PHP and Active Diretory

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
quadoc
Forum Contributor
Posts: 137
Joined: Fri Jul 01, 2005 5:33 pm
Location: Atlanta, GA

PHP and Active Diretory

Post by quadoc »

I'm trying to incorporate Active Directory into PHP, has anyone done this before? Please post some tips. Thanks... :roll:
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Re: PHP and Active Diretory

Post by Roja »

quadoc wrote:I'm trying to incorporate Active Directory into PHP, has anyone done this before? Please post some tips. Thanks... :roll:
You'll need to be more specific about what you want to accomplish.

Do you want pass through browser login using their domain credentials?
Do you want full access to the AD user information (not just pass/fail auth by username)?

Each are different. Also, which webserver are you using? It does make a difference here, as IIS will give you access to some of the above natively without any work in PHP. Also, is the machine that will host the code a trusted member of the domain? It will need to be for virtually *any* interaction with the AD.

Be more specific, and we can give more specific answers. :)
User avatar
quadoc
Forum Contributor
Posts: 137
Joined: Fri Jul 01, 2005 5:33 pm
Location: Atlanta, GA

Post by quadoc »

Sorry, I should made it clearer in the previous post.

And yes, I want want pass through browser login using their domain credentials and full access to the AD user information on IIS
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

quadoc wrote: And yes, I want want pass through browser login using their domain credentials and full access to the AD user information on IIS
Okay, thats two different problems.

The first one (pass thru browser login auth):

Configure the directory in IIS to NOT allow anonymous logins. This will force it to use one of the authenticated user types, and the defaults include IIS/AD authentication.

Then, and I'm not kidding, in your app you just need this:

Code: Select all

$loginstuff = explode("",$_SERVER['AUTH_USER']);
echo "Domain: " . $loginstuff[0];
echo "<br>";
echo "Username: " . $loginstuff[1];
Thats it. (I'm blissfully ignoring security, reg_globals, and other issues in this snippet. Feel free to persue those seperately)

Now, the second problem is worlds different. It involves setting up AD to respond to LDAP requests, building a proper LDAP query string, using the php LDAP functions, and so on.

I suggest looking for a ready made package (library, class) for handling something that epic.
User avatar
quadoc
Forum Contributor
Posts: 137
Joined: Fri Jul 01, 2005 5:33 pm
Location: Atlanta, GA

Post by quadoc »

Thanks a lot for the info guys... :D
Post Reply