Bonegavel wrote:
Going to sound strange, but here i go.
We use Windows 2000 AD for everything. However, we are also running
XAMPP (basically Apache, MySQL, PHP for windows) on a Windows box for
our Intranet. I have a few applications that need to authenticate via
AD from PHP and every example I see uses the LDAP functions built into
PHP.
I cannot query our AD server via LDAP. If I type
ldap://domaincontrolle r it fails, so of course, when I try to use the
LDAP function in PHP they fail.
How do I get LDAP running on AD? I'm sure I'm missing something simple,
but I'm very frustrated.
BTW, I've started coding another app that queries AD using ASP and it
is soooo easy it hurts.
What we do for this is to bind using a generic account, search for the
sAMAccountName then attempt to rebind using that DN and the supplied
password. If the bind works, the user/password is correct, if it
doesn't the users forgotten their password again.
This is on Linux, don't know anything about Windoze, so this might be
different for you!
e.g.
$ldap_server = "ad_controller. company.com";
$ldap_base_dn = "ou=Users,dc=co mpany,dc=com";
$ldap_def_user = "cn=ldapquery,o u=Users,dc=comp any,dc=com";
$ldap_def_pass = "password";
$Username = "dumbuser";
$Passwowd = "abc123";
$ld_connect = @ldap_connect($ ldap_server);
$bind = @ldap_bind($ld_ connect, $ldap_def_user, $ldap_def_pass) ;
if(!$bind) {
print "Eeek! Cannot bind to ldap server.";
exit;
}
$ld_filter = '(sAMAccountNam e='. $Username .')';
$ld_data = array('dn');
$ld_sr = ldap_search($ld _connect, $ldap_base_dn, $ld_filter, $ld_data);
$ld_info = ldap_get_entrie s($ld_connect, $ld_sr);
$ldap_user_dn = $ld_info[0]['dn'];
$bind = @ldap_bind($ld_ connect, $ldap_user_dn, $Password);
if(!$bind) {
print "Invalid login, get lost";
exit;
} else {
print "Logged in Ok!";
}
Good luck! Accessing AD from anything other than MS software can be a
pain in the @ss, especially when you start plaing with the GUID. (A 16
byte octect string than may contain nulls!!!)
Sacs