ldap_search() error

As I have mentioned in other threads, I cannot test my module against AD. I have no handy AD server to test it against, so I am blindfolded when it comes to further the AD integration. I use an OpenLDAP server for my tests, and everything runs just fine.

Again, I take this opportunity to plead for somebody to give me access to an AD directory where I can test my module.

This is a complete hack, but here's what I did to make it work. In the LDAPInterface.php file, replace the contents of the search function (around line 122 I think) with something like this:

$ret = array();
$ad=ldap_connect("ldap://your_ad_server");
ldap_set_option($ad,LDAP_OPT_PROTOCOL_VERSION,3);
ldap_set_option($ad,LDAP_OPT_REFERRALS,0);
$bd=ldap_bind($ad,"DOMAIN\username","password");
$dn="ou=your org,dc=example,dc=com";
$x = ldap_search($ad,$dn,$filter);

if ($x && ldap_count_entries($this->connection, $x)) {
$ret = ldap_get_entries($this->connection, $x);
}
ldap_close($ad);
return $ret;

Make sure to replace the appropriate variables (your domain, user/pass, etc). Not sure why it throws the errors, but I got sick of messing with it and wrote a php script that worked, and just pasted it all in to this search function.

If I have time later, I'll figure out the right way to fix the code, but this at least got me to where I can get users to be able to log in. I have it working with the ldapgroups, though the ldapdata isn't working right yet.

I have commited today a new version that allows admins to specify a DN//pass pair that will be used in pre-authentication LDAP searches.

This should fix the problem of the module being unable to authenticate users against LDAP directories with restricted/disallowed anonymous searches. Reading the code provided by Jason on #2, that seems to be the problem here.

Wooooo!. At last, good news for AD users. Thanks a lot!