PHP - 针对 Windows 2003 Active Directory 的 LDAP 身份验证(用户 ID 与名字和姓氏不同)
需要您帮助根据 LDAP 验证 Active Directory 用户 ID。我的问题很独特。我在这里解释一下。在发布这个问题之前,我已经用谷歌搜索了它,也在这个论坛中进行了搜索,但没有得到任何匹配的帖子。
这是问题所在 我有一个 Windows 2003 域控制器。我的公司政策是在域中创建用户 ID,如下所示
First Name = John
Last Name = Wagner
User ID = [email protected] (domain controller is company.com)
当我更新 Active Directory 用户和计算机中的用户属性时,我必须更新完整的名字和完整的姓氏 - John Wagner
当我尝试验证 html Web 表单时在php中使用用户ID,它不起作用。 但是,当我使用名字和姓氏进行身份验证时,它会起作用。
//username is given as jwagner in the html form in this case. Authentication Fails.
//username is given as "john wagner" (without the quotes). Authentication Success.
if ((isset($_POST['username'])) && (isset($_POST['password'])))
{
$username=$_POST['username'];
$password=$_POST['password'];
$adServer = "10.23.1.1";
$ldapconn = ldap_connect($adServer)
or die("Could not connect to LDAP server.");
$ldaprdn = $username;
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $password);
if ($ldapbind)
{
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header("Location: http://company.com/website1");
}
else
{
//if authentication fails, redirect back to the login page
header("Location: http://company.com/index.php");
}
}
我不确定我哪里出错了。如果用户 ID 不等于活动目录帐户的名字和姓氏,是否无法使用 php 验证活动目录帐户?
感谢您提前提供的所有建议和帮助。
问候, 维奈
Need your help with authenticating an active directory user ID against LDAP. My problem is unique. Let me explain here. Before posting this question, I've googled it and also searched in this forum and did not get any matching posts.
Here is the issue
I have a windows 2003 domain controller. My company policy is to create the user IDs in the domain as below
First Name = John
Last Name = Wagner
User ID = [email protected] (domain controller is company.com)
When I update the user properties in Active Directory Users and Computers, I have to update the full first and full last name - John Wagner
When I try to authenticate a html web form in php using the User ID, it doesnt work.
However, when I authenticate with the first name and last name, it works.
//username is given as jwagner in the html form in this case. Authentication Fails.
//username is given as "john wagner" (without the quotes). Authentication Success.
if ((isset($_POST['username'])) && (isset($_POST['password'])))
{
$username=$_POST['username'];
$password=$_POST['password'];
$adServer = "10.23.1.1";
$ldapconn = ldap_connect($adServer)
or die("Could not connect to LDAP server.");
$ldaprdn = $username;
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $password);
if ($ldapbind)
{
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header("Location: http://company.com/website1");
}
else
{
//if authentication fails, redirect back to the login page
header("Location: http://company.com/index.php");
}
}
I'm not sure where am I going wrong. Is it not possible to authenticate active directory account using php if the user id is not equal to the first name and last name of the active directory account?
Thanks for all your advise and help in advance.
Regards,
Vinay
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
![扫码二维码加入Web技术交流群](/public/img/jiaqun_03.jpg)
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果您像这样输入您的用户:
您只需测试一下:
If you enter you user like this :
have you simply test :