Word of advice: PHP authentication against LDAP service

I see this problem a lot in various PHP scripts which are connecting to LDAP service.. Problem is not isolated to PHP environment only, but for some odd reason, PHP developers in majority end in this pitfall, while developers on using other popular programming languages usually handle this issue better.

Introduction to the problem

LDAP service authentication often poses a challenge to the developers who are engaging in LDAP-dependent services development for the first time. In general, your input data will be username and password, while for the succesful authentication against LDAP you need different info: DN (distinguished name) and a password.

So, in order to be able to authenticate user credentials against LDAP service, you have to make a relation between username as input variable and DN as a parameter LDAP service expects.

Again, LDAP service is very specific with its approach towards users, passwords and authentication. You might be able to retrieve DN using query such as

…even when your server bind is anonymous. Of course, that depends on the configuration of your LDAP service, but it’s not so rare occurrence that LDAP service allows such basic info as DN to be read through anonymous connections. Should it be allowed is a discussion for some  completely another occasion.

But the problem starts just here. Continue reading “Word of advice: PHP authentication against LDAP service”

HP 8560p: Gobi 3000, qcserial and GobiSerial blues…

Last year, our company has purchased HP Elitebook 8560p laptops in order for them to replace our aging old desktop replacement laptops. Since we are running exclusively on Linux (and sometimes Solaris, even as a home computer operating system :)), company is faced with eternal inner battle – wether it should buy laptops with preinstalled Windows OS or FreeDOS. Since we don’t want to throw good software away, we usually pick models with FreeDOS alternative available (HP seems not to sell linux-preloaded laptops in Croatia, if anywhere). So this model seemed like a perfect match for our needs – powerful hardware, very hip and up-to-date industrial design of its case more than slightly (but not enough for HP to get sued for that) resembling Macbook Pros, also delivers internal 3G modem interface so we can do our job on the road…

But, of course, there are problems. Continue reading “HP 8560p: Gobi 3000, qcserial and GobiSerial blues…”