I found this on the php site after some searching. I haven't been able to
test it yet since the PHP guy works nights:
http://us2.php.net/manual/en/ref.ldap.php
If anyone else has tried this, or could the original author (Jon) comment
please?
Thanks!
Chris
jon dot caplinger at broadwing dot com
08-Nov-2002 10:44
Here is an example of searching active directory in w2k. Active directory
requires a user account that has permissions to search the tree.
/* The following values are used for the example:
1. Domain = microsoft.com
2. Server = unstable
3. User = bgates
4. Password = iloveopensource
*/
// Get name value to search for from submitted form.
if (isset($HTTP_GET_VARS["name"])) {
$name = $HTTP_GET_VARS["name"];
}
$ldap_server = "ldap://unstable.microsoft.com";;
$auth_user = "[EMAIL PROTECTED]";
$auth_pass = "iloveopensource";
// Set the base dn to search the entire microsoft.com directory.
$base_dn = "DC=microsoft, DC=com";
/* filter the search for all people in the microsoft.com tree that have a
name that matches any one of the following attributes name, displayname, or
cn. */
$filter = "(&(objectClass=user)(objectCategory=person)
(|(name=$name*)(displayname=$name*)(cn=$name*)))";
// connect to server
if (!([EMAIL PROTECTED]($ldap))) {
die("Could not connect to ldap server");
}
// bind to server
if (!([EMAIL PROTECTED]($connect, $auth_user, $auth_pass))) {
die("Unable to bind to server");
}
// search active directory
if (!([EMAIL PROTECTED]($connect, $base_dn, $filter))) {
die("Unable to search ldap server");
}
$number_returned = ldap_count_entries($connect,$search);
$info = ldap_get_entries($connect, $search);
echo "The number of entries returned is ". $number_returned;
for ($i=0; $i<$info["count"]; $i++) {
echo "Name is: ". $info[$i]["name"];
echo "Display name is: ". $info[$i]["displayname"][0];
echo "Email is: ". $info[$i]["mail"][0];
echo "Telephone number is: ". $info[$i]["telephonenumber"][0];
}
-Original Message-
From: Michael Gallant [mailto:[EMAIL PROTECTED]
Sent: Friday, November 12, 2004 3:10 PM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] PHP / LDAP with Windows logon
I am interested if anyone has ever determined a way to do this or if
it is technically impossible.
To my knowledge, I don't know of any way to do that from a non-windows
server.
On Fri, 12 Nov 2004 08:40:03 -0500, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
> Hello, I have an issue with a PHP interface. We have many engineering
users
> who will be using a request ticket system developed in PHP here. We don't
> know in advance who will be using the system and there may be new people
in
> all the time. Currently I have to create a login for each person who needs
> to use the system, so I have to get a request for a login, create the
login,
> and fill in their contact information. Since we work with engineers on a
> 12-15 hour time difference, it might take a whole day or more to get the
> login id request filled before they can open a ticket. Plus there's the
> whole inconvenience of having to login to another website. The site is
> inside our secure intranet, so we don't really need a double layer of
> security.
>
> Since we normally logon to a Windows network, what I would like to do is
to
> detect the user's windows login id when he accesses the PHP page, and
> automatically reference his contact information from the windows LDAP
> server, so the user can be authenticated by his current windows login
> information, and not have to enter a separate login on the request page.
Is
> this possible, and what is an easy way to do this?
>
> Thanks!
>
> Chris
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
