doufangyan6862 2018-06-20 10:11
浏览 284
已采纳

PHP - 使用sAMAccountName通过简单绑定连接到LDAP

I'm trying to connect to LDAP that uses simple bind through PHP 7.2.

I used LDAP Admin desktop app to check my settings and everything works. The app uses my sAMAccountName in form of name.surname and password to log me in. I would like to achieve the same thing through PHP but the only way I managed to get a successful login was below:

$ldap_user   = "CN=Name Surname,OU=Users,OU=Sample,DC=sample,DC=othersample";
$ldap_pass   = "myPassword";

$c = ldap_connect("ldap://x.x.x.x", 389);
ldap_set_option($c, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($c, LDAP_ESCAPE_DN, 1);

ldap_bind($c, $ldap_user, $ldap_pass);

However, my goal is to have $ldap_user to be just the name.surname, the same way the app uses it.

Is there a way to achieve that?

  • 写回答

1条回答 默认 最新

  • donglin6313 2018-06-21 13:43
    关注

    You will need to do a 3-step approach:

    1. Bind to the directory with a known user
    2. Search the directory for the entry with sAMAccountName "name.surname" and retrieve the DN for that entry
    3. Bind to the directory again now with the just retrieved DN and the user-provided Password.

    Have a look for an example at https://gist.github.com/heiglandreas/5689592

    When you are binding to an ActiveDirectory you might also be able to use the sAMAccountName directly when prefixed with the ADs domain like this: DOMAIN\sAMAccountName

    Hope that helps

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 对于知识的学以致用的解释
  • ¥50 三种调度算法报错 有实例
  • ¥15 关于#python#的问题,请各位专家解答!
  • ¥200 询问:python实现大地主题正反算的程序设计,有偿
  • ¥15 smptlib使用465端口发送邮件失败
  • ¥200 总是报错,能帮助用python实现程序实现高斯正反算吗?有偿
  • ¥15 对于squad数据集的基于bert模型的微调
  • ¥15 为什么我运行这个网络会出现以下报错?CRNN神经网络
  • ¥20 steam下载游戏占用内存
  • ¥15 CST保存项目时失败