Currently, I am able to login using the username and password. I wish to be able to login using email address instead of the username. How do you suggest I do it?
Script:
$ldap['username'] = "domain\user123";
$ldap['password'] = "password123";
$ldap['host'] = 'site.domain.com';
$ldap['port'] = 389;
$ldap['dn'] = "CN=Users, DC=domain, DC=com";
$ldap['conn'] = ldap_connect( $ldap['host'], $ldap['port'] )
or die("Could not connect to {$ldap['host']}" );
$ldap['bind'] = ldap_bind($ldap['conn'], $ldap['username'], $ldap['password']);
if( !$ldap['bind'] )
{
echo "Failed";
}
else if( $ldap['bind'] )
{
echo "Success";
}
Any help would be very much appreciated.
Thanks so much!
You will have to bind with a user with read-access to the LDAP-server, search for the DN of the user with the email-address in question and then use that DN to do a second bind. If the second bind is successful the user is logged in, if the second bind fails, the login fails.
I've created a gist showing that process at https://gist.github.com/heiglandreas/5689592
Not the email Address, unless it is the same as the userPrincipalName.
When using Microsoft Active Directory, you can bind with the userprincipal name, samAccountName (typically you need domain\samAccountName) and of course the DN.