What error do you get from the code?

The code looks like it is using the user credentials, including password:

     //construct login name
     $user = $this->username . LDAP__USERNAME_EXT;

     //bind with the username and password
     $bind = ldap_bind($ldapconn, $user, $this->password);

so it is doing more than just checking for the existence of the user name.


On 13/04/2016 11:56, Spark, Alistair wrote:
> Hi Paul,
> No, it does an authenticated check that the account exists rather than
> with the end user’s credentials or anonymous which WebPA does at the moment
> This bit in particular implements it in PHP with bind dn -
> I figured the above could inspire a PHP dev to get that working.
> Thanks
> Alistair
>> On 13 Apr 2016, at 11:49, Paul Newman <[log in to unmask]
>> <mailto:[log in to unmask]>> wrote:
>> Hi,
>> Unfortunately, I don’t know enough about LDAP/AD to know what's
>> missing here.
>> Is the DN binding simply a case of using  'dc=example,dc=com,-name
>> username'  instead of  [log in to unmask]
>> <mailto:[log in to unmask]>'  or is there a lot more to it?
>> --
>> Paul Newman
>> ------------------------------------------------------
>> Senior PHP Developer
>> Centre for Engineering and Design Education
>> Loughborough University
>> ------------------------------------------------------
>> From: Spark, Alistair
>> Subject: Re: WebPA LDAP support
>> Hi Claudio,
>> I came to same conclusion as you - tried setting up WebPA for prod
>> last week and came to the same conclusion & from the looks of this
>> mailing lists’s archives no one has been able to get LDAP working in
>> the last year due to this limitation. Seeing as similar threads to
>> this one have remained without answer.
>> We’re very much at a piloting stage so have resorted to manual
>> accounts. Alternatively, I did note along the way though that an LTI
>> 2.0 integration is being worked on currently, this would allow for
>> seamless integration with all VLEs including memberships & group syncs
>> I believe which would make that integration a lot more useful.
>> Figured that if the pilot is successful we’ll have to invest
>> development time in getting this working, or just use LTI 2.0 if it
>> addresses our needs.
> RVC Logo - link to RVC Website <> Twitter icon -
> link to RVC (Official) Twitter <>
> Facebook icon - link to RVC (Official) Facebook
> <> YouTube icon - link to RVC YouTube
> <> Pinterest
> icon - link to RVC Pinterest <>
> Instagram icon - link to RVC Instagram
> <>
> This message, together with any attachments, is intended for the stated
> addressee(s) only and may contain privileged or confidential
> information. Any views or opinions presented are solely those of the
> author and do not necessarily represent those of the Royal Veterinary
> College (RVC). If you are not the intended recipient, please notify the
> sender and be advised that you have received this message in error and
> that any use, dissemination, forwarding, printing, or copying is
> strictly prohibited. Unless stated expressly in this email, this email
> does not create, form part of, or vary any contractual or unilateral
> obligation. Email communication cannot be guaranteed to be secure or
> error free as information could be intercepted, corrupted, amended,
> lost, destroyed, incomplete or contain viruses. Therefore, we do not
> accept liability for any such matters or their consequences.
> Communication with us by email will be taken as acceptance of the risks
> inherent in doing so.