Authenticating Users From Windows Active Directory From PHP Code
I want to authenticate users (defined in an Active Directory Service
running on a Windows 2000 Server machine) from PHP Code running under
Linux (Fedora Core 3 with Kerberos 5 installed). I just want to find
out whether a particular user (with a given username, password
combination) exists or not. Then I will login that user into my
intranet application (developed on PHP under Linux).
View Complete Forum Thread with Replies
Related Forum Messages:
Access Active Directory (of WINDOWS SERVER 2003) Via LDAP
I want to read user information from the microsoft windows 2003 server. In the windows server 2003, i've create a domain, called "wissenskolleg". I've assigned a password to it. Now, i want get access to the Active Directory with PHP. My code: $ds=ldap_connect("wissenkolleg.com"); $r=ldap_bind($ds,"administrator","psword"); Always I've get the following error message: warning: ldap_bind(): For Unable ton bind tons of servers I've found out, that $ds always return: Resource id #2 If i changed "wissenkolleg.com" in "whyitis", it is all the same, i've can only read: Resource id #2 and the same error with ldap_bind.
View Replies !
Active Directory / Exchange / Active Directory.
I'm creating an Intranet module for a client (Forum, files upload...etc...etc). This client already has a huge server running on WIN2000 + IIS 4 + Exchange + Microsoft Active directory + proxy and finally PHP 4.03 + MySql. Problem #1 : All passwords are changed every weeks, so I want to be able to import users/pass from Microsoft exchange .... Does anyone have an idea to do such thing with PHP ? Problem #2: I would like that the user logged from the firm's network do not have to log. again when connecting the module. So, is it possible to do such thing ?
View Replies !
Active Users
I'm creating an active users script for my website and I'm having a bit of trouble updating the table. It's not producing an error but its not updating the table either. The columns in the active_users table are username varchar(30) and timestamp int(11) The code pertaining to the problem is: PHP Code: $query = sprintf("UPDATE active_users SET username='%s' AND timestamp = UNIX_TIMESTAMP()",mysql_real_escape_string($user)); mysql_query($query); And here is what I use to retrieve who's currently active: PHP Code: $result = mysql_query("SELECT username FROM active_users WHERE timestamp > (UNIX_TIMESTAMP() - 900)"); while($row = mysql_fetch_row($result)) { echo "<b><a href='users.php?action=profile&user=$row[0]'>" . $row[0] . '</a><br /></b>' }
View Replies !
Make An Active Users Script In PHP
I'm trying to make an active users script in PHP, not because I need one, because I want to know if i can. I made one that worked with PHP sessions but then it failed to work with people who had cookies turned off. So, now the script i'm using stored the time and users IP in a flat file. Needless to say it doesn't work for a seemingly unknown reason. It's a pretty small script that I heavily commented so I wouldn't get lost. If one of you more experienced PHP gurus can take a look through it real fast and tell me what's wrong and what I could do to fix it that'd be great. Code:
View Replies !
PHP And Active Directory
Via a PHP script (running on a LAMP configuration - PHP with LDAP support), I run queries on the LDAP server of our office (users and arguments). Now, I want to put the result of this query (user information) in a Windows 2003 AD. I use PHP-ldap functions to connect with the domain controller: making connection is no problem, but binding (authenticated, I even tried Domain Administrator credentials) doesn't work... Does anyone has experience with this matter (PHP and AD connection/communucation)?
View Replies !
PHP And Active Directory 2K3
Note: I'm cross-posting the below to nyphp.org as well. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~ I've been struggling with an issue for a few months. I am attempting to search Active Directory 2003 via PHP, but am running into an issue searching from the base DN (i.e. 'cn=company,cn=com'). This seems to be somewhat of a known issue with AD2K3. A search at this level always returns: Warning: ldap_search() [function.ldap-search]: Search: Partial results and referral received If I change my base DN to 'ou=someOU,dc=company,dc=com', searches work properly. I was curious to see what would happen at the command line, so I used openldap's ldapsearch function against AD and sure enough I got a bunch of results that were truncated with ldap_result: Can't contact LDAP server Of note: I have a base php class that sets the following options whenever a bind is created (seems to be necessary for searching AD2K3 at all): ldap_set_option($this->_ldap, LDAP_OPT_REFERRALS, 0); ldap_set_option($this->_ldap, LDAP_OPT_PROTOCOL_VERSION, 3); Anyone have any feedback about how to search the base dn of AD2K3?
View Replies !
Active Directory And PHP
Is there anyway to work PHP with Active directory? My intention consist in developing an application that authenticates automatically PHP on W2k3 server.
