Unable to bind to server: Not Supported when doing ldap_sasl_bind()

Question

I am trying to connect and bind to an AD using ldap_sasl_bind() but I get:

warning: 2 :: ldap_sasl_bind(): Unable to bind to server: Not Supported

I have confirmed using ldapsearch I can connect and get users from AD using a kerberos ticket stored using a keytab with kinit. I have also confirmed $KRB5CCNAME env variable has the correct cache path FILE:/tmp/krb5cc_501.

I have no idea what else I could try and since documentation and resources about PHP and LDAP/SASL is almost inexistent I would like to know if anybody else has faced an similar issue or if somebody has configured AD with SASL and connected from PHP successfully.

The PHP code:

$a = ldap_connect("ldap://ad.azure.com:389");
if (!$a) {
    die("cant connect!");
}
$b = ldap_sasl_bind($a, null, null, 'GSSAPI');
if (!$b) {
    die("SASL failed");
}

echo "CONNECTED";

Thank you

score 0 · Answer 1 · answered Mar 22 '23 at 19:30

0

I finally figured it out:

ldap_set_option($a, LDAP_OPT_PROTOCOL_VERSION, 3);

Before calling bind.

answered Mar 22 '23 at 19:30

ajibarra

58
1
5

Unable to bind to server: Not Supported when doing ldap_sasl_bind()

1 Answers1