[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP + MD5 + PHP != Work

To: openldap-software@OpenLDAP.org
Subject: OpenLDAP + MD5 + PHP != Work
From: Steven Hildreth <sphildreth@gmail.com>
Date: Tue, 31 Aug 2004 13:03:04 -0500

Hi, 

Attempting to connect to an OpenLDAP server to authenticate a
user, just want to see if the password the user passes is the stored
password if true. I can get the LDAP connection to connect to the
server, but unless I switch the LDAP server to use only clear I
continually get a 'Invalid Credentials' error (passwords dont match).
I am using LDAP MD5 to hash passwords on the server. If I take and
echo out the password the routine below is using and compare it to the
password on the server they match exactly?! Even if I include "{MD5}"
at the front it still always gives me "Invalid Credentials".

Here is an example of the code I am using to check the password:

function CheckPassword($username,$password){
 $dn = "uid=" . $username . ",ou=People,dc=<domain>,dc=net";
 $pw = trim(base64_encode(pack("H*",md5($password))));

 $ldapconn = ldap_connect("ldaps://<server_address>/") or die("Could
not connect to LDAP server!");

 if ($ldapconn) {
         $ldapbind = ldap_bind($ldapconn,$dn,$pw);
         if ($ldapbind) {
                 return true;
         }
 }
}

I am using OpenLDAP v2.1.30 and PHP 4.3.8, for what its worth I am
using Gentoo and my make flags include "ldap".

Thanks for any pointers.

Regards,
Steven

Follow-Ups:
- Re: OpenLDAP + MD5 + PHP != Work
  - From: "Matthew J. Smith" <matt.smith@uconn.edu>

Prev by Date: about ldap@umich.edu list
Next by Date: Re: about ldap@umich.edu list
Index(es):
- Chronological
- Thread