View Replies !
Active Directory In PHP
I am attempting to create an internal application for my company and I am not part of the programming department but I do happen to be pretty decent at PHP. Anyways my current delima is that they use Windows 2000 Server Active Directory for User Authintication and attempting to re-enter all of this information in to a MySQL database would be a huge undertaking and something I just dont want to do. is there a way to get PHP to communicate with the Server to authenticate people useing Active Directory. I have searched the forums and I did not find anything regarding this already of course I could of been searching for the wrong criteria.
View Replies !
Active Directory
I'm trying to get it so visitors to our intranet site are able to log into the site with there normal login details. On a network using win2k3, active directory etc. Now my code at the moment seems to connect to AD but it fails when it trys to bind. Code:
View Replies !
Active Directory Authentication Via Php.
I'm in a bit of a pickle.. at the company where I recently started work, I discovered that the knowledge base we use sucks, and sucks bad (oh Lotus Notes, how I loathe thee, let me count the ways) So for kicks and giggles, I found a nice "personal notebook" solution on the net called: http://www.tiddlywiki.com/ When this had ballooned into a big, nice knowledge base, I discovered that there's a server-side version of it called cctiddly : So as a test I found a free apache/php/sql solution: - copied the cctiddly into it, and the thing worked! As you can see, up until now, no real programming has been undertaken by me, at this point, I've just been at most playing around with installing plugins into my tiddlywiki. Of course, also, now I'm faced with the ultimate question... what's the best way to authenticate people who want access to the wiki? I've researched a bit, and discovered that you can enable LDAP access via php, so theoretically you can authenticate people through AD... which is excellent! People can just use their usual username and password, no need to remember yet another user/pass, and no need for admin to have to control yet another admin control thingum. So I've been testing this out, browsing through information, and as a test I created this: ------ echo "<h3>LDAP query test #1</h3>"; echo "Connecting ..."; $ldap_host = "localhost"; $ldap_user = "user@domain.is"; $ldap_pass = "password"; $connect = ldap_connect($ldap_host) or die ("No Connection to LDAP server"); // must be a valid LDAP server! echo "connect result is " . $connect . "<br />"; if (ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3)) { echo "Using LDAPv3 <br />"; } else { echo "Failed to set protocol version to 3 <br />"; } if ($connect) { echo "Binding to server..."; $bind=ldap_bind($connect, $ldap_user, $ldap_pass); echo "Bind result is " . $bind . "<br />"; } ---- - Now this works.. if I remove the $ldap_pass in the "$bind=ldap_bind($connect, $ldap_user, $ldap_pass); " line, because then I'm connecting anonymously to the LDAP server... But when I try to authenticate to the server with the password I get this error: "Warning: ldap_bind() [function.ldap-bind]: Unable to bind to server: Strong(er) authentication required in C:Program Filesxampphtdocs wikiadtest.php on line 21" - which made me go, whu? Now I can't change the settings on the domain controller, as I'm not the sysadmin.. so I need to somehow create a stronger authentication to the server.. now how the hell do I do that? I can't install an SSL certificate, because there isn't one on the server, is there some way for me to make the password meet the bare minimum requirements for a stronger authentication without having to use SSL? An administratoir I know recommended to try to figure out how to use either NTLM or KERBEROS... which is at least perhaps something.
View Replies !
Active Directory And LDAP
I have a php Intranet, and what I would like to do is hit the Active Directory and bring back the Username, FirstName and Lastname from Active Directory and set them to variables, so I can either display them or insert them into a database. A few things to consider, php is installed on the server, but I don't have access to the server to change any settings. This is just a side project and we are blowing up the existing intranet and going with a Content Management System, so the easier the better.
View Replies !
Active Directory Token
My environment is setup like this: Windows Server 2003 Active Directory 2003 IIS 6.0 PHP 5.1.6 When a user tries to hit my system they are prompted for an Active Directory username / password combination. If their information is correct they get to the application. I need to modify the application code to check if the users password is about to expire. IIS can be configured to pass a token to the application. How would I use PHP to read the contents of this token so I can query AD?
View Replies !
Authentification On Active Directory
I want to use the users of our active directory in the intranet for a portal page. i dont know how to authenticate? $server = "xxx-xx.de.xx.com"; $connectid = @ldap_connect($server); is ok. $binding = @ldap_bind($connectid) or die("Error"); echo "ok";
View Replies !
How Can I Connect From Php To Active Directory?
i already have a CMS that has its own user table in MySQL. A customer wants me to use their own Active Directory user list in order to login to the php system. So, now i have to connect the app to the Active Directory. 1) What are the neccesary steps? 2) How can i connect from php to active directory in order to check user/password consistency?
