Getting Logged on Users Email | NTLM/Apache/PHP

Posted on 2011-05-05
Last Modified: 2012-05-11
I'm using the script below to get the logged on users details in apache. It works a treat.

I was curious as to whether it was possible to get the logged on users email address from this as well?

What other info can I pull? First name and last name?

$headers = apache_request_headers();

if (!isset($headers['Authorization'])){
        header('HTTP/1.1 401 Unauthorized');
        header('WWW-Authenticate: NTLM');

$auth = $headers['Authorization'];

if (substr($auth,0,5) == 'NTLM ') {
        $msg = base64_decode(substr($auth, 5));
        if (substr($msg, 0, 8) != "NTLMSSP\x00")
                die('error header not recognised');

        if ($msg[8] == "\x01") {
                $msg2 = "NTLMSSP\x00\x02"."\x00\x00\x00\x00". // target name len/alloc
                        "\x00\x00\x00\x00". // target name offset
                        "\x01\x02\x81\x01". // flags
                        "\x00\x00\x00\x00\x00\x00\x00\x00". // challenge
                        "\x00\x00\x00\x00\x00\x00\x00\x00". // context
                        "\x00\x00\x00\x00\x30\x00\x00\x00"; // target info len/alloc/offset

                header('HTTP/1.1 401 Unauthorized');
                header('WWW-Authenticate: NTLM '.trim(base64_encode($msg2)));
        else if ($msg[8] == "\x03") {
                function get_msg_str($msg, $start, $unicode = true) {
                        $len = (ord($msg[$start+1]) * 256) + ord($msg[$start]);
                        $off = (ord($msg[$start+5]) * 256) + ord($msg[$start+4]);
                        if ($unicode)
                                return str_replace("\0", '', substr($msg, $off, $len));
                                return substr($msg, $off, $len);
                $user = get_msg_str($msg, 36);
                $domain = get_msg_str($msg, 28);
                $workstation = get_msg_str($msg, 44);

                print "You are $user from $workstation.$domain";

Open in new window

Question by:jaxstorm
    LVL 37

    Accepted Solution

    See here: - look for 'Type 3 Message' - looks if there is no email address there, sorry.
    LVL 107

    Expert Comment

    by:Ray Paseur
    Why not just ask your users to provide the email address they want you to use?  That would seem easy and it would comply with the laws about spam since they could have the option to say, "No Email."
    LVL 8

    Author Closing Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Set up iPhone and iPad email signatures to always send in high-quality HTML with this step-by step guide.
    "Migrate" an SMTP relay receive connector to a new server using info from an old server.
    Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
    The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now