Do you have a question? Post it now! No Registration Necessary. Now with pictures!
March 24, 2008, 10:56 pm
rate this thread
I have some code here that seems to work well to authenticate to a
W2003 active directory server. The problem I'm having is that some of
our users have distinguished names like so:
1) CN=Nicki Lambert,CN=Users,DC=ad,DC=mydomain,DC=com
and others with distinguished names like so:
The problem I'm having is that users with a distinguished name as in
1) cannot bind using their sam account name.
For example Nicki Lambert's username is NickiL and her email is also
NickiL@mydomain.com. However if I use "NickiL" in the bind string
like so 'firstname.lastname@example.org', the bind fails.
If I use the bind string 'email@example.com' there are no problems.
One solution I guess is to go through the active directory and rename
those users that don't work <ugh>. Can I somehow bind using the sam
account name (username)?
Here is the code I'm using:
$ldaphost = "adserver";
$ds = ldap_connect("LDAPS://".$ldaphost)
or die("Could not connect to $ldaphost");
$username = "bobb";
$upasswd = "secret";
$binddn = $username."@ad.mydomain.com"
$ldapbind = ldap_bind($ds, $binddn, $upasswd);
print "Congratulations! $username is authenticated.\n";
print "Nice try, kid. Better luck next time!\n";
I'm not sure what group to post this in php or active directory.
Sorry if this is the wrong place.