Open sidebar
<?php function getUserGroups($username, $password) { // Active Directory server $ldap_host = "HOST"; $ldapconfig['host'] = 'IP'; $ldapconfig['port'] = 389; // Active Directory DN, base path for our querying user $ldap_dn = "////"; // Connect to AD $ldap=ldap_connect($ldapconfig['host'], $ldapconfig['port']) or die("Could not connect to LDAP"); $bind =ldap_bind($ldap, $username .'@' .$ldap_host, $password) or die("Could not bind to LDAP"); // Search AD $results = ldap_search($ldap,$ldap_dn,"(samaccountname=$username)",array("memberof","primarygroupid")); $entries = ldap_get_entries($ldap, $results); // No information found, bad user if($entries['count'] == 0) return false; // Get groups and primary group token $output = $entries[0]['memberof']; $token = $entries[0]['primarygroupid'][0]; // Remove extraneous first entry array_shift($output); // We need to look up the primary group, get list of all groups $results2 = ldap_search($ldap,$ldap_dn,"(objectcategory=group)",array("distinguishedname","primarygrouptoken")); $entries2 = ldap_get_entries($ldap, $results2); // Remove extraneous first entry array_shift($entries2); // Loop through and find group with a matching primary group token foreach($entries2 as $e) { if($e['primarygrouptoken'][0] == $token) { // Primary group found, add it to output array $output[] = $e['distinguishedname'][0]; // Break loop break; } } return $output; } $groups = getUserGroups("testuser", "123Test123"); if (in_array("groupnamehere", $groups)) { echo "Access granted!"; } else { echo "Access denied!"; } ?>
Close sidebar
Back
Please note that all pasted data is publicly available.
Twitter
GitHub
Use setting
Back
Please note that all pasted data is publicly available.
Twitter
GitHub
Use setting