Welcome Guest, Not a member yet? Register   Sign In
New LDAP Library!
#11

[eluser]ray73864[/eluser]
username isn't sent to the server, which is what makes it difficult, but even if it was, in a multi-domain environment you would still have to work out which domain they are viewing the page from.
#12

[eluser]Milos Dakic[/eluser]
Hopefully someone has made something that recognises the user on the server. This would be a very cool thing to have in a very large business. But for now I think having AD and CodeIgniter in one is a good start.
#13

[eluser]Iverson[/eluser]
[quote author="ray73864" date="1226898446"]username isn't sent to the server, which is what makes it difficult, but even if it was, in a multi-domain environment you would still have to work out which domain they are viewing the page from.[/quote]

You can get a username. The problem is that I can't figure out how to get the $auth var without sending the headers (see code below). So far I can get definitely get the username from this code. I'm posting my code in hopes of getting more eyes on this. This is definitely needed in the PHP community so I'm trying to focus most of my spare time in solving this

:coolsmirk:
Code:
<?php
$headers = apache_request_headers();

if (!isset($headers['Authorization']))
{
    header('HTTP/1.1 401 Unauthorized');
    header('WWW-Authenticate: NTLM');
    exit;
}

$auth = $headers['Authorization'];

if (substr($auth,0,5) == 'NTLM ')
{
    $msg = base64_decode(substr($auth, 5));
    if (substr($msg, 0, 8) != "NTLMSSP\x00")
    {
        die('error header not recognised');
    }
    if ($msg[8] == "\x01")
    {
        $msg2 = "NTLMSSP\x00\x02"."\x00\x00\x00\x00". // target name len/alloc
        "\x00\x00\x00\x00". // target name offset
        "\x01\x02\x81\x01". // flags
        "\x00\x00\x00\x00\x00\x00\x00\x00". // challenge
        "\x00\x00\x00\x00\x00\x00\x00\x00". // context
        "\x00\x00\x00\x00\x30\x00\x00\x00"; // target info len/alloc/offset

        header('HTTP/1.1 401 Unauthorized');
        header('WWW-Authenticate: NTLM '.trim(base64_encode($msg2)));
        exit;
    }
    else if ($msg[8] == "\x03")
    {
        function get_msg_str($msg, $start, $unicode = true)
        {
            $len = (ord($msg[$start+1]) * 256) + ord($msg[$start]);
            $off = (ord($msg[$start+5]) * 256) + ord($msg[$start+4]);
            if ($unicode)
            {
                return str_replace("\0", '', substr($msg, $off, $len));
            }
            else
            {
                return substr($msg, $off, $len);
            }
            $user = get_msg_str($msg, 36);
            $domain = get_msg_str($msg, 28);
            $workstation = get_msg_str($msg, 44);

            $array['user'] = $user;
            $array['domain'] = $domain;
            $array['workstation'] = $workstation;
        }
    }
}
?>
#14

[eluser]Unknown[/eluser]
I merely copied the Ldap.php file into the libraries folder, but I after a page reload I recieved the following message.
Quote:Severity: Notice
Message: Undefined index:
Filename: libraries/Ldap.php
Line Number: 1001

Line 1001 is the return of the following function.
Code:
function random_controller()
{
    //select a random domain controller
    mt_srand(doubleval(microtime()) * 100000000); // for older php versions
    return ($this->_domain_controllers[array_rand($this->_domain_controllers)]);
}

Did I miss something?
#15

[eluser]jbawarren[/eluser]
[quote author="traveler" date="1228160724"]I merely copied the Ldap.php file into the libraries folder, but I after a page reload I recieved the following message.
Quote:Severity: Notice
Message: Undefined index:
Filename: libraries/Ldap.php
Line Number: 1001
[/quote]

I get the same error.
#16

[eluser]Iverson[/eluser]
The example I provided in the user guide shows that you have to specify domain controllers. I would expect you to get an error if you didn't tell the lib what domain controllers to use.

Code:
// The constant "LDAP_SERVER1" has been defined in config/constants.php
// define ('LDAP_SERVER1', 'www.example.com');
// define ('LDAP_SERVER2', 'ww2.example.com');

$this->ldap->_domain_controllers = array(LDAP_SERVER1, LDAP_SERVER2);
if($this->ldap->authenticate($username,$password))
{
     echo '<pre>' .print_r($this->ldap->user_info($username), TRUE) . '</pre>';
}
#17

[eluser]Iverson[/eluser]
On another note, I think using CI and enjoying it's "plug & play" mentality, too many times we don't read through documentation and just expect stuff to work. I just saw a post that asked if there was a CI function to use to get the number of items in an array. C'mon guys. Let's not let CI spoil us to the point where we forget to declare variables and forget functions that come built in with PHP.
#18

[eluser]sidog[/eluser]
I get the same error:

Code:
A PHP Error was encountered

Severity: Notice

Message: Undefined index:

Filename: libraries/Ldap.php

Line Number: 1001

Fatal error: Call to undefined function ldap_connect() in /var/www/html/ci/application/libraries/Ldap.php on line 130

Here is what I have in the constants.php:
define ('LDAP_SERVER1', 'our-ad.ad.ppeservices.com');


I'm running CI 1.7. Has this been an issue?

Also, the note below in the example could be worded better:

// The constant "LDAP_SERVER1" has been defined in config/constants.php
it has? Who did it for me? You mean, "must be defined" and not "has been defined".
#19

[eluser]Iverson[/eluser]
[quote author="sidog" date="1231897523"]I get the same error:

Here is what I have in the constants.php:
define ('LDAP_SERVER1', 'our-ad.ad.ppeservices.com');

I'm running CI 1.7. Has this been an issue?

Also, the note below in the example could be worded better:

// The constant "LDAP_SERVER1" has been defined in config/constants.php
it has? Who did it for me? You mean, "must be defined" and not "has been defined".[/quote]

I'm also running CI 1.7. There is a certain level of competency expect when members post code. At least there is for me. If some doesn't understand certain PHP concepts, then that's where they need to start instead of trying to jump headfirst into CI. I would ASSUME that you the programmer would know that when I said that the Ldap server has been defined that I didn't magically predict what ldap server you were going to use this helper with and define it in YOUR constants.php file (that I don't have access to). If we're being technical, saying "must be defined" would also be incorrect because that constant doesn't HAVE to be defined in constants.php. It can be defined where you want to successfully define it.

I've never seen a domain in that format so I have no idea why you're getting that error. As far as the last error, have you actually installed the php5-ldap module? Use phpinfo() to find out. Guess I should have mentioned that too. Don't know what OS (or should I say Operating System) you're running, but in the Windows environment, that error can be caused by old DLLs after all other settings are tuned the right way.

http://www.incredium.com/php-ldap-connect-error
#20

[eluser]sidog[/eluser]
Hey Iverson,

Glad you didn't take my suggestion for a more grammatically correct example comment too hard. There are probably people that would have feelings of hurt and anger if someone pointed out that their English language skills may not be as strong as their PHP language skills.

At any rate, I will use your suggestions and links and try to work out a fix. Thank you


P.S. Sorry, I'm just very frustrated with this ldap stuff. I'm very grateful that you took the time to release and support such a badly needed library.




Theme © iAndrew 2016 - Forum software by © MyBB