![](/img/trans.png)
[英]How to know the objectGUID of a user that successfully authenticated with LDAP bind
[英]can bind successfully to the ldap server, but needs to know how to find user w/i AD
我創建一個登錄表單以綁定到ldap服務器,如果成功,它將創建一個會話(用戶的用戶名存儲在其中),然后轉到另一個具有session_start()的頁面; 而且效果很好。
我現在想做的是添加代碼以測試該用戶是否是特定組的成員。
所以從理論上講,這就是我要做的
if(username session is valid) {
search ldap for user -> get list of groups user is member of
foreach(group they are member of) {
switch(group) {
case STAFF:
print 'they are member of staff group';
$access = true;
break;
default:
print 'not a member of STAFF group';
$access = false;
break;
}
if(group == STAFF) {
break;
}
}
if($access == TRUE) {
// you have access to the content on this page
} else {
// you do not have access to this page
}
}
我如何不綁定ldap_search? 我不想在每個頁面上不斷詢問他們的密碼,並且我無法通過會話傳遞他們的密碼。
任何幫助表示贊賞。
最佳實踐是使用這樣的庫來完成必要的工作。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.