I found this on the php site after some searching. I haven't been able to test it yet since the PHP guy works nights: http://us2.php.net/manual/en/ref.ldap.php If anyone else has tried this, or could the original author (Jon) comment please? Thanks! Chris jon dot caplinger at broadwing dot com 08-Nov-2002 10:44 Here is an example of searching active directory in w2k. Active directory requires a user account that has permissions to search the tree. /* The following values are used for the example: 1. Domain = microsoft.com 2. Server = unstable 3. User = bgates 4. Password = iloveopensource */ // Get name value to search for from submitted form. if (isset($HTTP_GET_VARS["name"])) { $name = $HTTP_GET_VARS["name"]; } $ldap_server = "ldap://unstable.microsoft.com";; $auth_user = "bgates@xxxxxxxxxxxxx"; $auth_pass = "iloveopensource"; // Set the base dn to search the entire microsoft.com directory. $base_dn = "DC=microsoft, DC=com"; /* filter the search for all people in the microsoft.com tree that have a name that matches any one of the following attributes name, displayname, or cn. */ $filter = "(&(objectClass=user)(objectCategory=person) (|(name=$name*)(displayname=$name*)(cn=$name*)))"; // connect to server if (!($connect=@ldap_connect($ldap))) { die("Could not connect to ldap server"); } // bind to server if (!($bind=@ldap_bind($connect, $auth_user, $auth_pass))) { die("Unable to bind to server"); } // search active directory if (!($search=@ldap_search($connect, $base_dn, $filter))) { die("Unable to search ldap server"); } $number_returned = ldap_count_entries($connect,$search); $info = ldap_get_entries($connect, $search); echo "The number of entries returned is ". $number_returned; for ($i=0; $i<$info["count"]; $i++) { echo "Name is: ". $info[$i]["name"]; echo "Display name is: ". $info[$i]["displayname"][0]; echo "Email is: ". $info[$i]["mail"][0]; echo "Telephone number is: ". $info[$i]["telephonenumber"][0]; } -----Original Message----- From: Michael Gallant [mailto:mgallant@xxxxxxxxx] Sent: Friday, November 12, 2004 3:10 PM To: php-general@xxxxxxxxxxxxx Subject: Re: PHP / LDAP with Windows logon I am interested if anyone has ever determined a way to do this or if it is technically impossible. To my knowledge, I don't know of any way to do that from a non-windows server. On Fri, 12 Nov 2004 08:40:03 -0500, christopher.wood@xxxxxxx <christopher.wood@xxxxxxx> wrote: > Hello, I have an issue with a PHP interface. We have many engineering users > who will be using a request ticket system developed in PHP here. We don't > know in advance who will be using the system and there may be new people in > all the time. Currently I have to create a login for each person who needs > to use the system, so I have to get a request for a login, create the login, > and fill in their contact information. Since we work with engineers on a > 12-15 hour time difference, it might take a whole day or more to get the > login id request filled before they can open a ticket. Plus there's the > whole inconvenience of having to login to another website. The site is > inside our secure intranet, so we don't really need a double layer of > security. > > Since we normally logon to a Windows network, what I would like to do is to > detect the user's windows login id when he accesses the PHP page, and > automatically reference his contact information from the windows LDAP > server, so the user can be authenticated by his current windows login > information, and not have to enter a separate login on the request page. Is > this possible, and what is an easy way to do this? > > Thanks! > > Chris > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
