获取用户';s使用PHP从Active Directory中获取全名
我有一个使用PHP/LDAP的登录页面,供我的用户访问公司网站。下面,我创建了一个语句,将用户的广告组成员身份存储在一个变量中,稍后将根据用户在AD> 现在,我还想添加从Active Directory获取用户全名的功能,并将其存储以供以后使用。如何修改下面的语句以将用户的全名从Active Directory存储到另一个变量中?有什么想法吗获取用户';s使用PHP从Active Directory中获取全名,php,active-directory,Php,Active Directory,我有一个使用PHP/LDAP的登录页面,供我的用户访问公司网站。下面,我创建了一个语句,将用户的广告组成员身份存储在一个变量中,稍后将根据用户在AD> 现在,我还想添加从Active Directory获取用户全名的功能,并将其存储以供以后使用。如何修改下面的语句以将用户的全名从Active Directory存储到另一个变量中?有什么想法吗 // verify user and password if($bind = @ldap_bind($ldap, $user . $ldap_usr_do
// verify user and password
if($bind = @ldap_bind($ldap, $user . $ldap_usr_dom, $password)) {
// valid
// check presence in groups
$filter = "(sAMAccountName=" . $user . ")";
$attr = array("memberof");
$result = ldap_search($ldap, $ldap_dn, $filter, $attr) or exit("Unable to search LDAP server");
$entries = ldap_get_entries($ldap, $result);
/* I would like to get and store the user's display name here somehow */
ldap_unbind($ldap);
// check groups
foreach($entries[0]['memberof'] as $grps) {
// is manager, break loop
if (strpos($grps, $ldap_manager_group)) { $access = 2; break; }
// is user
if (strpos($grps, $ldap_user_group)) $access = 1;
}
if ($access != 0) {
// establish session variables
$_SESSION['user'] = $user;
$_SESSION['access'] = $access;
return true;
} else {
// user has no rights
return false;
}
} else {
// invalid name or password
return false;
<?php
function authenticate($user, $password) {
// Active Directory server
$ldap_host = "my FQDC DC";
// Active Directory DN
$ldap_dn = "DC=something,DC=something";
// Active Directory user group
$ldap_user_group = "WebUsers";
// Active Directory manager group
$ldap_manager_group = "WebManagers";
// Domain, for purposes of constructing $user
$ldap_usr_dom = "@mycompany.com";
// connect to active directory
$ldap = ldap_connect($ldap_host);
// verify user and password
if($bind = @ldap_bind($ldap, $user . $ldap_usr_dom, $password)) {
// valid
// check presence in groups
$filter = "(sAMAccountName=" . $user . ")";
$attr = array("memberof","givenname");
$result = ldap_search($ldap, $ldap_dn, $filter, $attr) or exit("Unable to search LDAP server");
$entries = ldap_get_entries($ldap, $result);
$givenname = $entries[0]['givenname'];
ldap_unbind($ldap);
// check groups
foreach($entries[0]['memberof'] as $grps) {
// is manager, break loop
if (strpos($grps, $ldap_manager_group)) { $access = 2; break; }
// is user
if (strpos($grps, $ldap_user_group)) $access = 1;
}
if ($access != 0) {
// establish session variables
$_SESSION['user'] = $user;
$_SESSION['access'] = $access;
$_SESSION['givenname'] = $givenname;
return true;
} else {
// user has no rights
return false;
}
} else {
// invalid name or password
return false;
}
?>
希望这有帮助。当您从ldap读取时,您可以看到字段并将它们映射到某个会话变量
$connect = @ldap_connect(LDAP_ADDRESS);
if (!$connect) return FALSE;
$bind = @ldap_bind($connect);
if (!$bind) return FALSE;
if ($resource = @ldap_search($connect,"dc=<yourdc>,dc=<yourdc>","uid=$user")) {
if (@ldap_count_entries($connect,$resource) == 1) {
if ($entry = @ldap_first_entry($connect,$resource)) {
if ($user_dn = @ldap_get_dn($connect,$entry)) {
if ($link = @ldap_bind($connect,$user_dn,$password)) {
$_SESSION['user'] = $user;
}
}
}
}
}
@ldap_close($connect);
$connect=@ldap\u connect(ldap\u地址);
如果(!$connect)返回FALSE;
$bind=@ldap\u bind($connect);
如果(!$bind)返回FALSE;
如果($resource=@ldap_search($connect,“dc=,dc=,“uid=$user”)){
if(@ldap\u count\u条目($connect,$resource)==1){
if($entry=@ldap\u first\u entry($connect,$resource)){
if($user\u dn=@ldap\u get\u dn($connect,$entry)){
如果($link=@ldap\u bind($connect,$user\u dn,$password)){
$\会话['user']=$user;
}
}
}
}
}
@ldap_close($connect);
$connect = @ldap_connect(LDAP_ADDRESS);
if (!$connect) return FALSE;
$bind = @ldap_bind($connect);
if (!$bind) return FALSE;
if ($resource = @ldap_search($connect,"dc=<yourdc>,dc=<yourdc>","uid=$user")) {
if (@ldap_count_entries($connect,$resource) == 1) {
if ($entry = @ldap_first_entry($connect,$resource)) {
if ($user_dn = @ldap_get_dn($connect,$entry)) {
if ($link = @ldap_bind($connect,$user_dn,$password)) {
$_SESSION['user'] = $user;
}
}
}
}
}
@ldap_close($connect);
$connect=@ldap\u connect(ldap\u地址);
如果(!$connect)返回FALSE;
$bind=@ldap\u bind($connect);
如果(!$bind)返回FALSE;
如果($resource=@ldap_search($connect,“dc=,dc=,“uid=$user”)){
if(@ldap\u count\u条目($connect,$resource)==1){
if($entry=@ldap\u first\u entry($connect,$resource)){
