- 預先安裝好PHP
- 先安裝必需的套件(SSSD等包含可以連結到Windows AD的套件)
yum install sssd sssd-client krb5-workstation samba openldap-clients policycoreutils-python
- 編輯ldap config,設定單向SSL(AD如果是只有單向時,不要求Client的Certficate)
vi /etc/openldap/ldap.conf
TLS_REQCERT never
PHP LDAP Sample:
$ldaprdn = '輸入你的DN';
$ldappass = '輸入密碼';
$dsAdmin = ldap_connect( 'Server IP');
ldap_set_option( $dsAdmin, LDAP_OPT_PROTOCOL_VERSION, 3 );
ldap_set_option( $dsAdmin, LDAP_OPT_REFERRALS, 0 );
$dsUser = ldap_connect( 'Server IP');
ldap_set_option( $dsUser, LDAP_OPT_PROTOCOL_VERSION, 3 );
ldap_set_option( $dsUser, LDAP_OPT_REFERRALS, 0 );
/* login as admin & find out user entry */
if( ! ldap_bind( $dsAdmin, $ldaprdn, $ldappass ) )
{
// echo "LDAP-Errno: " . ldap_errno($dsAdmin) . "<br />\n";
// echo "admin pwd err\n";exit;
return false;//admin pwd err
}
//可搜尋全部列表
$r = ldap_search( $dsAdmin, '輸入BDN', '(name=*)' );
文章標籤
全站熱搜
留言列表
