[英]How to authenticate to Active Directory using iOS app
I am trying to create and iOS app that takes a users credentials and verifies it with the AD server. 我正在尝试创建一个iOS应用,该应用接受用户凭据并通过AD服务器对其进行验证。 Is there some built in library in xCode to do that, or is it third party? 在xCode中是否有内置库可以做到这一点,还是第三方?
Any advice on direction to look would be greatly appreciated. 任何关于看向的建议将不胜感激。
Thanks Zach 谢谢扎克
Ok, so this was the PHP i used to make the connection to the ldap server. 好的,这就是我用来连接ldap服务器的PHP。 i am not 100% sure what is happening here, i got this code from IT Coordinator at my company. 我不是100%知道这里发生了什么,我从公司的IT协调员那里得到了这段代码。 I understand all the binding and searching parts, but i dont get the the ldap_set_option part of this whole thing. 我了解所有的绑定和搜索部分,但是我没有得到整个事情的ldap_set_option部分。 Anyway after setting it up this way, you can then call the URL of the php script and pass it parameters. 无论如何,以这种方式设置它之后,您就可以调用php脚本的URL并传递它的参数。 take a look at the PHP, and the url example with be below. 看看PHP,以及下面的url示例。
<?php
//Connection parameters
$dn = "DC=network,DC=net";
$host = "ldap://ldap.network.com";
$port = 1111
$user = $_GET['user'];
$pass = $_GET['pass'];
//$user = "user@network.net";
//$pass = "pass";
$filter = "memberof";
$keyword = "CN=USSC_ALL,CN=Users,DC=network,DC=net";
$filter = "objectclass";
$keyword = "user";
$filter = "objectcategory";
$keyword = "CN=Person,CN=Schema,CN=Configuration,DC=network,DC=net";
//The real thing with PHP
if (!empty($keyword) and !empty($dn)) {
//Connect to the AD
$adConn = ldap_connect($host, $port) or die("Could not connect!");
//Set protocol verison
ldap_set_option($adConn, LDAP_OPT_PROTOCOL_VERSION, 3) or die ("Could not set ldap protocol1");
//Set referrals... Won't work without this...
ldap_set_option($adConn, LDAP_OPT_REFERRALS, 0) or die ("Could not set ldap protocol2");
//Bind the user
$bd = ldap_bind($adConn, $user, $pass) or die ("Could not bind");
echo $bd;
//End binding
ldap_unbind($adConn);
} else {
echo "<p>No results found!</p>";
}
?>
</body>
</html>
Ok so now all you have to do is pass a username and password to the script and it will return the bind. 好了,现在您要做的就是将用户名和密码传递给脚本,它将返回绑定。 that will give you either true or false. 那会给你真还是假。 meaning if it bound successfully it is a correct combination of username and password. 表示如果绑定成功,则是用户名和密码的正确组合。
this is how i am calling it: 这就是我所说的:
http://192.268.192.1/ldap.php?user=(username here)&pass=(password here)
This is the approach that i took, and i think it is a very simple answer. 这是我采用的方法,我认为这是一个非常简单的答案。
So what I have been able to find out is that i need to use PHP to do this. 因此,我能够发现的是,我需要使用PHP来做到这一点。 By creating a php file on the server, i can use built in ldap protocol to take a user name and password to the ldap server for verification. 通过在服务器上创建一个php文件,我可以使用内置的ldap协议将用户名和密码用于ldap服务器进行验证。 The query should then return true or false. 然后查询应返回true或false。 As soon as i get this working ill post my code 一旦我遇到这种病,请发布我的代码
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.