Re: [PHP] ADS authentication

Thu, 13 May 2004 07:32:35 -0700


Hi Ray,

Finally I am able to authenticate my user to ADS using php. Thanks for your suggestions. My bind_dn was not correct. After that I have searched and found that using anonymous user we can not search in subtree of directory server. So first I used my credential to bind to directory server and then doing search in subtree.

If anybody need my help, I can provide him the code(offlist).

Cheers,

Kuldeep

Ray Hunter wrote:

On Tue, 2004-05-11 at 09:16, Kuldeep Singh Tomar wrote:


Hi,

Sorry for it. Can I get some help on this?



Here is what i used to query Exchange...now i am no windowz guru, but
from what i understand about exchange and ads exchange will send user
information to ads to be authenticated. So my work around was to all
user to authenticate against exchange ldap, which in turn sends it to
ads.

Just a note if the ldap can bind with the supplied username and password
then they were authenticated for their information.

--
Ray

Example:

<?php
// LDAP variables
$ldap[‘user’] = ‘uname’;
$ldap[‘pass’] = ‘password’;
$ldap[‘host’] = ‘ldap.example.com’;
$ldap[‘port’] = 389;
$ldap[‘dn’]   = ‘cn’.$ldap[‘user’].’,ou=Department,o=Company Name’;
$ldap[‘base’] = ‘’;

// connecting to ldap
$ldap[‘conn’] = ldap_connect( $ldap[‘host’], $ldap[‘port’] )
   or die( “Could not connect to server {$ldap[‘host’]} );

// binding to ldap
$ldap[‘bind’] = ldap_bind( $ldap[‘conn’], $ldap[‘dn’], $ldap[‘pass’] );

if( !$ldap[‘bind’] )
{
   echo ldap_error( $ldap[‘conn’] );
   exit;
}

// search for the user on the ldap server and return all
// the user information
$ldap[‘result’] = ldap_search( $ldap[‘conn’], $ldap[‘base’], ‘uid=’.$ldap[‘user’] );




if( $ldap[‘result’] )
{
   // retrieve all the entries from the search result
   $ldap[‘info’] = ldap_get_entries( $ldap[‘conn’], $ldap[‘result’] );
}
else
{
   echo ldap_error( $ldap[‘conn’] );
   exit;

}

if( $ldap[‘info’] )
{
   // Add the user’s department name and email address
   // to the session
   $_SESSION[‘userdept’] = $ldap[‘info’][0][‘department’][0];
   $_SESSION[‘usermail’] = $ldap[‘info’][0][‘mail’][0];
}
else
{
   echo ldap_error( $ldap[‘conn’] );
   exit;
}

// close connection to ldap server
$ldap_close( $ldap[‘conn’] );

?>






--
Kuldeep Singh Tomar
Open Source Specialist
VCLABS

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to