ldap_server = 'ldap://intranet.epul3a.local'; $this->service_dn = 'CN=Service LDAP Reader,CN=Users,DC=epul3a,DC=local'; $this->service_pwd = 'Test@123'; } public function connect() { $this->ad = ldap_connect($this->ldap_server) or die("❌ Impossible de se connecter au LDAP"); ldap_set_option($this->ad, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($this->ad, LDAP_OPT_REFERRALS, 0); } public function getUserDN($sAMAccountName) { $this->connect(); // Connexion avec le compte service if (!@ldap_bind($this->ad, $this->service_dn, $this->service_pwd)) { die("❌ Erreur de connexion avec svc_ldap_read : " . ldap_error($this->ad)); } // 🔥 Utilisation correcte du sAMAccountName (alias de connexion) $search_base = "DC=epul3a,DC=local"; $search_filter = "(sAMAccountName=$sAMAccountName)"; // 🔥 Remplace ici $search_result = ldap_search($this->ad, $search_base, $search_filter); $entries = ldap_get_entries($this->ad, $search_result); if ($entries["count"] > 0) { return $entries[0]["dn"]; // ✅ Retourne le DN correct } return false; // ❌ Utilisateur non trouvé } public function authenticate($sAMAccountName, $user_password) { $user_dn = $this->getUserDN($sAMAccountName); if (!$user_dn) { return ['success' => false, 'message' => 'Utilisateur introuvable']; } // Tentative de connexion avec le DN récupéré if (@ldap_bind($this->ad, $user_dn, $user_password)) { return ['success' => true, 'dn' => $user_dn]; } return ['success' => false, 'message' => 'Échec d\'authentification']; } public function close() { if ($this->ad) { ldap_close($this->ad); } } }