1

I am brand new to working with LDAP and have been doing dome research about working with PHP and LDAP. It also is a little overwhelming to understand, although what I want to do isn't very complicated so I think with some guidance I can make it happen. What I want to know how to do is to just find the current computer's unique username or key which was logged in via LDAP. Each user has their own computer which is logged in. If I can just echo the value of the current logged in computer's username, I can figure everything else I need to no problem. Could someone provide me with some guidance with creating a simple connection to extract the username. I would think this would be session value.

Thanks for any help!!

Professor Abronsius
  • 33,063
  • 5
  • 32
  • 46
Brady Edgar
  • 486
  • 7
  • 27

1 Answers1

0

Not sure that php alone can access the current computer data. A company may use its directory as centralized location for all access credentials. With php you can:

<?php
function authorizeUserWithLdap($user,$pass){

    $ldaphost = "ldap.yourldaphost.com";
    $ldapport = 389; //default ldap port

    //establish connection to ldap
    $connect = ldap_connect($ldaphost,$ldapport);

    if(!$connect){

        return "Error connecting to LDAP";

    }else{

        //if successfully connected try to bind with the $user, $pass credentials
        if(ldap_bind($connection,$user,$pass){

            //If able to bind with user, start session and return message
            session_start();
            $_SESSION['user'] = $user;
            $_SESSION['status'] = 'logged in';

            return "Successfully Authorized"

        }else{

            return "wrong user or pass" ;

        }
    }
}
echo authorizeUserWithLdap("User","Pass");
?>

This is the basics. Now a user on the Active Directory can login to your application using their same user and pass they login to their computer with. There are a few more lines that go into enforcing the version of LDAP and a secured connection. Also after successfully binding you may want to grab some of the users data with ldap_search() and store it in the $_SESSION variable such as the users real name, account permissions etc.

DOfficial
  • 485
  • 6
  • 20