Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Connecting flex/php to Active Directory

Is there a way to connect my flex web application to Active Directory, and get the logged username?

Right now we have a PHP script connected to the flex application, that gets user/pass input from the user and checks if there's such user in the AD, and that the password is correct.
I don't want to ask for user/pass, but to make the application get the domain username that connected to it, so I could use it (check if the user has access to my application and such).

Is there a way to do so?

like image 887
modz0r Avatar asked May 13 '10 10:05

modz0r


1 Answers

<?php

// using ldap bind
$ldaprdn  = 'uname';     // ldap rdn or dn
$ldappass = 'password';  // associated password

// connect to ldap server
$ldapconn = ldap_connect("ldap.example.com")
    or die("Could not connect to LDAP server.");

if ($ldapconn) {

    // binding to ldap server
    $ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);

    // verify binding
    if ($ldapbind) {
        echo "LDAP bind successful...";
    } else {
        echo "LDAP bind failed...";
    }

}

?>

When your application is launched, you need to access the LDAP with the windows login credentials.

`AUTH_USER` request variable is the one which you have to check. 
  This will hold your Windows login username and AUTH_USER will be 
  MYDOMAINNAME\user.name

The username/password I need for this, is that admin credentials, or any user on the system?

You can get the username alone, not the password... when the user logs into his window's machine, we can check his credentials using Environment.username in C# and in PHP we can use AUTH_USER to verify the user logged in is valid.

Plus, do you know where can I find a list of variables (like auth_user) of which information can I get?

http://in3.php.net/manual/en/ref.ldap.php

You can get a lot of information from the above link.

like image 106
Thalaivar Avatar answered Sep 30 '22 10:09

Thalaivar