if($user\u dn=@ldap\u get\u dn($connect,$entry)){
如果($link=@ldap\u bind($connect,$user\u dn,$password)){
$\会话['user']=$user;
}
}
}
}
}
@ldap_close($connect);
// verify user and password
if($bind = @ldap_bind($ldap, $user . $ldap_usr_dom, $password)) {
// valid
// check presence in groups
$filter = "(sAMAccountName=" . $user . ")";
$attr = array("memberof","givenname");
$result = ldap_search($ldap, $ldap_dn, $filter, $attr) or exit("Unable to search LDAP server");
$entries = ldap_get_entries($ldap, $result);
$givenname = $entries[0]['givenname'][0];
ldap_unbind($ldap);
// check groups
foreach($entries[0]['memberof'] as $grps) {
// is manager, break loop
if (strpos($grps, $ldap_manager_group)) { $access = 2; break; }
// is user
if (strpos($grps, $ldap_user_group)) $access = 1;
}
if ($access != 0) {
// establish session variables
$_SESSION['user'] = $user;
$_SESSION['access'] = $access;
$_SESSION['givenname'] = $givenname;
return true;
} else {
// user has no rights
return false;
}
} else {
// invalid name or password
return false;
}
// verify user and password
if($bind = @ldap_bind($ldap, $user . $ldap_usr_dom, $password)) {
// valid
// check presence in groups
$filter = "(sAMAccountName=" . $user . ")";
$attr = array("memberof","givenname");
$result = ldap_search($ldap, $ldap_dn, $filter, $attr) or exit("Unable to search LDAP server");
$entries = ldap_get_entries($ldap, $result);
$givenname = $entries[0]['givenname'][0];
ldap_unbind($ldap);
// check groups
foreach($entries[0]['memberof'] as $grps) {
// is manager, break loop
if (strpos($grps, $ldap_manager_group)) { $access = 2; break; }
// is user
if (strpos($grps, $ldap_user_group)) $access = 1;
}
if ($access != 0) {
// establish session variables
$_SESSION['user'] = $user;
$_SESSION['access'] = $access;
$_SESSION['givenname'] = $givenname;
return true;
} else {
// user has no rights
return false;
}
} else {
// invalid name or password
return false;
}
碰撞旧线程。我需要获得给定的名称和姓氏,并将“sn”添加到属性中,并将其添加到会话变量中,以供以后在另一个脚本中引用,如下面所示: 如何在其他脚本中访问会话变量:
$givenname = $_SESSION['givenname'];
$surname = $_SESSION['sn'];
$name = "{$givenname} {$surname}";
// verify user and password
if($bind = @ldap_bind($ldap, $user . $ldap_usr_dom, $password)) {
// valid
// check presence in groups
$filter = "(sAMAccountName=" . $user . ")";
$attr = array("memberof","givenname","sn");
$result = ldap_search($ldap, $ldap_dn, $filter, $attr) or exit("Unable to search LDAP server");
$entries = ldap_get_entries($ldap, $result);
$givenname = $entries[0]['givenname'][0];
$surname = $entries[0]['sn'][0];
ldap_unbind($ldap);
// check groups
foreach($entries[0]['memberof'] as $grps) {
// is manager, break loop
if (strpos($grps, $ldap_manager_group)) { $access = 2; break; }
// is user
if (strpos($grps, $ldap_user_group)) $access = 1;
}
if ($access != 0) {
// establish session variables
$_SESSION['user'] = $user;
$_SESSION['access'] = $access;
$_SESSION['givenname'] = $givenname;
$_SESSION['sn'] = $surname;
return true;
} else {
// user has no rights
return false;
}
} else {
// invalid name or password
return false;
}
碰撞旧线程。我需要获得给定的名称和姓氏,并将“sn”添加到属性中,并将其添加到会话变量中,以供以后在另一个脚本中引用,如下面所示: 如何在其他脚本中访问会话变量:
$givenname = $_SESSION['givenname'];
$surname = $_SESSION['sn'];
$name = "{$givenname} {$surname}";
// verify user and password
if($bind = @ldap_bind($ldap, $user . $ldap_usr_dom, $password)) {
// valid
// check presence in groups
$filter = "(sAMAccountName=" . $user . ")";
$attr = array("memberof","givenname","sn");
$result = ldap_search($ldap, $ldap_dn, $filter, $attr) or exit("Unable to search LDAP server");
$entries = ldap_get_entries($ldap, $result);
$givenname = $entries[0]['givenname'][0];
$surname = $entries[0]['sn'][0];
ldap_unbind($ldap);
// check groups
foreach($entries[0]['memberof'] as $grps) {
// is manager, break loop
if (strpos($grps, $ldap_manager_group)) { $access = 2; break; }
// is user
if (strpos($grps, $ldap_user_group)) $access = 1;
}
if ($access != 0) {
// establish session variables
$_SESSION['user'] = $user;
$_SESSION['access'] = $access;
$_SESSION['givenname'] = $givenname;
$_SESSION['sn'] = $surname;
return true;
} else {
// user has no rights
return false;
}
} else {
// invalid name or password
return false;
}
Alex,我想你在编码上是正确的,但是我发现了一个语法错误,我无法识别问题。知道错误吗?Alex,我认为你在编码上是正确的,但是我发现了一个语法错误,我无法识别问题。知道错误吗?你好Alex,我在结尾缺少了一个括号;对于新手的错误,我感到抱歉。谢谢谢谢你的帮助!你好,亚历克斯,我在结尾处漏了一个括号;很抱歉新手犯了错误。:s谢谢你的帮助!