Eiolon Posted July 28, 2006 Share Posted July 28, 2006 Hello,I am working on an intranet site and instead of making a membership system and having all employees remember two usernames/passwords, I am making IIS use the active directory database to protect files and directories that are restricted. So here is my question:Is there a way to treat active directory usernames as you would with sessions or cookies? I would like to restrict pages to certain people but I still want to see who makes changes.Thanks for your help! Quote Link to comment Share on other sites More sharing options...
Barand Posted July 28, 2006 Share Posted July 28, 2006 If your users have logged on to your network then you can get their username from[code]$domain_user = $_SERVER['LOGON_USER'];echo $domain_user; // --> domain\username.[/code](Anonymous access must be disabled for this to work) Quote Link to comment Share on other sites More sharing options...
scottybwoy Posted July 31, 2006 Share Posted July 31, 2006 Can this be then used within the header of index.php and passed to a database to find out what areas they can use (as long as their username is added exactly the same) and create a session for the duration and restrict thier usage throughout? In one automated process? Quote Link to comment Share on other sites More sharing options...
Barand Posted July 31, 2006 Share Posted July 31, 2006 You can. I use it for access control and also for digging emails addresses out of the active directory. Quote Link to comment Share on other sites More sharing options...
scottybwoy Posted August 1, 2006 Share Posted August 1, 2006 Wow, I've been looking for this for ages, and a stupid Microsoft Tech page told me php had no function for this, so stopped looking.Also how can you get the e-mail addresses out, does that work to get all the other users on the network? Quote Link to comment Share on other sites More sharing options...
scottybwoy Posted August 1, 2006 Share Posted August 1, 2006 How would I go about calling [code]$domain_user = $_SERVER['LOGON_USER'];[/code]Then taking of the prepend of the SERVER\ string to be left with just the user name, to query the Database for that user.Or would it be easier but slower to retrive a list of the users from the database and compare it to the returned $domain_user to see if they exist in the database? Quote Link to comment Share on other sites More sharing options...
SharkBait Posted August 1, 2006 Share Posted August 1, 2006 If the domain name is always the same then you could substr() itor explode it with / being the dilmeter and using the second index...[code]<?php// domain user sample: MyDomainName/SharkBait$domain_user = substr($_SERVER['LOGON_USER'], 0, 13);// Or split it up$domain_user = explode("/", $_SERVER['LOGON_USER']);$domain_user = $domain_user [1];?>[/code] Quote Link to comment Share on other sites More sharing options...
scottybwoy Posted August 1, 2006 Share Posted August 1, 2006 Cheers Sharkbait,The first one only returns the Domain Name but the second array works well, I'm using Windows so had to change "/" to "\\" for anyone else interested. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.