By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,665 Members | 1,513 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,665 IT Pros & Developers. It's quick & easy.

Windows authentication from SUSE 10.1? What module can do this?

100+
P: 310
I am not sure if this post belongs here in PHP or under Linux.

I have an application at work running both on Centos 4.5 and on a Debian PC. For both of these, an authentication of a user is made using either smbauth_validate and smbauth.so (Centos) or pam_auth (Debian), where the user's ID and password is sent to our Windows server and checked to see if they are valid.

Now I need to migrate the application to a SUSE 10.1 x86_64 machine, and having difficulties in finding the right package that can do the same job.

Can anyone help? Can anyone tell me for SUSE what module or RPM package can be used?

Thanks for any help,

Regards,
Steve, Denmark
Mar 5 '08 #1
Share this Question
Share on Google+
4 Replies


ronverdonk
Expert 2.5K+
P: 4,258
In my opinion this is a Linux problem, so I will move this thread to the Linux forum. Good luck.

moderator
Mar 5 '08 #2

100+
P: 310
Thank you to the moderator. I was, and still am, not really sure where this belongs, which is part of the problem behind the original post. I am working with PHP, and am not sure where to look for an appropriate authentification module that will work on a 64bit SUSE 10.1 machine: a PHP module, or a more general Linux module (pam, squid, etc.).

I do not require an entire authentification system, just a function that will ask our Windows server if a user ID and password pair are currently valid, and return a true or false as answer to the PHP script.

Hope someone out there can help!

Steve, Denmark
Mar 5 '08 #3

100+
P: 310
If it is any help to anyone, I will answer my own question. I could not find packages or modules for 64 bit SUSE 10.1 that gave me the equivalent functionality as I have for Centos and Debian, but it seems the php5-ldap module does what I want. I use the following function.
Expand|Select|Wrap|Line Numbers
  1. <?php
  2. function myCheckAuth($user,$passwrd)
  3. {
  4.         $user = trim($user);
  5.         if ((strlen($user)==0) or (strlen($passwrd)==0))
  6.         {
  7.                 // Need to do this or it would be possible to log in anonymously
  8.                 return false;
  9.         }
  10.         // Convert the $user id to something that the Windows server will accept:
  11.         $userid = trim($user) . '@companydomane.com';
  12.         $host = 'ldap://companyserverURL';
  13.  
  14.         $ldap = ldap_connect($host);
  15.         ldap_set_option($ldap,LDAP_OPT_PROTOCOL_VERSION, 3);
  16.  
  17.         // Attempt to bind this user.
  18.         $ldapbind = ldap_bind($ldap,$userid,$passwrd);
  19.         if ($ldapbind)
  20.         {
  21.                 ldap_close($ldap);
  22.                 return true;
  23.         }
  24.         else
  25.         {
  26.                 ldap_close($ldap);
  27.                 return false;
  28.         }
  29. }
  30. ?>
  31.  
This seems to do the job. The PHP script passes the user's Windows log on ID as $user and the user's password as $passwrd (obtained from the log on page using appropriate form input fields). If the user ID and password are currently valid, the bind is successful, and true is returned, otherwise the bind fails and false is returned.

Steve, Denmark
Mar 10 '08 #4

numberwhun
Expert Mod 2.5K+
P: 3,503
Albeit the issue seems to be resolved, I believe that this should have been under the PHP forum as he was coding to do the authentication.

Just my .02.

Regards,

Jeff
Mar 11 '08 #5

Post your reply

Sign in to post your reply or Sign up for a free account.