I couldn't accept the lack of anonymous bind for LDAP auth. So I updated the class.cldap.php to allow anonymous bind.
Replace the checkPass function in class.cldap.php with the checkPass function bellow. I just cut out the bindDN and password checks. This could probably be cleaned up further if desired.
When you configure LDAP auth, just leave the bind DN and password blank.
Replace the checkPass function in class.cldap.php with the checkPass function bellow. I just cut out the bindDN and password checks. This could probably be cleaned up further if desired.
When you configure LDAP auth, just leave the bind DN and password blank.
PHP Code:
public function checkPass($user, $pass) {
if (!$pass) {
return false;
}
if (!$this->connect()) {
return false;
}
$dn = null;
if (!$dn) {
// anonymous bind
if (!ldap_bind($this->ds)) {
return false;
}
$this->bound = 1;
return true;
// see if we can find the user
$this->info = $this->getUserData($user);
if (empty($this->info['dn'])) {
return false;
}
else {
$dn = $this->info['dn'];
}
$this->bound = 1;
return true;
}
return false;
}