doufangyan6862 2018-06-20 10:11
浏览 284
已采纳

PHP - 使用sAMAccountName通过简单绑定连接到LDAP

I'm trying to connect to LDAP that uses simple bind through PHP 7.2.

I used LDAP Admin desktop app to check my settings and everything works. The app uses my sAMAccountName in form of name.surname and password to log me in. I would like to achieve the same thing through PHP but the only way I managed to get a successful login was below:

$ldap_user   = "CN=Name Surname,OU=Users,OU=Sample,DC=sample,DC=othersample";
$ldap_pass   = "myPassword";

$c = ldap_connect("ldap://x.x.x.x", 389);
ldap_set_option($c, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($c, LDAP_ESCAPE_DN, 1);

ldap_bind($c, $ldap_user, $ldap_pass);

However, my goal is to have $ldap_user to be just the name.surname, the same way the app uses it.

Is there a way to achieve that?

  • 写回答

1条回答 默认 最新

  • donglin6313 2018-06-21 13:43
    关注

    You will need to do a 3-step approach:

    1. Bind to the directory with a known user
    2. Search the directory for the entry with sAMAccountName "name.surname" and retrieve the DN for that entry
    3. Bind to the directory again now with the just retrieved DN and the user-provided Password.

    Have a look for an example at https://gist.github.com/heiglandreas/5689592

    When you are binding to an ActiveDirectory you might also be able to use the sAMAccountName directly when prefixed with the ADs domain like this: DOMAIN\sAMAccountName

    Hope that helps

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥100 如何用js写一个游戏云存档
  • ¥15 ansys fluent计算闪退
  • ¥15 有关wireshark抓包的问题
  • ¥15 需要写计算过程,不要写代码,求解答,数据都在图上
  • ¥15 向数据表用newid方式插入GUID问题
  • ¥15 multisim电路设计
  • ¥20 用keil,写代码解决两个问题,用库函数
  • ¥50 ID中开关量采样信号通道、以及程序流程的设计
  • ¥15 U-Mamba/nnunetv2固定随机数种子
  • ¥30 C++行情软件的tick数据如何高效的合成K线