Eiolon Posted July 28, 2006 Share Posted July 28, 2006 Hello,I am working on an intranet site and instead of making a membership system and having all employees remember two usernames/passwords, I am making IIS use the active directory database to protect files and directories that are restricted. So here is my question:Is there a way to treat active directory usernames as you would with sessions or cookies? I would like to restrict pages to certain people but I still want to see who makes changes.Thanks for your help! Link to comment https://forums.phpfreaks.com/topic/15932-active-directory-and-sessionscookies/ Share on other sites More sharing options...
Barand Posted July 28, 2006 Share Posted July 28, 2006 If your users have logged on to your network then you can get their username from[code]$domain_user = $_SERVER['LOGON_USER'];echo $domain_user; // --> domain\username.[/code](Anonymous access must be disabled for this to work) Link to comment https://forums.phpfreaks.com/topic/15932-active-directory-and-sessionscookies/#findComment-65463 Share on other sites More sharing options...
scottybwoy Posted July 31, 2006 Share Posted July 31, 2006 Can this be then used within the header of index.php and passed to a database to find out what areas they can use (as long as their username is added exactly the same) and create a session for the duration and restrict thier usage throughout? In one automated process? Link to comment https://forums.phpfreaks.com/topic/15932-active-directory-and-sessionscookies/#findComment-66331 Share on other sites More sharing options...
Barand Posted July 31, 2006 Share Posted July 31, 2006 You can. I use it for access control and also for digging emails addresses out of the active directory. Link to comment https://forums.phpfreaks.com/topic/15932-active-directory-and-sessionscookies/#findComment-66356 Share on other sites More sharing options...
scottybwoy Posted August 1, 2006 Share Posted August 1, 2006 Wow, I've been looking for this for ages, and a stupid Microsoft Tech page told me php had no function for this, so stopped looking.Also how can you get the e-mail addresses out, does that work to get all the other users on the network? Link to comment https://forums.phpfreaks.com/topic/15932-active-directory-and-sessionscookies/#findComment-66958 Share on other sites More sharing options...
scottybwoy Posted August 1, 2006 Share Posted August 1, 2006 How would I go about calling [code]$domain_user = $_SERVER['LOGON_USER'];[/code]Then taking of the prepend of the SERVER\ string to be left with just the user name, to query the Database for that user.Or would it be easier but slower to retrive a list of the users from the database and compare it to the returned $domain_user to see if they exist in the database? Link to comment https://forums.phpfreaks.com/topic/15932-active-directory-and-sessionscookies/#findComment-67013 Share on other sites More sharing options...
SharkBait Posted August 1, 2006 Share Posted August 1, 2006 If the domain name is always the same then you could substr() itor explode it with / being the dilmeter and using the second index...[code]<?php// domain user sample: MyDomainName/SharkBait$domain_user = substr($_SERVER['LOGON_USER'], 0, 13);// Or split it up$domain_user = explode("/", $_SERVER['LOGON_USER']);$domain_user = $domain_user [1];?>[/code] Link to comment https://forums.phpfreaks.com/topic/15932-active-directory-and-sessionscookies/#findComment-67056 Share on other sites More sharing options...
scottybwoy Posted August 1, 2006 Share Posted August 1, 2006 Cheers Sharkbait,The first one only returns the Domain Name but the second array works well, I'm using Windows so had to change "/" to "\\" for anyone else interested. Link to comment https://forums.phpfreaks.com/topic/15932-active-directory-and-sessionscookies/#findComment-67124 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.