Php 使用HTACCESS的LDAP身份验证(Windows上的Apache 2.4)
我正在使用这个小PHP脚本(最小化[正确工作]来演示这一点)对AD用户进行身份验证Php 使用HTACCESS的LDAP身份验证(Windows上的Apache 2.4),php,apache,.htaccess,active-directory,ldap,Php,Apache,.htaccess,Active Directory,Ldap,我正在使用这个小PHP脚本(最小化[正确工作]来演示这一点)对AD用户进行身份验证 define('WLU_LDAP_SERV', 'ldaps://test.domain.com:636'); define('WLU_LDAP_BASE', 'OU=Employees,OU=UsersGroups,DC=test,DC=domain,DC=com'); function ldapAuthentication($username, $password) { $response = ar
define('WLU_LDAP_SERV', 'ldaps://test.domain.com:636');
define('WLU_LDAP_BASE', 'OU=Employees,OU=UsersGroups,DC=test,DC=domain,DC=com');
function ldapAuthentication($username, $password)
{
$response = array();
$err = array();
$filter = 'CN='.$username;
$dnbase = $filter . ',' . WLU_LDAP_BASE;
$fields = array("cn","mail","displayname");
$link = @ldap_connect(WLU_LDAP_SERV);
$bind = @ldap_bind($link, $dnbase, $password);
$resl = @ldap_search($link, WLU_LDAP_BASE, $filter, $fields);
if ($resl) {
$info = @ldap_get_entries($link, $resl);
}
return $info;
}
我试图使用.htaccess文件复制相同的进程,但身份验证失败
AuthType Basic
AuthBasicProvider ldap
LDAPReferrals Off
AuthLDAPBindAuthoritative off
AuthLDAPURL ldaps://test.domain.com:636/OU=Employees,OU=UsersGroups,DC=test,DC=domain,DC=com
AuthLDAPBindDN CN=someusername,OU=Employees,OU=UsersGroups,DC=test,DC=domain,DC=com
AuthName "AD authentication"
Require ldap-user
我明白了
Authentication required!
This server could not verify that you are authorized to access the URL "/". You either supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
In case you are allowed to request the document, please check your user-id and password and try again.
If you think this is a server error, please contact the webmaster.
Error 401
你的代码看起来不错。如果您使用的是Windows,我建议您在authldappbinddn和authldappurl周围添加引号 对于Require,请尝试“有效用户”而不是“ldap用户”。在AuthLDAPURL的末尾,您可能还需要NONE标志-请参见此处的类似问题: 祝你好运