douding7189 2014-02-11 09:48
浏览 84
已采纳

PHP,Active Directory,用户帐户控制

First of appologies if this should be on server-fault, but it's to do with PHP as well, so I thought this the best site for it.

I'm creating a few methods to integrate our intranet with Active Directory. One of the methods will automatically search our database for new users, and create user accounts in AD if new users are found.

Likewise, if a user is marked as left in the database, it will automatically disable the account in active directory.

I've been looking at the attributes passed from active directory, and in particular the User Account Control field.

On the microsoft website it states this under its list of attributes:

The following table lists possible flags that you can assign. You cannot set some 
of the values on a user or computer object because these values can be set or 
reset only by the directory service. The flags are cumulative. To disable a 
user's account, set the UserAccountControl attribute to 0x0202 (0x002 + 0x0200). In 
decimal, this is 514 (2 + 512).

Question My question is, if we use the example above, to mark a record as a user (512) and disabled (2), this ultimately makes the field value returned by AD as 514.

In PHP, how can I extract what flags have been marked on the record? For example, If given 514, how can I use PHP to work out that its a normal user account, and also disabled (2 and 512)?

For example split the following:

Flag    | Splits into      | Flag Meaning
--------+------------------+---------------------------------------------------------
514     | 512 + 2          | Normal User Account + Disabled
522     | 512 + 2 + 8      | Normal User Account + Disabled + Home Directory Required
8389120 | 8388608 + 512    | Password Expired + Normal User Account

I hope you can understand my question, but feel free to ask for confirmation or more details.

Many thanks

  • 写回答

4条回答 默认 最新

  • douganbi7686 2015-10-07 18:51
    关注

    Came upon the same situation today and it is more concise with:

    $flag_to_find = 530;
    $flags = array();
    for ($i=0; $i<=26; $i++){
      if ($flag_to_find & (1 << $i)){
        array_push($flags, 1 << $i);
      }  
    }
    print_r($flags);
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥15 宇视监控服务器无法登录
  • ¥15 PADS Logic 原理图
  • ¥15 PADS Logic 图标
  • ¥15 电脑和power bi环境都是英文如何将日期层次结构转换成英文
  • ¥20 气象站点数据求取中~
  • ¥15 如何获取APP内弹出的网址链接
  • ¥15 wifi 图标不见了 不知道怎么办 上不了网 变成小地球了
  • ¥50 STM32单片机传感器读取错误
  • ¥50 power BI 从Mysql服务器导入数据,但连接进去后显示表无数据
  • ¥15 (关键词-阻抗匹配,HFSS,RFID标签天线)