View Replies !
Controlling Active Directory?
I need to make a php script cable of creating/editing users in windows active directory. To make it even harder php is installed as a module on Apache running on windows, same computer that runs MS exchange and thus needs active directory to manage all email accounts. Why? Because I could not find anything open source for windows to do what MS exchange does, and I am not talking about all of that calendar and contacts staff, what I need are simple IMAP and POP3, is it so hard to ask? Well to sum it up I need either help with php and a point to the right direction to manage active directory, or a good reliable open source email server that would run on windows XP+ ( I would not use 2003 server if I can find that email server ) and be flexible enough to be controlled from PHP.
View Replies !
Ldap And Php4 With W2k Active Directory
I am trying to get ldap info from a W2K active directory. I have the authentication down, but I want to search on the aa0000000 to get the name associated with the login. Basically I am making a request form that will be used once a year, but need to be sure of the people signing up, use resources already setup, and have one login/pass. Code:
View Replies !
Creating Active Directory User
does anyone already tried to create a user into active directory through php_ldap ? i tried something like this but still don't work :-/ $adduserAD["cn"][0] = "phpldapuser"; $adduserAD["samaccountname"][0] = "guguseli"; $adduserAD["objectclass"][0] = "top"; $adduserAD["objectclass"][1] = "person"; $adduserAD["objectclass"][2] = "organizationalPerson"; $adduserAD["givenname"][0] = "thomas"; $adduserAD["name"][0] = "tester"; $adduserAD["sn"][0] = "btester"; $adduserAD["description"][0] = "TEST-Account ldap"; $adduserAD["title"][0] = "Programm Manager"; ldap_add($ad, "ou=test, dc=my,dc=domain", $adduserAD) or die("error!");
View Replies !
Creating Active Directory Accounts
I need to add a feature to a php form that allows you to create Active Directory accounts (from the form). I read around that you needed something called ldap to do something like this, is that true.
View Replies !
LDAP Connect To The Microsoft Active Directory
I have been trying to connect to the Microsoft Active Directory in order to access user and user group information form authentication on one of my websites. When I execute the code below, I am able to connect but cannot bind. <?php $conn=ldap_connect("localhost") or die("Couldn't connect"); echo "Connect result is " . $conn . "<br />"; ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION,3); ldap_set_option($conn, LDAP_OPT_REFERRALS,0); $bind=ldap_bind($conn,'sarfaraz','password') or die("Couldn't Bind"); echo "Bind result is " . $bind . "<br />"; ldap_close($ds); ?> RESULT: Connect result is Resource id #2 Couldn't Bind I am currently developing this website on my personal computer (xp home, apache 2, php 5, mysql 5). I enabled the LDAP module in the php.ini, added php to the windows PATH, added libeay32.dll and ssleay32.dll to the system32 folder and restarted apache and the computer.
View Replies !
Ldap_bind With Active Directory Working With Invalid Passwords
I have been trying to find an answer to this for some time now and cannot find anything on my own. I am trying to set up Active Directory authentication for some applications I am developing. I got the setup to initially work, but notice that it will work if I use an invalid password or even a blank password. I am not sure what I need to change in my code (listed below) $ldaprdn = $_POST["username"]; $ldappass = $_POST["password"]; $host = "ad1.mysite.edu"; $basedn = "DC=ad1,DC=mysite,DC=edu"; $ds = ldap_connect ("ldap://" . $host); ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); if ($ds) { $r = ldap_bind($ds, $user . "@mysite.edu", $pass); if ($r) { session_start(); ldap_close($ds); $_SESSION["username"] = $ldaprdn; $_SESSION["login"] = true; header ("Location: options.php"); } else { ldap_close($ds); header ("Location: index.php"); } } If it authenitcates, it should go to the options.php page. I can put a check to see if the password given is null or blank, but that doesn't solve the binding with an invalid password. The one major thing I don't understand with the script are the DC= and what they do, and maybe its something in there that is the issue.
View Replies !
Editable For Only Specific Active Directory User Goup
I'm trying to make a php message board on our company's Intranet that can only be edited by a specific user group. The group "writers" is managed in active directory. Is it possible to automatically check if the user that is logged in to windows and is watching the site is a part of the group "writers"? And if that user is a part of writers then an "Edit" button would be displayed on the site. The intranet site runs on Apache 2.2.
View Replies !
