M the lines applying to idconfig # Update all the shared library links: #if [ -x /sbin/ldconfig ]; then # echo "Updating shared library links: /sbin/ldconfig" # /sbin/ldconfig #fi then i added the lines to /etc/rc.d/rc.local #!/bin/sh # # /etc/rc.d/rc.local: Local system initialization script. M will not load idconfig at startup enabling it in rc.local as i did , does allow it right after 5 minutes, if i do not comment it in rc.This is useful if a user must change their password at first login (Data: 773), or if their account has expired on the network (Data: 532).
I don't see these instructions anywhere on the php site.
Maybe they're on the Open LDAP site, but I thought it would be useful to have here as well.
Provided below is a brief description and example of how this vulnerability can arise.
My connection code was as follows (nothing new here, I don't think): A number of examples and implementations of authentication schemes which use LDAP simple binds to authenticate users fail to properly sanitize user-submitted data.
This can allow for an anonymous user to authenticate to a web-based application as an existing user.
Interesting point,if you can't bind to active directory with the error "49: Invalid Credentials", you can get the extended error output from the ldap_get_option function, using the option: LDAP_OPT_DIAGNOSTIC_MESSAGE.Unfortunately php hasn't defined this by default, but it's value is 0x0032.# # Put any local setup commands in here: /usr/bin/echo "idconfig" | /usr/bin/at now +5minutes this is what i followed from a thread a few weeks ago. then when i reboot , i recieve warning : commands will be executed using (in order) a) $SHELL b) login shell c) /bin/sh job 4 at 2005-06-23 is something wrong? Credit goes to a dude known as 'LRM', and I found my solution here: setup is XAMPP on Win XP.###### Apache Friends XAMPP (basic package) version 1.6.3a ###### + Apache 2.2.4 + My SQL 5.0.45 + PHP 5.2.3 + PHP 4.4.7 + PEAR + PHP-Switch win32 1.0 (please use the "php-switch.bat") + XAMPP Control Version 2.5 from XAMPP Security 1.0 + SQLite 2.8.15 + Open SSL 0.9.8e + php My Admin 2.10.3 + ADOdb 4.95 + Mercury Mail Transport System v4.01b + File Zilla FTP Server 0.9.23 + Webalizer 2.01-10 + Zend Optimizer 3.3.0 + e Accelerator 0.9.5.1 for PHP 5.2.3 (comment out in the php.ini)1. The reason is, I think, because it doesn't understand the certificate, so this directive tells it to not bother checking it.create C:\Open LDAP\sysconf\(Yes, it MUST be this path because it's hard-coded in the dll)2. I guess that could be unsafe in some cases, but in my case I'm confident with the server I'm connecting to.