Hey there, I'm writing a PHP application that will use an LDAP server to authenticate. The LDAP server requires me to use a privileged DN/bindDN before I can authenticate my user.

I can do the first bind, using the privileged user settings provided, but then how do I authenticate my user? I see an ldap_compare function in PHP that I could use to compare the username and password provided by the user? Or do something different altogether.



every ldap server is a bit different, however, here's mine

$bindAs = "uid=" . $username . ,ou=Users,dc=yourdc,dc=com";
$ldapbind = @ldap_bind ($ldapconn, $bindAs, $password);
if ($ldapbind !== TRUE) 
ldap_close ($ldapconn);
return FALSE;

and to take it a step further, if you want to get that users attributes

$dn = 'ou=Users,dc=yourdc,dc=com';
            $filter = 'uid=' . $username;
            $attribs = array ('sambaacctflags', 'displayname', 'mail', 'uidnumber');
            $match = ldap_list ($ldapconn, $dn, $filter, $attribs);
            $info = ldap_get_entries ($ldapconn, $match);