Authentication through Active Directory?

D

Dmitry2018-08-06 07:47:55

Active Directory

Dmitry, 2018-08-06 07:47:55

Hello. Such a question:
I use laravel 5.6 with the adLDAP package (at the moment I enter the login and password in the form, then when the button is pressed, it checks for the presence of an entry in the Active Directory and if such an entry exists, I log in) I
use Internet Explorer and when I display $ _SERVER I have filled the REMOTE_USER parameter, how can I do authentication without entering a password, just at the entrance to take REMOTE_USER and send it to AD ???

<?php
$domain = '###_##01.####.###-##.##';
$port = 389;
$ad = ldap_connect($domain, $port) or die('Could not connect to LDAP server.');
ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ad, LDAP_OPT_REFERRALS, 0);
if($ad){
      $user = "#########";
      $filter = "(sAMAccountName=$user)";
      $dn = 'dc=####,dc=###-##,dc=##';
      $attr = array('givenName', 'sn');
      $result = ldap_search($ad, $dn, $filter, $attr) or exit('Unable to search LDAP server');
}
?>

Error:
Warning: ldap_search(): Search: Can't contact LDAP server in C:\inetpub\wwwroot\####\##_######\public\ldap.php on line 17
Unable to search LDAP server
What is wrong?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Andrej Gessel, 2018-08-06
@andiges

I have not tried to connect to LDAP from PHP yet, but I think that ldap_bind is missing after ldap_connect:
php.net/manual/en/function.ldap-bind.php

V

vlad0816, 2018-08-07
@vlad0816

Authentication in general is not difficult to set up, but to forward the ldap request, delegation is required. Example for kerberos authentication + request to ldap:
va0816.blogspot.com/2014/11/ldap-kerberos-apache-p...