PHP-LDAP和Windows验证 [英] PHP-LDAP & Windows Authentication
问题描述
TLDR: 您要执行哪些步骤来在Windows用户的大型内部Intranet上设置PHP的LDAP身份验证?请只需要一个清单.
我正在考虑一个项目,该项目将Intranet托管在具有500-1,000个Windows用户的网络上.我想使用PHP的LDAP函数,这样我就可以获取AD/Windows用户信息,而不必依靠人们输入它(我会进行故障保护以防止失败,并提供信息输入作为替代方法或错误处理程序),并且我了解该功能,但是想知道要在哪里设置LDAP的确切位置吗?它是否只是在同一网络/域控制器中托管的服务器上编译为PHP?我不需要细节或步骤,只需要在哪台机器(例如IIS等)上进行设置的一般流程即可.
I'm thinking my way around a project where an intranet will be hosted on a network with 500-1,000 Windows users. I'd like to use PHP's LDAP functions so that I can get AD/Windows user information without relying on people to enter it (I'd failsafe against failures and offer information entry as an alternative or error handler) and I understand the functionality, but am wondering ahead of time where exactly the LDAP has to be setup? Is it just compiled into PHP on the server that's hosted within the same network/domain controller? I don't need specifics or steps, just a generalized flow of what needs to be setup on which machine (like IIS, etc..).
这将是经过手工编译的Windows堆栈,其中包含最新的Apache,PHP,MySQL等(所有这些都在localhost上正常运行并可以正常运行).
This will be on a hand-compiled stack of Windows with the newest Apache, PHP, MySQL, etc. (all of which are actively up and functioning on localhost).
对不起,如果我不确定,我真的不知道该怎么说吗?
Sorry if I'm vague, I don't really know how else to word it?
谢谢!
推荐答案
使用--with-ldap -flag(以及可选的--with-ldap-sasl)编译PHP足以在PHP中使用ldap.通过该设置,您可以访问AD服务器以进行基于LDAP的登录,并访问组成员身份以及所需的任何内容.
compiling PHP with the --with-ldap-flag (and optionally --with-ldap-sasl) is sufficient to use ldap within PHP. With that set up you can access the AD-Server to do LDAP-based login and to access group-membership and whatever is needed.
您可能会在php.net/manual/ldap.installation.php中找到更多信息
You might find more information at php.net/manual/ldap.installation.php
因此,您拥有带PHP的Web服务器,数据库既可以位于Web服务器上,也可以位于其他计算机上,并且您拥有的AD肯定应该在单独的计算机上.
So you have the Webserver with PHP, the DB can be either on the webserver or on a different machine and you've got the AD which should definitely be on a separate machine.
这篇关于PHP-LDAP和Windows验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
