473,386 Members | 1,706 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > retrieve win.2003 active directory user

Join Bytes to post your question to a community of 473,386 software developers and data experts.

Retrieve Win.2003 Active Directory user

Vio
Hello everyone,

i currently a beginner in php.
I want to ask about Win2003 Active Directory users. Is it possible to
retrieve Win2003 AD (just username & password) with php.
I'm currenty developing web based application for my small office. I
put my Apache+php+MySQL in Win2003 Server. My Clients using IE as
default browser.
What i want to do is to integrated active directory user with my
application.
So the user who log on with active directory user could use the
application. but the level usage of the application is set on mysql
database.
Each time user information has changed in active directory, it also
update the user information in mysql database.

Is it possible to do it ? How or what should i do or where else i can
find the answer about it.
Or are there any other suggestion?

Regards,
Vio.
Jun 2 '08 #1
7 2762
Vio escribió:
I want to ask about Win2003 Active Directory users. Is it possible to
retrieve Win2003 AD (just username & password) with php.
You can retrieve information from the Active Directory using LDAP
functions and you can definitively ask for credentials and validate them
yourself. See the "LDAP functions" chapter in the manual for further
reference. However, I don't think you can get the currently validated
user and, if you could get it, you shouldn't trust that information.

I believe you can use NTLM authentication (the authentication protocol
used in Windows shares) through HTTP but you'd need a browser that
supports it:

http://www.innovation.ch/personal/ronald/ntlm.html
http://www.testingreflections.com/node/view/1365
BTW, I found this package while Googling:

http://phpad.sunyday.net/
--
-- http://alvaro.es - Álvaro G. Vicario - Burgos, Spain
-- Mi sitio sobre programación web: http://bits.demogracia.com
-- Mi web de humor al baño María: http://www.demogracia.com
--
Jun 2 '08 #2
Vio
Thank you Mr.Alvaro for reply me.
I think the link you've send me (http://phpad.sunyday.net) is gonna be
useful.
However, I don't think you can get the currently validated
user and, if you could get it, you shouldn't trust that information.
Could you explain to me why i shouldn't trust that information.

The application that i'm doing currently is gonna have function to
access the file server also. that's why i think i need the active
directory users to determine the user level security access when user
have to access certain directory in file server (which is using
win2003 too) using my web application.

The application send the user name that has been store in mysql to
active directory and let the active directory proses the information.
if the user valid the active directory will send back notification or
information to the application about the user name. if valid then the
application will open the access.

In other hand the application it self also have some kind of level
security to determine which user(get from AD) should be given access
to do insert,update,and delete data (mysql).
Thats the plan.

Please correct me if my plan with the application is wrong or miss
direction or whatever you think should be corrected.

Regards,
Vio
Jun 2 '08 #3
Vio escribió:
>However, I don't think you can get the currently validated
user and, if you could get it, you shouldn't trust that information.

Could you explain to me why i shouldn't trust that information.
My browser can tell you I'm the user "Administrator". How can you know
it's true? You need further info to make sure, such as a password or an
authentication token you can validate against the domain server.

My knowledge about AD internals doesn't go much further, though.

At first glance I see nothing wrong in your approach it it's not a
problem that the web server can access all the files in the file server;
but I'm not an expert.

--
-- http://alvaro.es - Álvaro G. Vicario - Burgos, Spain
-- Mi sitio sobre programación web: http://bits.demogracia.com
-- Mi web de humor al baño María: http://www.demogracia.com
--
Jun 2 '08 #4
Vio
Again thank you Mr.Alvaro,
My browser can tell you I'm the user "Administrator". How can you know
it's true? You need further info to make sure, such as a password or an
authentication token you can validate against the domain server.
Yes, i get it. i need to validate the user name and password.
My knowledge about AD internals doesn't go much further, though.
At first glance I see nothing wrong in your approach it it's not a
problem that the web server can access all the files in the file server;
but I'm not an expert.
At least you know more or know first rather than i do, i assumed. :)
i'm just a beginner/newbie. Still learning :)
Regards,
Vio
Jun 2 '08 #5
Vio schreef:
Again thank you Mr.Alvaro,
>My browser can tell you I'm the user "Administrator". How can you know
it's true? You need further info to make sure, such as a password or an
authentication token you can validate against the domain server.

