ldap

Trouble with PHP LDAP code to check memberOf a certain group

I am having trouble with the following code which should check to see if $user is in AlumniDBusers or AlumniDBmanagers groups in AD The entries[0] array always returns blank Can anyone see what might be wrong? Thanks // Active Directory server define('LDAP_HOST','dc1.college.school.edu'); // Active Directory DN define('LDAP_DN','OU=...

Storing private "octet string" in Active Directory; what is secure by default?

I am essentially storing a private key (Hash) in any of the OctetString attributes within Active Directory. My question is, what attribute is secure by default and makes sense to keep private data there? This value should be considered similar to a password, where even administrators shouldn't have access (if possible), just like the c...

Regular expression to match an ldap connection string

Hi all, I need to extract information from an LDAP connection string like this one: ldap://uid=adminuser,dc=example,c=com:[email protected]/dc=basePath,dc=example,c=com I want to use a regular expression that will extract each token for me and place it in an array. I tried some regex expression and the best I got was this: /(\...

LDAP authentication against SunOne.

Hi All, I am authenticating user in following way but it says "unknown username or password" even though I provide correct username and password. I am authenticating against SunoneAuth server. Unfortunately as per rquirement I could not bind any user with the direcory except service username and pasword. I could not figure out whether...

Spring ldap multiple group bases in authoritiespopulator

Is there any way in Spring to set it up such that an authoritiespopulator will look in more than one location? <bean id="authoritiesPopulator" class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator"> <constructor-arg ref="contextSource" /> <constructor-arg value="CN=Users" /> <property name="group...

List of computers in Active Directory that are online

I'm using this snippet of code to output a list of all the computers on my network (the language is jscript.net, but it's just a small manipulation of C#). var parentEntry = new DirectoryEntry(); parentEntry.Path = "WinNT:"; for(var childEntry in parentEntry.Children) { if(childEntry.SchemaClassName == "Domain") { ...

list groups from user with ldap

I'm really new to LDAP and just got a connection between my php server and my ad server. I've succefully been able to authenticate users. Now I want to list all groups the users are in to see if he's an admin or not (or there might be another way?). I have this so far: $ldap = ldap_connect("192.168.1.108"); if ($ldap && $bind =...

UPDATED: Apache Chokes on PHP ldap_connect() Call

If I run the following PHP code on the command line I get the expected result: php -r 'var_dump(ldap_connect("ldaps://ldaps.example.com", 636));' resource(4) of type (ldap link) However if I put this in a PHP script <?php ldap_connect("ldaps://ldaps.example.com", 636); ?> Apache drops the connection, for example this is what cURL r...

Is it safe to pass "raw" search filters to ldap_search() function?

I'm writing a PHP application that manages some LDAP entries. I have one page that shows entries from a given branch and filtering on some objectClasses (only to certain authorized users, etc. etc.). I was wondering if it is safe to pass 'raw' url-defined filters to the ldap_search() function, or this could bring to security issues of a...

Restricting URLs using Active Directory in Weblogic 10.3 - where to start?

Hi, We are looking to use an Active Directory server to restrict access to certain URLs in our Spring application on a Weblogic server and I have no idea where to start. The problem should be quite simple as I understand it, we have a simple app which has a number of URLs: <root>/page1.do <root>/page2.do <root>/page3.do etc. And an ...

perform SQL Server operations with windows user id from an ASP.NET page

I have an ASP.NET application that authenticates users using Ldap against active directory. This is, the users enter their same windows credentials on the webform to login to this application. The application is basically a SQL Server database frontend, and in my limited experience, I use the standard connectionStrings label in the web.c...

DirContext search array with multiple parameters

I'm trying to search in a LDAP server all the users that have some profiles. So far I'm able to get all the users with a profile, but I'm unable to do the same with multiples roles. So the following code works [...] filterExpr = "(&(objectclass=person)(memberOf={0}))"; String rol = "myRol"; Object parameters[] ={rol}; context.search(dis...

LDAP JNDI Authentication fail??

Hi there, I'm attempting to build a JavaFX for browser use that will handle an authentication prompt against a LDAP Server. When launching JavaFX as a desktop application, I am able to authenticate against the LDAP server using JNDI. However, when I launch JavaFX on the browser, I will get the following error: javax.naming.Communicat...

LDAP path to be declared

I have ldap domain at pa-qa.pa.myserver.com. I am little confused how I can give LDAP path in the code. For an example I have other domain name as pa.myserver.com and I gave LDAP path as LDAP://pa.myserver.com/OU=members,DC=pa,DC=myserver,DC=com. How can I declare for the former one. I tried multiple ways but every time I was gettin...

Integrating LDAP with Glassfish and FTP

Hello, I'm currently faced with the task of integrating a glassfish environment and an FTP-Server with LDAP. This is work for an university, we need to be able to have a number of students(which all have Login-Data via LDAP, though access is only permitted via SSL) run their own applications on a glassfish server, upload them and then r...

Compile apache with various modules

At work we have several Solaris servers. Each server runs apache which we compiled a few years ago. It's been fine so far. Now we want to build one apache, using the latest version, and have it include LDAP authentication modules (for AD integration), NTML authentication and mod_perl. I can't find a guide for building apache like this ...

How to enable connection pooling over LDAP SSL?

Okay, so I'm moving my application over from non-SSL to SSL connections to my LDAP server. When running the application in non-SSL, connection pooling is working fine. However when I switch to SSL connection pools no longer work. While researching here I realized that I never set the "com.sun.jndi.ldap.connect.pool.protocol" property to...

What's the Rails way to mirror an LDAP directory as a SQL table?

So I'm creating a Rails app that will function as a directory for contact information in our organization. But it's not as simple as it sounds. We have a large LDAP-enabled directory which contains information for all of the users in our organization of tens of thousands. We have a smaller, separate LDAP-enabled directory which contain...

How to add radius to jboss ldap authentication?

This is a long shot but I thought it was worth a try. We have designed a java servlet running on jboss and authenticating using ldap (edit: via JAAS). Now the customer wants to change to radius authentication for some of the users who uses one-time generated passwords. but still only have the two login fields; username and password. Si...

Java or Groovy based LDAP server as alternative to ruby-ldapserver?

A few years ago, I wrote a small LDAP gateway that processes LDAP requests from mail clients (Apple Mail, Thunderbird, SquirrelMail, etc) by looking up the results from a relational database. It's mainly used for email address auto-completion, but can also be used by address book software (e.g. Apple AddressBook). The current soulution ...