madal30 Posted July 28, 2009 Share Posted July 28, 2009 Hello all, newbie here. I am totally new for php but would like to create some page. I would like to authenticate users against OpenLdap, check username and password. Once user is valid start session then start new php page where I should able to display his full name, department. Some says using pear auth but have no idea. can someone help me simple, easy and secure way to implement this ? It would be great help. Thank You Madal Link to comment https://forums.phpfreaks.com/topic/167862-ldap-authentication/ Share on other sites More sharing options...
lonewolf217 Posted July 28, 2009 Share Posted July 28, 2009 it varies slightly dependant on the AD organization, but basically it would go something like this. Keep in mind that there is no security in this script, but the LDAP login does work so you can enhance it any way you want <?php //configure LDAP parameters $ldap['user'] = $username; $ldap['pass'] = $userpass; $ldap['host'] = '<fqdn of your Domain Controller>'; $ldap['port'] = 389; $ldap['dn'] = 'mailNickname='.$ldap['user']; //this may vary with your organization $ldap['base'] = '<full Base DN>'; //connect to the LDAP server and bind using the provided credentials $ldap['conn'] = ldap_connect( $ldap['host'], $ldap['port'] ) or die( 'Could not connect to server'); $ldap['bind'] = ldap_bind( $ldap['conn'], $ldap['user'], $ldap['pass'] ); if( !$ldap['bind']){ //bind failed } else { //parse the login name to get the user alias $username = explode("\\",$ldap['user']); // search for the user on the ldap server and return all the user information $ldap['result'] = ldap_search( $ldap['conn'],$ldap['base'],'(mailNickname='.$username[1].')'); if( $ldap['result'] ){ // retrieve all the entries from the search result $ldap['info'] = ldap_get_entries( $ldap['conn'], $ldap['result'] ); if($ldap['info']){ $_SESSION['displayname'] = $ldap['info'][0]['displayname'][0]; $_SESSION['username'] = $username[1]; } } // close connection to ldap server ldap_close( $ldap['conn'] ); ?> Link to comment https://forums.phpfreaks.com/topic/167862-ldap-authentication/#findComment-885398 Share on other sites More sharing options...
madal30 Posted July 31, 2009 Author Share Posted July 31, 2009 Hi, Thanks, This is based with Active Directory But I am using OpenLDAP. Would be great if you can dump the code. Thanks, M Link to comment https://forums.phpfreaks.com/topic/167862-ldap-authentication/#findComment-887628 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.