Re: [PHP] ADS authentication
Hi Ray, Finally I am able to authenticate my user to ADS using php. Thanks for your suggestions. My bind_dn was not correct. After that I have searched and found that using anonymous user we can not search in subtree of directory server. So first I used my credential to bind to directory server and then doing search in subtree. If anybody need my help, I can provide him the code(offlist). Cheers, Kuldeep Ray Hunter wrote: On Tue, 2004-05-11 at 09:16, Kuldeep Singh Tomar wrote: Hi, Sorry for it. Can I get some help on this? Here is what i used to query Exchange...now i am no windowz guru, but from what i understand about exchange and ads exchange will send user information to ads to be authenticated. So my work around was to all user to authenticate against exchange ldap, which in turn sends it to ads. Just a note if the ldap can bind with the supplied username and password then they were authenticated for their information. -- Ray Example: ?php // LDAP variables $ldap[user] = uname; $ldap[pass] = password; $ldap[host] = ldap.example.com; $ldap[port] = 389; $ldap[dn] = cn.$ldap[user].,ou=Department,o=Company Name; $ldap[base] = ; // connecting to ldap $ldap[conn] = ldap_connect( $ldap[host], $ldap[port] ) or die( Could not connect to server {$ldap[host]} ); // binding to ldap $ldap[bind] = ldap_bind( $ldap[conn], $ldap[dn], $ldap[pass] ); if( !$ldap[bind] ) { echo ldap_error( $ldap[conn] ); exit; } // search for the user on the ldap server and return all // the user information $ldap[result] = ldap_search( $ldap[conn], $ldap[base], uid=.$ldap[user] ); if( $ldap[result] ) { // retrieve all the entries from the search result $ldap[info] = ldap_get_entries( $ldap[conn], $ldap[result] ); } else { echo ldap_error( $ldap[conn] ); exit; } if( $ldap[info] ) { // Add the users department name and email address // to the session $_SESSION[userdept] = $ldap[info][0][department][0]; $_SESSION[usermail] = $ldap[info][0][mail][0]; } else { echo ldap_error( $ldap[conn] ); exit; } // close connection to ldap server $ldap_close( $ldap[conn] ); ? -- Kuldeep Singh Tomar Open Source Specialist VCLABS -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re:
Hi All, I am working on one Document Management System which I am running on linux. I have added this system to win2000 Active Directory server. Now, I want to authenticate my all users for DMS through this Win2k server and search on directory server. So, I am trying to connect to Active Directory server using php-ldap function, but every time it says that my password is not correct. I am using the example given at the site: |function checkNTUser ($username,$password) { $ldapserver = 'Your Server'; $ds=ldap_connect($ldapserver); if ($ds) { $dn=cn=$username,cn=Users, DC=[sitename], DC=[sitesuffix]; [EMAIL PROTECTED]($ds,$dn,$password); if ($r) { return true; } else { return false; } } } I am really in crisis. Can somebody on list help me.Thanks in advance. With Regards, Kuldeep Singh Daniel Clark wrote: You need to name your session variables, but no name for session_start(). It is necessary to always name your sessions?or is session_start() sufficient? Thanks, Eddie -- Kuldeep Singh Tomar Open Source Specialist VCLABS -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] ADS authentication
Hi, Sorry for it. Can I get some help on this? Regards, Kuldeep John Nichel wrote: Kuldeep Singh Tomar wrote: Hi All, I am working on one Document Management System which I am running on linux. I have added this system to win2000 Active Directory server. Now, I want to authenticate my all users for DMS through this Win2k server and search on directory server. So, I am trying to connect to Active Directory server using php-ldap function, but every time it says that my password is not correct. I am using the example given at the site: |function checkNTUser ($username,$password) { $ldapserver = 'Your Server'; $ds=ldap_connect($ldapserver); if ($ds) { $dn=cn=$username,cn=Users, DC=[sitename], DC=[sitesuffix]; [EMAIL PROTECTED]($ds,$dn,$password); if ($r) { return true; } else { return false; } } } I am really in crisis. Can somebody on list help me.Thanks in advance. With Regards, Kuldeep Singh Don't hijack threads. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ADS authentication
Hi Ray, Thanks for your response. I was trying this script also but no success. I was using following values: $ldap[user] = tomar; $ldap[pass] = passwd; $ldap[host] = dc02-del3.vc-del.vcustomer.com; $ldap[port] = 389; $ldap[dn] = cn.$ldap[user].,ou=Department,o=Company Name; $ldap[base] = ; but still getting same error message: Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server in /usr/local/ apache2/htdocs/test6.php on line 14 Do I need to do any specific change at ADS side or any extra parameter in dn side. Had you done any change in ADS server? Thanks again for your help. With Regards, Kuldeep Ray Hunter wrote: On Tue, 2004-05-11 at 09:16, Kuldeep Singh Tomar wrote: Hi, Sorry for it. Can I get some help on this? Here is what i used to query Exchange...now i am no windowz guru, but from what i understand about exchange and ads exchange will send user information to ads to be authenticated. So my work around was to all user to authenticate against exchange ldap, which in turn sends it to ads. Just a note if the ldap can bind with the supplied username and password then they were authenticated for their information. -- Ray Example: ?php // LDAP variables $ldap[user] = uname; $ldap[pass] = password; $ldap[host] = ldap.example.com; $ldap[port] = 389; $ldap[dn] = cn.$ldap[user].,ou=Department,o=Company Name; $ldap[base] = ; // connecting to ldap $ldap[conn] = ldap_connect( $ldap[host], $ldap[port] ) or die( Could not connect to server {$ldap[host]} ); // binding to ldap $ldap[bind] = ldap_bind( $ldap[conn], $ldap[dn], $ldap[pass] ); if( !$ldap[bind] ) { echo ldap_error( $ldap[conn] ); exit; } // search for the user on the ldap server and return all // the user information $ldap[result] = ldap_search( $ldap[conn], $ldap[base], uid=.$ldap[user] ); if( $ldap[result] ) { // retrieve all the entries from the search result $ldap[info] = ldap_get_entries( $ldap[conn], $ldap[result] ); } else { echo ldap_error( $ldap[conn] ); exit; } if( $ldap[info] ) { // Add the users department name and email address // to the session $_SESSION[userdept] = $ldap[info][0][department][0]; $_SESSION[usermail] = $ldap[info][0][mail][0]; } else { echo ldap_error( $ldap[conn] ); exit; } // close connection to ldap server $ldap_close( $ldap[conn] ); ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php