

devel at romanr dot info ¶

13 years ago

There is some reenterability bug: you can't use this function several times in a single process. PHP process (apache or fastcgi) should be restarted. Consider PHP_FCGI_MAX_REQUESTS=1

down

-2

dwhite at olp dot net ¶

18 years ago

With the patch introduced in the bug below (which has been included in CVS), the parameters for this function should be:

bool ldap_sasl_bind ( resource $link [, string $binddn [, string $password [, string $sasl_mech [, string $sasl_realm [, string $sasl_authc_id [, string $sasl_authz_id [, string $props]]]]]]] )

Some example calls:

$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy');

With authz_id, specifying a dn:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy', 'dn:uid=tommy,ou=people,dc=example,dc=com');

With authz_id, specifying a SASL username:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy', 'u:tommy');

Also, since SASL authentication was introduced in LDAP version 3,
you may need to explicitly set the version number with:
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);

down

-2

dahgdevash at gmail dot com ¶

18 years ago

Bug , the function parameters are sent incorrectly to the server
Look at:
http://bugs.php.net/bug.php?id=39291

+add a note