Sorting Active Directory/LDAP Output (Lastname, Firstname)
My company has asked me to put a company directory on our intranet site and I'm trying to use php to extract the users from our active directory server. I've got everything working, however, when the list of users is shown in the output, it seems to display the users in the order their accounts were created, with Administrator obviously being first. What do you think would be the best way to get the list to be sorted by lastname (sn), based on the coding below. usort? ldap_sort? Not really too familiar with using php and ldap or active directory. <?php $ldap_server = "ldap://ourldap"; $auth_user = "user"; $auth_pass = "pass"; // Set the base dn to search the entire directory. $base_dn = "ou=staff, dc=ourldap, dc=com"; // Show People $filter = "(&(objectClass=user)(objectCategory=person)(cn=*))"; // connect to server if (!($connect=@ldap_connect($ldap_server))) { die("Could not connect to ldap server"); } // bind to server if (!($bind=@ldap_bind($connect, $auth_user, $auth_pass))) { die("Unable to bind to server"); }
View Replies !
Internet Explorer 6 Vs 7 : COM Object That Uses ADSI To Reset Active Directory Domain Accounts
Setup: IIS 6 with PHP 5.2.0 We are trying to make a COM object that uses ADSI to reset Active Directory domain accounts. We can get the script to work great in IE7, but anyone stilll using IE6 has problems. We are using authentication (IWA and IIS configured not to allow anonymous) via the browser. I also have the same problem with a simple example script off of php's site (http://us3.php.net/com) <?php $domainObject = new COM("WinNT://Domain"); foreach ($domainObject as $obj) { echo $obj->Name . "<br />"; } ?> In Internet Explorer 6 I just get "Schema". With IE7, I get the full list of objects...
View Replies !
Stop Users Accessing A Directory Through The Url Bar
I've got some free downloads on my site and I want to stop people from downloading them without going through the correct page. Basically all of my downloads are in a directory like so: root/downloads/download category/files I want to stop people from just typing the url of a file into there browser and having the file. I've got a file which counts how many people have downloaded files and re-directs them to the download file. I want this to be the only way someone can access the files.
View Replies !
Phpbb Directory Permissions On Windows?
What should the directory permissions look like on the various folders in a typical phpbb install? I was looking at a server today that had phpbb installed on a box with IIS installed on it and many of the folders had read,write and modify flags set for the IUSR_MACHINENAME account. Im thinking this should be changed to read-only.
View Replies !
Directory Copy On A Windows Machine
I have a page that when data is submitted it also creates a directory named with some of the values passed from a PHP form when it is submitted, it also does a copy of a directory into the newly created directory. Everything works perfectly, except (lol there is always an except) during the copy process the DOS box pops up. I am wanting to run the command silently and can not find the answer anywhere. Here is what the command looks like: Code:
View Replies !
Giving Verification Code To Users By Telephone Them
In some web site for complete registration after afew seconds they call you and a robot tell you a code then you should enter it. If it's conform to code that store on DB your registration is completed. How they can do it? Do i need special software? or not i can program it with PHP?
View Replies !
Code Error On Windows
I'm trying to remember what code I had that would work on a Linux server but not on my apache php mysql install on a Windows machine. Does anyone know of instances of this? Someone I know doesn't believe that this is the case because they believe that php is truly cross platform. I realize that for most code it does work on Windows and Linux but I think there are exceptions that need to be noted.
View Replies !
.PHP Code Does Not Parse Php5 Apache2 On Windows
Can anyone tell me why .php code is not parsed #For PHP 5: short_open_tag = Off httpd.conf # Add to the end of the LoadModule section LoadModule php5_module "C:/PHP/php5apache2.dll" AddType application/x-httpd-php .php #Add to the end of the AddModule section #AddModule mod_php5.c
View Replies !
Where To Put My PHP Code? Where Is The IIS Root Directory?
I begin to write PHP but run into problem already. First, I do not know where to put my PHP code? Where is the IIS Root Directory? (I'm using Windows XP). I have run Installer... but when I open my browser and type: http://localhost/hello.php, what I got is an error message: <p>This PHP CGI binary was compiled with force-cgi-redirect enabled. This means that a page will only be served up if the REDIRECT_STATUS CGI variable is set, e.g. via an Apache Action directive.</p> <p>For more information as to <i>why</i> this behaviour exists, see the <a href="http://php.net/security.cgi-bin">manual page for CGI security</a>.</p> <p>For more information about changing this behaviour or re-enabling this webserver, consult the installation file that came with this distribution, or visit <a href="http://php.net/install.windows">the manual page</a>.</p> I really do not understand how to make my first PHP "Hello World" works?
View Replies !
