Christianvo posted a comment on discussion Help

Hi all -- so this is what I've done /etc/openldap/ldap.conf URI ldap://ldaserver.redacted,com:636 TLS_CACERTDIR /etc/pki/tls/certs TLS_CACERT /etc/pki/tls/certs/ca-bundle.crt TLS_REQCERT allow and when I try to add a user and use LDAP search to check the the username, I get the following error: Invalid credentials 80090308: LdapErr: DSID-0C090510, comment: AcceptSecurityContext error, data 52e, v4563 any ideas ? I can't tell if I'm making any progess or not :(

Christianvo posted a comment on discussion Help

I understand that phpipam application uses adldap. however, when trying to create LDAP authentication method, initial connection test seems ok, but creating user and trying to log into the application using the userid/password constantly errors with the following message. PHP Warning: Undefined array key "use_tls" in /var/www/html/phpipam/functions/classes/class.User.php on line 1035 Any ideas what to look for? I've tried to submit help request in the phpipam support forum, not sure how frequently...

cedriccione posted a comment on discussion Seamless Authentication

Konw it's a 10 years old pos, but i'm looking for this: "Single Sign-On instructions for my Centos 6.2 box and I now have seamless authentication and if I echo the $_SERVER variable, it returns my username so all is good there." in my ubuntu 20.04 apache php server could anybody help me? Thanks. Marco

cedriccione posted a comment on discussion Seamless Authentication

In our envinronment we are going to replace an old win server serving apache/php5 intranet pages with a new ubuntu server with php 7.4. In the old server, with mod_auth_sspi installed, i could get the connected windows user name using $_SERVER[REMOTE_USER], but i can't do it in the ubuntu server. Looking for an alternative im tryng with adLDAP. reading some posts around it looks like it is possible (https://sourceforge.net/p/adldap/discussion/500911/thread/ddc45e9f/#f288) But i canno't find the "Single...

Florian Wilhelm posted a comment on discussion Seamless Authentication

Don't touch the library. Look at the constructor of the class. It allows you to pass all those basic settings while creating a new opbject. $ADsettings1=array(); $ADsettings1["account_suffix"]="@domain1.com"; $ADsettings1["base_dn"]="OU=Users and Workstations,DC=domain1,DC=com"; $ADsettings1["domain_controllers"]=array("dc1","dc2"); $ADsettings1["admin_username"]="ldap_user1"; $ADsettings1["admin_password"]="Password1"; $ADsettings1["use_ssl"]=true; $ADsettings1["ad_port"]=636; try { $ad = new adLDAP($ADsettings1)...

Alexey posted a comment on discussion Seamless Authentication

in our local network now there are two domains (domain1.local , domain2.local) there is trusted between domain ... we use SSO but when partner configured platform it wrotes such parametrs in adLDAP.php (ver 4.0.4) protected $accountSuffix = "@domain1.local"; /** * The base dn for your domain * * If this is set to null then adLDAP will attempt to obtain this automatically from the rootDSE * * @var string */ protected $baseDn = "DC=domain1,DC=local"; /** * Port used to talk to the domain controllers....

Florian Wilhelm modified a comment on discussion Seamless Authentication

I never tried it with seamless but it should be quite simple. You can just try to authenticate against both and continue with the one where the authentication succeeded. A bit nicer solution would be to search for the user in both ADs before, and then authenticate against the AD where you did find the user. That one requires you of cause to have an user to query the AD (in case the anonymous login will not allow you to do this query which is nowerdays default) If you have the domain provided together...

Florian Wilhelm posted a comment on discussion Seamless Authentication

Depends on how you implement it. If you authenticate using a form where PHP verifies the credentials against LDAP it is very simple. You try the credentials you get against both and continue with the one where the authentication succeeded. A bit nicer solution would be to search for the user in both ADs before, and then authenticate against the AD where you did find the user. That one requers you of cause to have an user to query the AD (in case the anonymous login will not allow you to do this query...

Alexey posted a comment on discussion Seamless Authentication

Hello! I am sorry, but I am not a specialist in php and need help for - how I need configure for authentication users from two local domain ?

devnull posted a comment on discussion Open Discussion

I have a long running PHP script (daemon) and it connects to AD to retrieve userinformation like $ad->user()->info(...); This one gives FALSE if user is not found, instead of empty array. So i can't distinguish between an server-error (out DCs sometimes get restarted and are not accessible) and an not found entry. Is it the way it should be or can i check the connection somehow else? In case of connection lost i want to reconnect in my script. THX

<REDACTED> posted a comment on discussion Help

Hello, I installed the adLDAP Framework, which work great but I have an issue with an attribute of the AD. For the "objectsid" attribute, I have special caracters but I can not transform to normal : ["objectsid"]=> array(2) { ["count"]=> int(1) [0]=> string(28) "
�;$^iC Anyone know how to fix that ? NOTE : (My PHP file in also in UTF8 encodage). HOW I GET MY INFORMATIONS : $infos=$adldap->user()->infoCollection($_POST['name], array("*")); echo $infos->objectsid; Thank you ;)

