PHP Conference Nagoya 2025

ldap_sasl_bind

(PHP 5, PHP 7, PHP 8)

ldap_sasl_bindBind to LDAP directory using SASL

Description

ldap_sasl_bind(
    LDAP\Connection $ldap,
    ?string $dn = null,
    #[\SensitiveParameter] ?string $password = null,
    ?string $mech = null,
    ?string $realm = null,
    ?string $authc_id = null,
    ?string $authz_id = null,
    ?string $props = null
): bool
Warning

This function is currently not documented; only its argument list is available.

Return Values

Returns true on success or false on failure.

Changelog

Version Description
8.1.0 The ldap parameter expects an LDAP\Connection instance now; previously, a valid ldap link resource was expected.
8.0.0 dn, password, mech, realm, authc_id, authz_id and props are nullable now.

Notes

Note: Requirement
ldap_sasl_bind() requires SASL support (sasl.h). Be sure --with-ldap-sasl is used when configuring PHP otherwise this function will be undefined.

add a note

User Contributed Notes 4 notes

up
3
mbaynton
10 years ago
A hint for debugging bind failures in your environment: many of the warnings PHP issues from this mehod begin "PHP Warning: ldap_sasl_bind(): Unable to bind to server: [reason]" where [reason] can be a variety of strings. This makes it appear the failure originates with ldap_sasl_bind, but all [reason]s really come from the underlying c function ldap_sasl_interactive_bind_s. That function is used by lots of software besides php, so I've found a greater wealth of troubleshooting information by searching the web for "ldap_sasl_interactive_bind_s [reason]"
up
0
devel at romanr dot info
12 years ago
There is some reenterability bug: you can't use this function several times in a single process. PHP process (apache or fastcgi) should be restarted. Consider PHP_FCGI_MAX_REQUESTS=1
up
-2
dwhite at olp dot net
17 years ago
With the patch introduced in the bug below (which has been included in CVS), the parameters for this function should be:

bool ldap_sasl_bind ( resource $link [, string $binddn [, string $password [, string $sasl_mech [, string $sasl_realm [, string $sasl_authc_id [, string $sasl_authz_id [, string $props]]]]]]] )

Some example calls:

$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy');

With authz_id, specifying a dn:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy', 'dn:uid=tommy,ou=people,dc=example,dc=com');

With authz_id, specifying a SASL username:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy', 'u:tommy');

Also, since SASL authentication was introduced in LDAP version 3,
you may need to explicitly set the version number with:
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
up
-2
dahgdevash at gmail dot com
17 years ago
Bug , the function parameters are sent incorrectly to the server
Look at:
http://bugs.php.net/bug.php?id=39291
To Top