【发布时间】:2019-10-10 14:35:39
【问题描述】:
目前我有这段代码:
<?php
function authenticate($user, $password) {
if(empty($user) || empty($password)) return false;
// active directory server
$ldap_host = "ldaps.test.nl";
$ldap_port = "389";
// active directory DN (base location of ldap search)
$ldap_dn = "OU=Users,OU=test users & Groups,DC=test,DC=nl";
// active directory user group name
$ldap_user_group = "Users";
// active directory manager group name
$ldap_manager_group = "IT_Inventory";
// domain, for purposes of constructing $user
$ldap_usr_dom = '@test.nl';
// connect to active directory
$ldap = ldap_connect($ldap_host);
// configure ldap params
ldap_set_option($ldap,LDAP_OPT_PROTOCOL_VERSION,3);
ldap_set_option($ldap,LDAP_OPT_REFERRALS,0);
// verify user and password
if($bind = @ldap_bind($ldap, $user.$ldap_usr_dom, $password)) {
// valid
// check presence in groups
$filter = "(sAMAccountName=".$user.")";
$attr = array("memberof");
$result = ldap_search($ldap, $ldap_dn, $filter, $attr) or exit("Unable to search LDAP server");
$entries = ldap_get_entries($ldap, $result);
ldap_unbind($ldap);
// check groups
$access = 0;
foreach($entries[0]['memberof'] as $grps) {
// is manager, break loop
if(strpos($grps, $ldap_manager_group)) { $access = 2; break; }
// is user
if(strpos($grps, $ldap_user_group)) $access = 1;
}
if($access != 0) {
// establish session variables
$_SESSION['user'] = $user;
$_SESSION['access'] = $access;
return true;
} else {
// user has no rights
return false;
}
} else {
// invalid name or password
return false;
}
}
?>
我要做的是在 ldap 连接中指定端口。 我已经通过尝试这样做了:
$ldap = ldap_connect($ldap_host,$ldap_port);
我如何在 ldap 连接中指定端口,它在 ldaps.test.nl 上正常工作,但现在证书已经通过,我们需要另一个证书,这需要一点时间,所以我需要绕过 ldaps,只使用 ldap通过更改端口。
希望有人能帮助我吗?
【问题讨论】: