Solved

using PHP to Authenticate against Active Directory

Posted on 2011-09-14
4
298 Views
Last Modified: 2012-05-12
Is there a way to Authenticate users using a remote Active Directory.   PHP is installed on our servers (Unix) and we don't have a LDAP server.  Active Directory is on a remote server and of course they are using Windows OS.

Can I authenticate to a remote Active Directory without having a LDAP server installed on my end.

If it can be done, please point me to the right direction/example...
0
Comment
Question by:melvint91
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 6

Assisted Solution

by:yjchong514
yjchong514 earned 150 total points
ID: 36535930
Importing a whole library seems inefficient when all you need is essentially two lines of code...

$ldap = ldap_connect("ldap.example.com")
if($bind = ldap_bind($ldap, $_POST['username'], $_POST['password'])) {  
 // log them in!
} else {  
// error message
}  
0
 
LVL 11

Accepted Solution

by:
Amar Bardoliwala earned 200 total points
ID: 36537191
0
 
LVL 7

Assisted Solution

by:boon86
boon86 earned 150 total points
ID: 36537206
Hi,

check this: http://adldap.sourceforge.net/

adLDAP is a PHP class that provides LDAP authentication and integration with Active Directory.

Intelligent Active Directory integration with PHP was a holy grail for most intranet developers for a long time. This project is really to help others with getting over the same hurdles that we've experienced in getting the whole LDAP SSL Active Directory puzzle working natively on Linux.

Given the varied nature of organisations and sites, adLDAP may not be _your_ complete solution, but it should be a very sound starting point. LDAP isn't overly friendly on first glance, and it's a steep learning curve made alot worse when coupled with Microsoft's seemingly unending army of gotcha's.

The information you can retrieve from Active Directory is as useful as you make it. If you don't fill out all their account information there's not really going to be much to query.

Documentation goes here: http://adldap.sourceforge.net/wiki/doku.php?id=documentation
download goes here: http://adldap.sourceforge.net/download.php

hope it help and suite your need.

Good luck
0
 

Author Closing Comment

by:melvint91
ID: 36812670
I had to still do alot of research from the information provided
0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
The viewer will learn how to count occurrences of each item in an array.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question