PHP LDAP connection authenticates without DN information

Question

It is the first time I am working with PHP 5 LDAP library and I am a bit confused. I would be very happy if anyone could give me some clarifications on the following:

First of all let me give my configurations:

LDAP server: Windows Server 2013 Active Directory

Hostname: winad

Domain: domain.local

IP: 1.1.1.1 (for the sake of explaining)

Windows Account used for binding: Administrator

Ping hostname from dev machine works

Ping ip from dev machine works

Ping winad.domain.local from dev machine fails

Development Environment: Windows 8 Professional with WAMP

PHP: 5.3.13

PHP LDAP Module loaded and working

Apache LDAP module not loaded

Scenario:

I am trying to authenticate a user against the Windows AD with the administrator account for a start. Here is a sample of my code:

I will be using these variables in the various scenarios below:

$hostname = "winad";
$dnex= "uid=Administrator, ou=Users, dc=domain, dc=local";

Code that works:

$conn = ldap_connect($hostname);
$bind = ldap_bind($conn, "DOMAIN\Administrator", "password");

Code that fails:

$conn = ldap_connect($hostname);
$bind = ldap_bind($conn, $dnex, "password");

Error: Invalid credentials

Now my question is why does it fails when I specify a dn?

Let say I have location1.domain.local and location2.domain.local and I want to bind only with location2, it does not seem possible without specifying the dn.

Can somebody show the right way to proceed?

Answer 1

After some more search I found the following post:

PHP LDAP Connection

The response from AlexC answered my question correctly.

Hope this is helpful.