Authenticating
I'd like to make some authentication system for a web dir using php. Like the Directory directive in apache where you just set the auth type and it's locked. Is this possible to do with php? I don't want to use sessions of coockies but just make php tell apache to ask for authentication without havinf to set it in the httpd.conf. So I keep a user database managed with php but have apache do the authentication stuff.
View Replies !
Authenticating With Move_uploaded_file
I don't know if this is strictly a PHP thing, but I implemented an upload form on my site and all was well locally but after trying it on my web site I realised it wasn't working because the directories do not have write permissions for 'everyone' which makes the move from the temporary PHP directory to a write restricted directory not work. Obviously chaning it to 777 adds security problems. How do I call the move_uploaded_file or am I missing something?
View Replies !
Authenticating Using OpenID
I used the phpMyID and can successfully login and logout. But how to point so that a particular page requires authentication and if authenticated then only display the page content ....
View Replies !
Authenticating To .htaccess Via Php
Is it possible to authenticate with .htaccess via php? I have a password protected area which pops up the browsers own authentication login when access. This works fine but I'd like to create a php login form so that I can use a 'remember me' type of function via cookies. Is this possible? All the free php login scripts I have seen assume a mysql database which is searched when logging. What I am looking for is to login to a php script, read the .htpasswd file and then indicate to apache that the login is successful or not. Can this be done?
View Replies !
Authenticating: Levels, Etc..
i've already have levels of security (sessions and login verification based on DB) but is there a risk involved with using includes ? let's say i have an if else statements to control who gets permission to do what, and it's based on including the editing files in stead of coding everything on one page.
View Replies !
Authenticating In PHP5
PHP Code: { Â Â list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = Â Â Â Â explode(':', base64_decode(substr($HTTP_AUTHORIZATION, 6))); } PHP Code: <?php // if we are using IIS, we need to set $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] if (substr($SERVER_SOFTWARE, 0, 9) == 'Microsoft' && Â Â Â Â !isset($_SERVER['PHP_AUTH_USER']) && Â Â Â Â !isset($_SERVER['PHP_AUTH_PW']) && Â Â Â Â substr($HTTP_AUTHORIZATION, 0, 6) == 'Basic ' ) .......
View Replies !
Upload A File And Prints The Code Into The Directory Specified
I am using the code from php.net to upload files, and everything works ok but when I upload a file ir prints the code into the directory specified. So say I set my upload path to: C:/phpdev/www/uploads Then I go to uploads, it will just show me the code of the file I uploaded. How do you do it so when you go to uploads, it will show you all the various files uploaded to this directory, and you can then refer to them.
View Replies !
Authenticating With Sessions - Safe?
I have a web app that uses authentication with sessions by checking that the user's id/pw matches with that found in MySQL. Once the user is logged in, each page checks if that session variable exists (created by login script), if it doesn't, it redirects somewhere else. So it's just checking for the session variable's existence, nothing else.
View Replies !
Cookies - It Is Not Authenticating Correctly
Authenticate system is via cookies, it owns 3 cookies, one with the user name, other with the password and another with the iD. However if change cookie( name ) he changes the user name and lets the same continues navigating with login that wish( and until post goods as if it was other person ) Below it follows the code that I did and that is not working: PHP Code:
View Replies !
Authenticating Problem When Encrypting With Md5
I have successfully made a login page, pages that restrict access to certain user types (all using server behaviors). It works great! Although I've noticed something interesting. The passwords when stored in my MySQL database are in plain language. How can I encrypt them so that no one can see the list of passwords? Code:
View Replies !
Make PHP Find Windows Directory. I Need The Php Equivelant To "%WINDIR%"
I've written a small gui for PHP.ini but I don't know how to make PHP find the windows directory itself. You'll probably understand better when you see the code below. I'm currently using the line: Code: $PHP = new Config ("c:windowsphp.ini",";"); And that works fine but only if PHP.ini is in c:windows. I tried Code: $PHP = new Config ("%WINDIR%php.ini",";"); but that dowsn't work, I need something that finds windows dir. itself, Any ideas? You can see an example of it at http://213.152.46.100/gui/php-config.php (Uses a temp PHP.ini so you can't mess nothing up, feel free to play about with it)
View Replies !
Authenticating Cpanel Stats Page
I am trying to implement a site stats page(using webalizer from cpanel of domain) for the admin section of a site I am developing. The stats are displayed within an iframe. The page is session controlled for security reasons(as its the domains username password itself) Right now I have to use http://username:password@domain.com...izer/index.html I would like to know if its possible to authenticate the username password via php without putting the username/password combination in the url address. I am looking for some direction.
View Replies !
|
TRACKER
