Hi, I seem to be having difficulties connecting to the ldap server (which I'm told they think is an AD).
What it seems to be boiling down to is that Zend_Ldap is building the canonical username dn from the supplied username and the baseDn. From what I read it seems that in order to build the username dn the username dn and password must be passed as the config options before building the username dn for any other given username - which in some senses is kind of odd. Instead what I had to resort to was to build the username dn, and set the password into the config array prior to using the Zend_Ldap connector. Because if the username option is not in a dn format and the accountCanonicalForm is 1 (DN) then the initial ldap_bind even though it returns not false (i.e a respource) the subsequent search then fails because the bind did not have the correct credentials (ie. authorised and correct username dn). So the following will not work $options = array( 'host' => 'ldap.server.net', 'port' => 636, 'useSsl' => true, 'accountCanonicalForm' => 1, 'baseDn' => 'OU=People,DC=server,DC=net', 'bindRequiresDn' => true, ); $ldap = new Zend_Ldap($options); $canonicalName = $ldap->getCanonicalAccountName($username, Zend_Ldap::ACCTNAME_FORM_DN); Is there something to config that I'm missing, I have tried specifying various account Filters... but it seems to be the underlying issuer is that $username used in the initial ldap_bind is not in dn form unless set as part of the config options. -- Greg