Databases
StackOverflow2013
Postsdbo
POGetting the user's Full Name from Active Directory using PHP
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POGetting the user's Full Name from Active Directory using PHP
    text
    copied!<p>I have a login page that uses PHP/LDAP for my users to access a company website. Below, I created a statement that stores the user's AD group membership in a variable, to be used later to redirect depending what membership the user has in AD> </p> <p>Now, I would now like to also add the ability to get the user's full name from Active Directory, and store this for later use. How can I modify my statement below to store the user's full name from Active Directory into another variable? Any ideas??</p> <pre><code>// verify user and password if($bind = @ldap_bind($ldap, $user . $ldap_usr_dom, $password)) { // valid // check presence in groups $filter = "(sAMAccountName=" . $user . ")"; $attr = array("memberof"); $result = ldap_search($ldap, $ldap_dn, $filter, $attr) or exit("Unable to search LDAP server"); $entries = ldap_get_entries($ldap, $result); /* I would like to get and store the user's display name here somehow */ ldap_unbind($ldap); // check groups foreach($entries[0]['memberof'] as $grps) { // is manager, break loop if (strpos($grps, $ldap_manager_group)) { $access = 2; break; } // is user if (strpos($grps, $ldap_user_group)) $access = 1; } if ($access != 0) { // establish session variables $_SESSION['user'] = $user; $_SESSION['access'] = $access; return true; } else { // user has no rights return false; } } else { // invalid name or password return false; </code></pre> <p>Thanks in advance for any help/suggestions!</p> <p><strong>EDIT</strong></p> <p>Here is now my full PHP page with dummy domain stuff, but I'm getting a syntax error and I can the problem :( and help or idea? Thanks Alex for the initial help !</p> <pre><code> &lt;?php function authenticate($user, $password) { // Active Directory server $ldap_host = "my FQDC DC"; // Active Directory DN $ldap_dn = "DC=something,DC=something"; // Active Directory user group $ldap_user_group = "WebUsers"; // Active Directory manager group $ldap_manager_group = "WebManagers"; // Domain, for purposes of constructing $user $ldap_usr_dom = "@mycompany.com"; // connect to active directory $ldap = ldap_connect($ldap_host); // verify user and password if($bind = @ldap_bind($ldap, $user . $ldap_usr_dom, $password)) { // valid // check presence in groups $filter = "(sAMAccountName=" . $user . ")"; $attr = array("memberof","givenname"); $result = ldap_search($ldap, $ldap_dn, $filter, $attr) or exit("Unable to search LDAP server"); $entries = ldap_get_entries($ldap, $result); $givenname = $entries[0]['givenname']; ldap_unbind($ldap); // check groups foreach($entries[0]['memberof'] as $grps) { // is manager, break loop if (strpos($grps, $ldap_manager_group)) { $access = 2; break; } // is user if (strpos($grps, $ldap_user_group)) $access = 1; } if ($access != 0) { // establish session variables $_SESSION['user'] = $user; $_SESSION['access'] = $access; $_SESSION['givenname'] = $givenname; return true; } else { // user has no rights return false; } } else { // invalid name or password return false; } ?&gt; </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload