getMessage() . "\n"; } $err = ldap_error(ldap_connect('ldap://127.0.0.1')); echo "\n"; } tryBind('LDAP 389 plain', function () use ($host, $port389, $dn, $pw) { $c = ldap_connect("ldap://{$host}:{$port389}"); ldap_set_option($c, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($c, LDAP_OPT_REFERRALS, 0); if (! @ldap_bind($c, $dn, $pw)) { throw new RuntimeException(ldap_error($c) . ' / ' . ldap_errno($c)); } ldap_unbind($c); }); tryBind('LDAPS 636 (cert never on conn)', function () use ($host, $port636, $dn, $pw) { $c = ldap_connect("ldaps://{$host}:{$port636}"); ldap_set_option($c, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($c, LDAP_OPT_REFERRALS, 0); ldap_set_option($c, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_NEVER); if (! @ldap_bind($c, $dn, $pw)) { throw new RuntimeException(ldap_error($c) . ' / ' . ldap_errno($c)); } ldap_unbind($c); }); tryBind('LDAPS 636 (global TLS never)', function () use ($host, $port636, $dn, $pw) { putenv('LDAPTLS_REQCERT=never'); ldap_set_option(null, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_NEVER); $c = ldap_connect("ldaps://{$host}:{$port636}"); ldap_set_option($c, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($c, LDAP_OPT_REFERRALS, 0); if (! @ldap_bind($c, $dn, $pw)) { throw new RuntimeException(ldap_error($c) . ' / ' . ldap_errno($c)); } ldap_unbind($c); }); tryBind('LDAP 389 + StartTLS', function () use ($host, $port389, $dn, $pw) { putenv('LDAPTLS_REQCERT=never'); ldap_set_option(null, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_NEVER); $c = ldap_connect("ldap://{$host}:{$port389}"); ldap_set_option($c, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($c, LDAP_OPT_REFERRALS, 0); if (! @ldap_start_tls($c)) { throw new RuntimeException('start_tls: ' . ldap_error($c) . ' / ' . ldap_errno($c)); } if (! @ldap_bind($c, $dn, $pw)) { throw new RuntimeException('bind: ' . ldap_error($c) . ' / ' . ldap_errno($c)); } ldap_unbind($c); });