ldap

Enumerate all users in LDAP with PHP

I'd like to create a php script that runs as a daily cron. What I'd like to do is enumerate through all users within an Active Directory, extract certain fields from each entry, and use this information to update fields within a MySQL database. Basically what I want to to do is sync up certain user information between Active Directory a...

Seamless SSO authenticating against Active Directory

I have a webpage that I only want a specific group to log into. I work at a college and we use Active Directory accounts and only a certain group can access this php page (on apache server). I know I can restrict access with some PHP code, but I want to accomplish seamless login. Everyone uses IE7 at work (which are configured to pass...

Does LDAP provide a token after binding, so I don't have to send credentials every time?

I have a web application (PHP, but doesn't matter). It uses LDAP for authentication (already working), and it allows users to search LDAP (already working). But when searching, I use a generic process account to bind() and then run the search(). What I would like is to use the LDAP account that logs in to be the same account that ...

IE 7 not showing my custom 401 page

I created a 401 page, which is html, and within an accessible directory. It displays in IE 6, Firefox, Safari, but not IE 7. Here is the .htaccess file for setting the authentication on the directory and location for the 401 page. KrbServiceName HTTP KrbMethodNegotiate On KrbMethodK5Passwd On #KrbVerifyKDC on KrbSaveCredentials off Kr...

For any entry in Active Directory does the DistinguishedName ever changes?

Let's say a group is created with one name. If the group is subsequently renamed, does its distinguishedName also change? I'm looking for a way to permanently track AD objects even if their display names or other properties change. If distinguishedName is not constant, is there something else that is? I've seen objectguid but that se...

Java LDAP Management - Using the netscape.ldap package, checking authentication and adding users

I am currently using the netscape.ldap package to handle LDAP Connection and Authentication. I don't know if this is the best framework for LDAP Management but it's what I've got anyways. Using this I really have to check if the user exists or not by doing so obisouly ugly and bad statements, such as followed: try{ conn.connec...

LDAP | Check If UserID is Existing on AD

Hi guys, I just want to Add a new method on an existing code below. Method is a simply check a given User_ID if it is exists on the AD. It's my 1st time dealing with AD. public class AD { // Fields private static string ADPassword = ConfigurationManager.AppSettings["ADPassword"].ToString(); private static string ADPath = ...

Finding what Groups/Distribution lists a specific user belongs to in active directory

Let's say I'm in OU=Groups,DC=contaco,DC=com,ct I can find all the groups in a sub OU, but the only way to find all of the groups user 'bobdole' belongs to is for me to look at each group and see if he is in the 'member' field. Unfortunately, when I look at user 'bobdole', I don't see a memberOf field that has all of these lists, he...

SSO from external web app to multiple LDAP (AD) providers

Hi, We are looking into a solution for this problem: We host a ASP.NET web app externally on a dedicated web server which is on its own domain. We have a client who use the web app exclusively, and want SSO using their windows credentials to automatically authenticate into the web application without having to log on. This client has u...

LDAP DirectorySearcher with MemberOf property

I want to find all the users that are a member of a group in a certain OU, so my filter would look something like this: (&(objectClass=user)(memberOf=*OU=something,OU=yep,DC=dev,DC=local)) Is there a way to run a directorysearcher on the memberof property with a wildcard? ...

Mocking an Active Directory for off site development

I received a client application, using SQL Server 2005, which contains many views with joins to their active directory. They do this to secure what people can see in the database. I need to be able to run these view from my remote development environment and I am looking for suggestion on how to do this. I cannot duplicate their AD ...

Is it possible to store database connection string information in Active Directory?

Let's say you have many applications in your environment all of which store their connection strings to SQL Server in a web config. Is it possible to have the application retrieve those connection strings from Active Directory? We're moving some database servers around and would like a way to have them read from a central location. Acti...

can not import inbuilt java class file (javax.naming.ldap.SortControl)

I have downloaded Openfire sources and started to run it on Eclipse. I got a error saying javax.naming.ldap.SortControl class is not there, as illustrated on the following image: . Since it is inbuilt Java class , what can i do to solve this problem. Full source has about 5 error messages, all of them are saying the same. ...

How can I work with Active Directory from Perl?

I am considering writing some Perl scripts that interact with Active Directory. Being somewhat new to Perl, I was wondering if there were any specific modules, tools, techniques, etc. that anyone would suggest I use. As of right now, I am only looking to pull user information to process with the script. ...

.htaccess - list URL's to be restricted by ActiveDirectory LDAP Groups

Currently I have a .htaccess file within the directory of the folder I want to restrict, with the appropriate group that has access to it. What I want to do is have one htaccess for the entire site, and restrict groups to specific URL's. So I want staff to have access to: /staff/.. and Students to have access to: /students/.. I wou...

Authenticate against ldap using PHP, active directory, while using IE/Firefox

This code below checks for the user's credentials against ldap <?php $ldaphost = "ldap.domain.com"; $ldapport = 389; $ds = ldap_connect($ldaphost, $ldapport) or die("Could not connect to $ldaphost"); if ($ds) { $username = "[email protected]"; $upasswd = "pass"; $ldapbind = ldap_bind($ds, $username, $upasswd); if (...

Managing LDAP groups and group membership in Novell eDirectory using .NET

I am new to LDAP development so please forgive my ignorance on the subject. I am on a project where I need to manage groups and group membership in Novell eDirectory using .NET. I have found several examples of creating groups in Active Directory but all of these examples use SamAccountName which is specific to active directory. Can any...

Forms Authentication, Change the currently authenticated ad user form code.

in ASP.Net, forms authentication, For Testing purposes, we need to enable our QA users who are currently logged into our app to be able to enter an AD ad username, and get logged in as that user. I thought that FormsAuthentication.SignOut(); FormsAuthentication.SetAuthCookie(userName, false); Would do the trick, but it does not. can ...

asp.net MVC with LDAP

We are in our intranet using LDAP and config files in our asp.net pages to specify access to the pages. I want to use asp.net mvc for all new pages, but I have not idea on how I can specify the access level with asp.net mvc. Lets say that I have two controllers foo and bar. How can I configure asp.net mvc to let an users that belongs to ...

Need to pass appropriate values to ldap_search

I want to search our Active Directory for the username: johndoe I am unsure of what o and c is in this. $sr=ldap_search($ds, "o=Staff, c=LDAP_DOMAIN_NAME", "uid=johndoe"); Is uid the appropriate parameter to search for a username within Active Directory? If not, what is the appropriate one. I want to search thru the staff group, I t...