Ubuntu and LDAPS (LDAP over SSL)

I recently discovered a problem where I needed Ubuntu to interact with Active Directory using LDAPS, I had a requirement to use the secure version so I could change user passwords.

A quick and easy way to get Ubuntu to connect without worrying about certificate security settings etc simply edit the file:

/etc/apache2/mods-available/ldap.conf
To look like this: ``` PHP TLS_REQCERT never TLS_REQCERT never SetHandler ldap-status Require local ``` After this I was able to connect but was still getting the error message:
Server Unwilling To Perform
This was because I was trying to set the password in plain text like: ``` PHP $ldaprecord["unicodepwd"] = 'MyPassword1234'; ``` You need to encode it first so once I changed my code to this it works: ``` PHP ## Create Unicode password $pwdtxt = "MyPassword1234"; $newPassword = "\"" . $pwdtxt . "\""; $len = strlen($newPassword); $newPassw = ""; for($i=0;$i<$len;$i++) { $newPassw .= "{$newPassword{$i}}\000"; }

$ldaprecord["unicodepwd"] = $newPassw;