Jasmines posted a comment on discussion Help

Hi all, I've been struggling with adldap to get it work with two online servers free for testing: The first is here: http://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/ Whatever I use as configuration params, I receive an "INVALID DN SYNTAX" error. The second is: http://www.zflexldapadministrator.com/index.php/blog/82-free-online-ldap Whatever I use as configuration params, I receive an "INVALID CREDENTIALS" error. Does anyone want to try and give feedback? Thanks a...

shalini posted a comment on discussion Open Discussion

We are on PHP LDAP version 3. We would like to create a group and assign a never password expiry policy to it. We have come up with below three options. Please suggest which is the most suitable one and also suggest how to implement it. Can we create a new group under exiting OU and assign password non expiry policy to it?If yes, then how? Can we create a sub group 'GroupX' under a existing group 'JazzGroup' and assign password non expiry policy to it?If yes, then how? Can we assign the non expiry...

Mike Shore posted a comment on discussion Help

I need to determine a user's last logon time. As this attribute is not synced like most attributes are, I need to querythe attribute on each DC in our domain and find the most recent value. Below is a section of the non-working code. I seem to be able to connect to each DC, but can not get a value for 'lastlogon'. Any ideas? Is there an easier way to do this? Thanks. $dcList = $ldap->query("OU=Domain Controllers,DC=TEST,DC=CA", "(samaccountname=*)", array("*")); foreach ($dcList as $thisDC) { $dcName...

ganzo modified a comment on discussion Help

resolve

anthony martial posted a comment on discussion Help

Hi, i'm a begginer in php and my tutor company ask me to make a web interface for...

Gavin Cronje modified a comment on discussion Help

Hi I am was wondering if someone could please try and help me with soem code and...

Gavin Cronje posted a comment on discussion Help

Hi I am was wondering if someone could please try and help me with soem code and...

R. Toby Richards posted a comment on discussion Help

We have version 2.1 of adLDAP. Then, years ago, our web developer quit, and we didn't...

Callum Vernon posted a comment on discussion Seamless Authentication

I guess he doesn't want to use Domain Account in the config file if he wants to use...

Callum Vernon posted a comment on discussion Seamless Authentication

So, I'm attempting to set up adLDAP with SSO. $SERVER['RemoteUser'] is being set...

chusoon posted a comment on discussion Help

Dear All: Not sure if any experience below. I got an AD acct, which I can use "AD...

kpable modified a comment on discussion Help

Hi Nalcon/Jesse, This is somewhat related to the question I asked as well Authenticate...

kpable posted a comment on discussion Help

Hi Nalcon/Jesse, This is somewhat related to the question I asked as well (https://sourceforge.net/p/adldap/discussion/358759/thread/f9ef120b/)...

kpable posted a comment on discussion Help

Hi Guys, Our AD server (which I don't hav control over) has been configured so average...

Jesse Gibson modified a comment on discussion Help

Also have the same sort of question. I'd like to query the AD after the login page....

Jesse Gibson posted a comment on discussion Help

Also have the same sort of question. I'd like to query the AD after the login page....

Keith Clark modified a comment on discussion Help

I have installed and configured adLDAP. I have a very small script that simply outputs...

Keith Clark modified a comment on discussion Help

I have installed and configured adLDAP. I have a very small script that simply outputs...

Keith Clark posted a comment on discussion Help

I have installed and configured adLDAP. I have a very small script that simply outputs...

ray posted a comment on discussion Help

Hi to all, i'm using the libry succesfully. Now i need to permit to login users into...

hoang tran posted a comment on discussion Help

hi, can you write out more function about user management such as copy user, reset...

Nalcon posted a comment on discussion Help

Hi people! I have to store password in session for change attributes in other page...

Eric Frihom posted a comment on discussion Help

I hope this could help you - (PHP LDAP get all group members): http://iswwwup.co...

Mark Tagliaferro posted a comment on discussion Open Discussion

The issue has been solved. I was connecting to SAMBA AD. When I connected directly...

Mark Tagliaferro posted a comment on discussion Open Discussion

I am using adLdap to authenticate a web gui via LDAP. I have noticed the following:...

wranger posted a comment on discussion Help

Hi, if you have more than 5000 memebers in one group you need to do a kind of "paging"...

francois martin modified a comment on discussion Open Discussion

you can create user without SSL like this $useSSL = false; $adldap = new adLDAP(array('base_dn'...

francois martin modified a comment on discussion Open Discussion

you can create user without SSL like this $useSSL = false; $adldap = new adLDAP(array('base_dn'...

francois martin posted a comment on discussion Open Discussion

you can create user without SSL like this $useSSL = false; $adldap = new adLDAP(array('base_dn'...

Keith posted a comment on discussion Server Administration

https://github.com/adldap/adLDAP/issues/43

Michael Rodriguez posted a comment on discussion Seamless Authentication

The ‘e’ option for preg_replace has been deprecated as of PHP 5.5.0. To fix the class,...

