LDAP Error Invalid credentials

PHPMaker General Discussion (PHPMaker)
1

I have activated LDAP on PHPMaker 2025 and entered the following settings:

  • LDAP host name: 192.168.100.1
  • LDAP port number: 389
  • LDAP encryption: none
  • LDAP protocol version: 3
  • LDAP referrals:
  • LDAP base DN: OU=Local Users,DC=crik,DC=intra,DC=net
  • LDAP search DN: CN=admin,OU=Utenti Administrator,DC=crik,DC=intra,DC=net
  • LDAP search password: PASSWORD1234
  • LDAP default role (array): [“PUBLIC_ACCESS”]
  • LDAP UID key: sAMAccountName
  • LDAP extra fields (array):
  • LDAP filter: (sAMAccountName={user_identifier})
  • LDAP DN string: CN={user_identifier},OU=Local Users,DC=crik,DC=intra,DC=net
  • LDAP query string:
  • LDAP options (array):

With a verification attempt:

powershell

CopiaModifica

PS C:\Users\services> $username = "test"
PS C:\Users\services> $password = "test1234New" | ConvertTo-SecureString -AsPlainText -Force
PS C:\Users\services> $credential = New-Object System.Management.Automation.PSCredential($username, $password)
PS C:\Users\services> $ldapServer = "192.168.100.1:389"
PS C:\Users\services>
PS C:\Users\services> try {
>>     $ldapConnection = New-Object System.DirectoryServices.Protocols.LdapConnection($ldapServer)
>>     $ldapConnection.Credential = New-Object System.Net.NetworkCredential($username, $password, "CRIK")
>>     $ldapConnection.AuthType = [System.DirectoryServices.Protocols.AuthType]::Basic
>>     $ldapConnection.SessionOptions.ProtocolVersion = 3
>>     $ldapConnection.Bind()
>>     Write-Host "Authentication successful for user test!"
>> } catch {
>>     Write-Host "Authentication error: $_"
>> } finally {
>>     $ldapConnection.Dispose()
>> }

This returns “Authentication successful for user test!”, but when I try to log in via the web page, I get “ERROR Invalid Credentials”.

2

In your Powershell code you only use simple user name:

$username = "test"
...
System.Net.NetworkCredential($username, $password, "CRIK")

But in your project settings you use **DN string:** CN={user_identifier},OU=Local Users,DC=crik,DC=intra,DC=net. Are you sure it is correct?

Also, you set the filter as (sAMAccountName={user_identifier}), make sure it is correct for your LDAP server also.

3

PS C:\Users\services> Get-ADUser -Filter * -Properties sAMAccountName | Where-Object {$_.sAMAccountName -eq “test”}

DistinguishedName : CN=Test Test,OU=Local Users,DC=crik,DC=intra,DC=net
Enabled : True
GivenName : Test
Name : Test Test
ObjectClass : user
ObjectGUID : 60565647-b4b7-4299-be36-aea1306b6a74
SamAccountName : test
SID : S-1-5-21-746137067-1580436667-682003330-21816
Surname : Test
UserPrincipalName : test@xxx.intra.net

4

That means you need to login as “Test Test”, not “test”.

5

I also tried test test, but the problem remains.

In the PHP test page, it returns 'Binding with ‘crik\test’ succeeded!

<?php
$ldap_server = "ldap://192.168.100.1:389";
$ldap_user = "crik\\test";
$ldap_pass = "PASSWORD1234";
$ldap_base_dn = "dc=crik,dc=intra,dc=net";

$ldap_conn = ldap_connect($ldap_server);
if ($ldap_conn) {
    ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ldap_conn, LDAP_OPT_REFERRALS, 0);
    $bind = @ldap_bind($ldap_conn, $ldap_user, $ldap_pass);
    if ($bind) {
        echo "Binding con '$ldap_user' riuscito!";
        ldap_close($ldap_conn);
    } else {
        echo "Errore di binding: " . ldap_error($ldap_conn);
    }
} else {
    echo "Impossibile connettersi al server LDAP.";
}
?>
6

That means your LDAP dn string should be crik\{user_indentifier}.