andoman
asked on
How to crate/delete users in Active Directory using php?
I have created a system for administrating users, that is based on mysql, and PHP. I need to conect to AD-and create and delete users, from the webpage? How can I do this.
I have tested out some php examples that connect to AD throug LDAP, and read out data. But i need somethinh that can write back.
Regards
Anders
I have tested out some php examples that connect to AD throug LDAP, and read out data. But i need somethinh that can write back.
Regards
Anders
ASKER
Thanks, the link looks interresting.
But I`m running the AD on a Windows 2003-server. And I want to connect with php running on apache on linux.
So I`m looking for a tool that run commands on a linux-box, that connect to AD and do stuff.
Some other tip?
But I`m running the AD on a Windows 2003-server. And I want to connect with php running on apache on linux.
So I`m looking for a tool that run commands on a linux-box, that connect to AD and do stuff.
Some other tip?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
or you could look at linking linux and ad together.
have a read of the following :
http://technet.microsoft.com/en-us/magazine/2008.12.linux.aspx
have a read of the following :
http://technet.microsoft.com/en-us/magazine/2008.12.linux.aspx
To do what you want, use an LDAP connection:
See this link for a examples and troubleshooting:
http://forums.devshed.com/ldap-programming-76/ldap-addition-of-users-in-php-from-shell-474487.html
See this link for a examples and troubleshooting:
http://forums.devshed.com/ldap-programming-76/ldap-addition-of-users-in-php-from-shell-474487.html
I made some php scripts to create and delete users in AD.
All the info I needed was available on php.net.
Check this site for more info: http://www.php.net/manual/en/ref.ldap.php
The commands you will mostly be interested in are:
ldap_add to create an AD object
ldap_mod_add to add the user to AD groups
ldap_delete to delete an AD object.
ldap_rename and ldap_modify can also be very useful.
Good luck.
All the info I needed was available on php.net.
Check this site for more info: http://www.php.net/manual/en/ref.ldap.php
The commands you will mostly be interested in are:
ldap_add to create an AD object
ldap_mod_add to add the user to AD groups
ldap_delete to delete an AD object.
ldap_rename and ldap_modify can also be very useful.
Good luck.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Managed to do what I wanted with telnet, expect sripts, and PHP.
php, is calling an expectscript with a set of arguments that is pushed to the windows-server via telnet(unsecure, and unencrypted).
Used asadd, and dsrm, thats part of windows command line tool, to modify AD.
IMPORTANT:
Do not use this solution in any unsecure enviorment.!!
It is a much better solution som implement ldap-support.
php, is calling an expectscript with a set of arguments that is pushed to the windows-server via telnet(unsecure, and unencrypted).
Used asadd, and dsrm, thats part of windows command line tool, to modify AD.
IMPORTANT:
Do not use this solution in any unsecure enviorment.!!
It is a much better solution som implement ldap-support.
there are various commandline utils that you can do this with. You didnt mention what version of ad you are running on so this may not be correct, but check out
ds add --> http://technet.microsoft.com/en-us/library/cc731279%28WS.10%29.aspx