doufangyan6862 2018-06-20 10:11
浏览 284
已采纳

PHP - 使用sAMAccountName通过简单绑定连接到LDAP

I'm trying to connect to LDAP that uses simple bind through PHP 7.2.

I used LDAP Admin desktop app to check my settings and everything works. The app uses my sAMAccountName in form of name.surname and password to log me in. I would like to achieve the same thing through PHP but the only way I managed to get a successful login was below:

$ldap_user   = "CN=Name Surname,OU=Users,OU=Sample,DC=sample,DC=othersample";
$ldap_pass   = "myPassword";

$c = ldap_connect("ldap://x.x.x.x", 389);
ldap_set_option($c, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($c, LDAP_ESCAPE_DN, 1);

ldap_bind($c, $ldap_user, $ldap_pass);

However, my goal is to have $ldap_user to be just the name.surname, the same way the app uses it.

Is there a way to achieve that?

  • 写回答

1条回答 默认 最新

  • donglin6313 2018-06-21 13:43
    关注

    You will need to do a 3-step approach:

    1. Bind to the directory with a known user
    2. Search the directory for the entry with sAMAccountName "name.surname" and retrieve the DN for that entry
    3. Bind to the directory again now with the just retrieved DN and the user-provided Password.

    Have a look for an example at https://gist.github.com/heiglandreas/5689592

    When you are binding to an ActiveDirectory you might also be able to use the sAMAccountName directly when prefixed with the ADs domain like this: DOMAIN\sAMAccountName

    Hope that helps

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 metadata提取的PDF元数据,如何转换为一个Excel
  • ¥15 关于arduino编程toCharArray()函数的使用
  • ¥100 vc++混合CEF采用CLR方式编译报错
  • ¥15 coze 的插件输入飞书多维表格 app_token 后一直显示错误,如何解决?
  • ¥15 vite+vue3+plyr播放本地public文件夹下视频无法加载
  • ¥15 c#逐行读取txt文本,但是每一行里面数据之间空格数量不同
  • ¥50 如何openEuler 22.03上安装配置drbd
  • ¥20 ING91680C BLE5.3 芯片怎么实现串口收发数据
  • ¥15 无线连接树莓派,无法执行update,如何解决?(相关搜索:软件下载)
  • ¥15 Windows11, backspace, enter, space键失灵