Michael Rodriguez modified a comment on discussion Server Administration

The ‘e’ option for preg_replace has been deprecated as of PHP 5.5.0. To fix the class,...

Michael Rodriguez posted a comment on discussion Server Administration

The ‘e’ option for preg_replace has been deprecated as of PHP 5.5.0. To fix the class,...

Andrew Martin posted a comment on discussion Seamless Authentication

See https://sourceforge.net/p/adldap/discussion/500911/thread/79f9b142/#26f4 for...

Andrew Martin posted a comment on discussion Seamless Authentication

I was able to resolve this problem and allow users to use basic authentication without...

Andrew Martin posted a comment on discussion Seamless Authentication

Hello, I have successfully configured apache2 + mod_auth_ntlm_winbind + winbind to...

phoniclynx posted a comment on discussion Seamless Authentication

This issue is because you have not set the username and password for the Domain Admin...

Jon Heaton posted a comment on discussion Help

You need to add it to if (isset($attributes["employee_id"])){ $mod["employeeID"][0]=$attributes["employee_id"];...

Sherwin Gaddis posted a comment on discussion Help

I am trying to figure out a way to search AD by the CN. $otherInfo = $adldap->user()->infoCollection("My...

Felix posted a comment on discussion Help

Hi, Thank you for your reply. I changed the paramters, but it still throws the same...

Felix modified a comment on discussion Help

-Double Post-

Felix modified a comment on discussion Help

-Double Post-

Felix posted a comment on discussion Help

Hi, Thank you for your reply. I changed the parameters, but it still throws the same...

Felix posted a comment on discussion Help

Hi, Thank you for your reply. I changed the paramters, but it still throws the same...

mark posted a comment on discussion Help

Hi, I think the problem is the infocollection function requires 2 parameters not...

Felix modified a comment on discussion Help

Hello everybody, I have a Problem with the infoCollection function. If I want to...

Felix posted a comment on discussion Help

Hello everybody, I have a Problem with the infoCollection function. If I want to...

Stefan Schäfer posted a comment on discussion Open Discussion

Hi, at first thanks for adLDAP, it saves a lot of time for us. Instead of doing this...

dmcconnell posted a comment on discussion Help

Hi, I have the authentication script below. It seems that when I use inGroup, it's...

Alvin modified a comment on discussion Open Discussion

Where do i find the Version Compatibility of the AD Server and its Domain/Forest...

Alvin posted a comment on discussion Open Discussion

Where do i find the Version Compatibility of the AD Server Versions, please? Not...

WaltZie posted a comment on discussion Open Discussion

Hi, why does not change the all attributes check from: if (($attributes["address_city"])){...

mark posted a comment on discussion Help

I am trying to modify the fields employeeID and employeeNumber. I have added the...

Stuart Ian Naylor posted a comment on discussion Open Discussion

Is it possible to splice this php class and use it as a connector for phpLDAPadmin...

PADL modified a comment on discussion Help

PADL posted a comment on discussion Help

Hello, I'm new to PHP and I just started a project. I'm using CodeIgniter with adLDAP...

Dave Linderman posted a comment on discussion Help

Hello all- Been using adLDAP for a while now and love it, but encountered a issue...

Robert Andresen posted a comment on discussion Help

I use this to set the value on existing users: $attributes = array( "expires"=>$unix2wintime...

nemase posted a comment on discussion Seamless Authentication

Hi, I'm trying to connect to an Active Directory Server (windows 2008 server) from...

Stefan posted a comment on discussion Open Discussion

I just tested this and it doesn't work for me.

Stefan modified a comment on discussion Help

Is it possible to display only the distribution groups and exclude the security groups...

Stefan modified a comment on discussion Help

Is it possible to display only the distribution groups and exclude the security groups...

Stefan modified a comment on discussion Help

Is it possible to display only the distribution groups and exclude the security groups...

Stefan posted a comment on discussion Help

Is it possible to display only the distribution groups and exclude the security groups...

David Lefkon posted a comment on discussion Help

I had a similar result as Josh, only a mail user was created. I added the following...

ztec posted a comment on discussion Open Discussion

Oki, I'll do ;-)

Richard posted a comment on discussion Open Discussion

You should also fork your own library rather than splitting the source into incompatible...

Richard posted a comment on discussion Open Discussion

Last commit to SVN was august 2012. I'm in the process of migrating the library to...

ztec posted a comment on discussion Open Discussion

Hello all, Do you think the project is dead ? I think so, last commit on trunk was...

Vittore Zen posted a comment on discussion Help

Now PHP support paged results: http://fr2.php.net/manual/en/function.ldap-contro...

Sebastián Treu modified a comment on discussion Help

I have modified some sources from adLDAP. I've created a simply paginated_search(),...

Sebastián Treu posted a comment on discussion Help

I have modified some sources from adLDAP. I've created a simply paginated_search(),...

John posted a comment on discussion Open Discussion

Does this library catch active directory bind errors? I couldn't seem to get them...