Yes, i get it. i need to validate the user name and password.
>My knowledge about AD internals doesn't go much further, though.
At first glance I see nothing wrong in your approach it it's not a
problem that the web server can access all the files in the file server;
but I'm not an expert.

At least you know more or know first rather than i do, i assumed. :)
i'm just a beginner/newbie. Still learning :)
Nothing wrong with being a newbie. :-)

But if your application serves sensitive information, I would advise you
to get a security audit before going live.
An experienced PHP coder can try to break your app with things like SQL
injection, screwed up PHPSESSIDs, circumvent your login-logic, etc..
Better safe than sorry. :-)

Regards,
Erwin Moller

>

Regards,
Vio
Jun 2 '08 #6
Vio
Erwin Moller :
Nothing wrong with being a newbie. :-)
Thank you for you support :-)
But if your application serves sensitive information, I would advise you
to get a security audit before going live.
An experienced PHP coder can try to break your app with things like SQL
injection, screwed up PHPSESSIDs, circumvent your login-logic, etc..
Better safe than sorry. :-)
The application is for internal use (LAN Only). However the security
issues is on top.
Again thank you for remind and warning me.
It's great to meet people who willing to share their knowledge and
advise to others.
I want someday i've got many to give others too.
If i have further questions please don't ignore this newbie. :-p

Regards,
Vio.
Jun 2 '08 #7
Vio wrote:
Erwin Moller :
>Nothing wrong with being a newbie. :-)

Thank you for you support :-)
>But if your application serves sensitive information, I would advise you
to get a security audit before going live.
An experienced PHP coder can try to break your app with things like SQL
injection, screwed up PHPSESSIDs, circumvent your login-logic, etc..
Better safe than sorry. :-)

The application is for internal use (LAN Only). However the security
issues is on top.
Again thank you for remind and warning me.
It's great to meet people who willing to share their knowledge and
advise to others.
I want someday i've got many to give others too.
If i have further questions please don't ignore this newbie. :-p

Regards,
Vio.
And a large portion of break-ins are internal - disgruntled employees,
ones about to be fired, etc.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================

Jun 2 '08 #8
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
creating mailboxes on exchange 2003 clusters
by: B. Zuidgeest | last post by:
I use C# to connect a database with student information directly to the Active Directory (2003). This means that as the student is enlisted an account and mailbox is created in the active...
C# / C Sharp
1
Retrieve e-mail address from Active Directory
by: mg | last post by:
Can someone give me C# code that will connect me to Active Directory, let me give Active Directory a user's name and retrieve his/her e-mail address. I need this for a WebForm.
ASP.NET
0
How to Retrieve user information using Active Directory
by: Federica | last post by:
Hi! I need some help retrieving user information in Active Directory. I have one webform with 2 textboxes 1 username and one for password. When the user load this page and insert his username and...
ASP.NET
6
adding user in active directory
by: Leo_Surf | last post by:
Hello, I need your help adding user in Active Directory from ASP.net website. Could any one provide me the complete code for the html page. As this is my curriculam project and I dont have any...
ASP.NET
1
Problem retrieving Active Directory users
by: tangus via DotNetMonster.com | last post by:
Hello all, I'm really struggling with getting some Active Directory code to work in ASP.NET. Can you please provide assistance? I am executing the following code: Dim enTry As DirectoryEntry =...
ASP.NET
1
Access Active Directory (of WINDOWS SERVER 2003) via LDAP
by: Frank F | last post by:
Hi, I want to read user information from the microsoft windows 2003 server. In the windows server 2003, i've create a domain, called "wissenskolleg". I've assigned a password to it. Now, i...
PHP
3
Retrieve User Information from Active Directory
by: BlueSky | last post by:
Hi, I have to retrieve user information from active directory in ASP.NET by passing Employee ID to it. Can any one give me some information on how I should do this? Thanks!
ASP.NET
1
maxamis4
Retrieve the the computer a user last logged on too
by: maxamis4 | last post by:
Hello folks, Here is the backgroup. I am creating an agent that can find a user in LDAP and return the last logon date. Now i am not sure if with active directory you can user the...
Visual Basic 4 / 5 / 6
0
JamieHowarth0
Windows Server 2003 Active Directory setup and restore
by: JamieHowarth0 | last post by:
Hi guys, Up until 3 weeks ago I was running a Microsoft Windows Server 2003 R2 Enterprise Edition Beta from home on an ADSL connection with dynamic IP absolutely fine - until the beta decided to...
Microsoft Windows
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!