windows username in php

Discussion in 'PHP' started by red_fiesta, Feb 18, 2009.

0
  1. #1
    I have users who logon to a windows box. The authenication is done via LDAP.

    They need to access a website that sits on a linux box (which will sit in the same network).

    Is there any way of returing the logged in user.

    Basically, I want to be able to be able to get the username and then use that to look up a database table to return information

    Thanks
     
    red_fiesta, Feb 18, 2009 IP
  2. Barti1987

    Barti1987 Well-Known Member

    Messages:
    2,703
    Likes Received:
    115
    Best Answers:
    0
    Trophy Points:
    185
    #2
    You want the username on the Linux or Windows box (I assume they are different).

    For linux, use getenv LOGNAME and for windows you can use GetUserName function.

    Peace,
     
    Barti1987, Feb 18, 2009 IP
  3. red_fiesta

    red_fiesta Peon

    Messages:
    125
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    the windows user so that i can look up information on them.

    I meant the code and database (ie the site) will sit on a linux box..
     
    red_fiesta, Feb 18, 2009 IP
  4. Techmonkey

    Techmonkey Active Member

    Messages:
    107
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    53
    #4
    Hi Unfortunately as far I have been able to tell you cannot grab the windows username from PHP pages. However you can get them to login to your page with their LDAP username and password.

    Basically you first need to enable the LDAP plugin for PHP

    Find this line in your PHP.ini

    extension=php_ldap.dll and uncomment it. You may need to restart your IIS or Apache services.

    Ah ha I found the script: I have commented the parts you need to fill in.

    
<?php 
	session_start();
	if (!isset($_POST['ldapname'])) {
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="default.css">
<title></title>
</head>
<body onload="document.getElementById(\"text_area_id\").focus()">
		<div id="login">
			<form method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>" name="login" id="ldapname">
			<div id="login_top">
				<div id="login_box">
					<input type="text" name="ldapname" size="30"><br /><br />
					<input type="password" name="ldappass" size="30">
				</div>
			</div>
			<div id="login_bottom">
				<div id="login_btn">
					<input type="submit" value="Login" name="submit">&nbsp;&nbsp;<input type="submit" value="Cancel" name="submit">
				</div>
			</div>
		</div>
		</form>
		
<?php
	} else {
	$ldap_host = "";  // enter your domain here eg domain.com
	$base_dn = ""; // This is your main users folder within AD, followed by your domain eg: OU=users, DC=domain, DC=com
	$ldapname = "";  // Enter a username with access to the domain in the following format: username@domain.com
	$ldappass = ""; // Enter the users password
	$connect = ldap_connect( $ldap_host)
				or exit(">>Could not connect to LDAP server<<");

	//for win2003
	ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
		
	//for win2003
	ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
		
	$bind = @ldap_bind($connect, $ldapname, $ldappass);
			
	
	if (!$bind) {
			echo "<table align=\"center\"><tr><td>Invalid username/password.... try again </td></tr><tr><td align=\"center\"><FORM><INPUT TYPE='button' VALUE='Try Again' onClick='history.go(-1);return true;'> </FORM></tr></tr></table>";
			unset($ldappass);
	} else {	
		$_SESSION['ldapname'] = $_POST['ldapname'];
		
		$name = $_SESSION['ldapname'];
		
		$filter = "(&(!(userAccountControl:1.2.840.113556.1.4.803:=2))(samaccountname=$name))";
		
		$get_this=array("department", "co", "streetaddress", "st", "postalcode", "l", 
		"cn", "samaccountname", "physicaldeliveryofficename", "facsimiletelephonenumber",
		"mobile", "description", "mail", "givenname", "sn", "telephonenumber", "ipphone", "department", "mobile",
		"memberof" );
		
		$read = ldap_search($connect, $base_dn, $filter, $get_this)
	     or exit(">>Unable to search ldap server<<");
		 
		$info = ldap_get_entries($connect, $read);
		
		if (isset($info[0]["mail"][0])) {
			$_SESSION['email'] = $info[0]["mail"][0];
		}
		if (isset($info[0]["department"][0])) {
			$_SESSION['dept'] = $info[0]["department"][0];
		}
		if (isset($info[0]["co"][0])) {
			$_SESSION['country'] = $info[0]["co"][0];
		}
		if (isset($info[0]["streetaddress"][0])) {
			$_SESSION['street'] = $info[0]["streetaddress"][0];
		}
		if (isset($info[0]["st"][0])) {
			$_SESSION['st'] = $info[0]["st"][0];
		}
		if (isset($info[0]["postalcode"][0])) {
			$_SESSION['postcode'] = $info[0]["postalcode"][0];
		}
		if (isset($info[0]["l"][0])) {
			$_SESSION['l'] = $info[0]["l"][0];
		}
		if (isset($info[0]["samccountname"][0])) {
			$_SESSION['samaccountname'] = $info[0]["samaccountname"][0];
		}
		if (isset($info[0]["physicaldeliveryofficename"][0])) {
			$_SESSION['physicaldeliveryofficename'] = $info[0]["physicaldeliveryofficename"][0];
		}
		if (isset($info[0]["facsimiletelephonenumber"][0])) {
			$_SESSION['fax'] = $info[0]["facsimiletelephonenumber"][0];
		}
		if (isset($info[0]["mobile"][0])) {
			$_SESSION['mobile'] = $info[0]["mobile"][0];
		}
		if (isset($info[0]["description"][0])) {
			$_SESSION['description'] = $info[0]["description"][0];
		}
		if (isset($info[0]["givenname"][0])) {
			$_SESSION['firstname'] = $info[0]["givenname"][0];
		}
		if (isset($info[0]["sn"][0])) {
			$_SESSION['surname'] = $info[0]["sn"][0];
		}
		if (isset($info[0]["telephonenumber"][0])) {
			$_SESSION['telephone'] = $info[0]["telephonenumber"][0];
		}
		if (isset($info[0]["ipphone"][0])) {
			$_SESSION['ext'] = $info[0]["ipphone"][0];
		}
		if (isset($info[0]["mobile"][0])) {
			$_SESSION['mobile'] = $info[0]["mobile"][0];
		}
		if (isset($info[0]["memberof"][0])) {
			$_SESSION['memberof'] = $info[0]["memberof"][0];
		}
		
		$location = $_SESSION['location'];
		
		header("Location:$location");
		ldap_close($connect); 
	}
}
	?>
</html>
</body>
    Code (markup):
     
    Techmonkey, Feb 19, 2009 IP