The LDAP interface for AD requires you to communicate using DNs. In order to authenticate a user, you must first find this username - fortunately, you can find the DN by doing an LDAP search.
If you configured AD to allow anonymous requests (do not do this if you are not sure that everything is in order with a decrease in security), you can do
ldap_bind($connect, "", "") $sr = ldap_search($connect, $base_dn, "(sAMAccountName=$username)")
And then retrieve this user DN and proceed to recovery with the DN and user password.
If you did not enable anonymous binding, you use the application identifier for the initial search, for example:
ldap_bind($connect, "DN=LDAP_App,OU=Users,DC=Domain,DC=com", "thePassword") $sr = ldap_search($connect, $base_dn, "(sAMAccountName=$username)")
Then, as above, retrieve this username and proceed with the reconfiguration.
source share