If you use Active Directory (Active Directory) instead of creating an account in a database table, you can use an account from the original Windows network.
LDAP, a Lightweight Directory Access Protocol (PROTOCOL), is a protocol used to access directory servers (DS, directory server) such as Microsoft's Active Directory (Lightweight directory). PHP supports LDAP by default.
The following is a PHP program that uses LDAP for user authentication. In Microsoft's Active Directory, the user's unique identity is "sAMAccountName", and some DS are "UID". The method is:
1. Connect the LDAP Server with the DN of a privileged account (such as cn=user_name,ou=web,dc=ideawu,dc=com).
2. Query its DN according to the name of the logged-on user.
3. Connect LDAP Server with this DN. If the connection is logged on successfully.
Attention! Microsoft's Active Directory server can use empty account connection success (set up the problem?)!
$userid = $_post[' userid '];
$user _password = $_post[' password '];
if ($userid && $user _password) {
Config
$ldap _server = "ideawu.com";
$ldap _admin = "user_name";
$ldap _password = "xxx";
$base _CN = "ou=web,dc=ideawu,dc=com";
$conn = Ldap_connect ($ldap _server);
if (! $conn) {
Die ("<br>connection LDAP Server Error");
}
$bind = Ldap_bind ($conn, $ldap _admin, $ldap _password);
if (! $bind) {
Die ("<br>bind LDAP Server Error");
}
$filter = ' samaccountname= '. $userid;
$attributes = Array (' mail ');
$result = Ldap_search ($conn, $base _dn, $filter, $attributes);
$info = Ldap_get_entries ($conn, $result);
if (! $result) {
Die ("<br>search failed");
}
if ($info ["Count"]!= 0) {
$user _dn = $info [0]["dn]";
Unset ($bind 2);
$bind 2 = @ldap_bind ($conn, $user _dn, $user _password);
if ($bind 2) {
Login done. Set session
}
}
Ldap_close ($conn);
}
</
