Post #48,352
8/6/02 9:47:34 AM
8/6/02 9:49:48 AM
|
Anyone know how to read W2K Domain info from PHP?
(This is cross-posted in [link|http://z.iwethey.org/forums/render/content/show?contentid=48353|Networking] and [link|http://z.iwethey.org/forums/render/content/show?contentid=48354|Windows] fora.)
We're trying to implement an auth system in PHP that uses the NT username as the key field throughout. I'm trying to poll the W2K server to get user info (full name, email address, etc).
How am I supposed to be able to do this? Note: We're not using Active Directory (yet) and the sysadmins say we're moving away from LDAP, which isn't running on this box anyway.
===
Microsoft offers them the one thing most business people will pay any price for - the ability to say "we had no choice - everyone's doing it that way." -- [link|http://z.iwethey.org/forums/render/content/show?contentid=38978|Andrew Grygus]
Edited by drewk
Aug. 6, 2002, 09:49:48 AM EDT
Anyone know how to read W2K Domain info from PHP?
(This is cross-posted in Networking and Windows fora.)
We're trying to implement an auth system in PHP that uses the NT username as the key field throughout. I'm trying to poll the W2K server to get user info (full name, email address, etc).
How am I supposed to be able to do this? Note: We're not using Active Directory (yet) and the sysadmins say we're moving away from LDAP, which isn't running on this box anyway.
===
Microsoft offers them the one thing most business people will pay any price for - the ability to say "we had no choice - everyone's doing it that way." -- Andrew Grygus
|
Post #48,376
8/6/02 11:31:25 AM
|
Re: Anyone know how to read W2K Domain info from PHP?
You're certainly NOT moving away from LDAP, if Active Directory is on the horizon.
LDAP is the native protocol used by AD servers and clients for their AD-related communication.
Other than that, I dunno. If you get wedge a bit of Perl or Python in there, you can probably get the info out that way.
Peter
[link|http://www.debian.org|Shill For Hire]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Blog]
|
Post #48,385
8/6/02 12:07:27 PM
|
That's what I thought
I keep trying to tell our sysadmins that LDAP isn't a service but a protocol. They look at me like I'm speaking Greek. I thought I must be the one who didn't know what I was talking about.
Just to make sure I'm right about this: LDAP is a protocol that NT/W2K servers use to communicate domain information to each other. So if I have something that can speak LDAP (which PHP can) all I should need is the address/password of the server I want to talk to.
Is this as simple as I think it should be and our guys just aren't familiar with how to do it?
===
Microsoft offers them the one thing most business people will pay any price for - the ability to say "we had no choice - everyone's doing it that way." -- [link|http://z.iwethey.org/forums/render/content/show?contentid=38978|Andrew Grygus]
|
Post #48,390
8/6/02 12:32:33 PM
|
Sort of
It all depends on the authentication protocol.
You may find yourself having to speak Kerberos.
Peter
[link|http://www.debian.org|Shill For Hire]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Blog]
|
Post #48,394
8/6/02 12:52:44 PM
|
So LDAP is in no danger of going away?
LDAP is the protocol behind Active Directory? And it is natively spoken by W2K, so if we have a W2K server it ca speak LDAP?
===
Microsoft offers them the one thing most business people will pay any price for - the ability to say "we had no choice - everyone's doing it that way." -- [link|http://z.iwethey.org/forums/render/content/show?contentid=38978|Andrew Grygus]
|
Post #48,401
8/6/02 1:33:51 PM
|
Well....
LDAP is used to communicate with (i.e. query against) the global catalog service. Trying to get AD to interact with other LDAP directories is doable, but not the same thing. So W2K servers "speak LDAP", but they don't necessarily want to have a conversation outside their friends in the lunchroom.
Finisterre said that while he wanted to resolve the dispute with HP, he resented receiving DMCA threats. "We are like the guys that found out that Firestone tires have issues on Ford explorers," he said. "It's not our fault your Explorer has crap tires. We just pointed it out. We should not get attacked for pointing out issues in someone\ufffds product nor for proving it is possible."
Many fears are born of stupidity and ignorance -
Which you should be feeding with rumour and generalisation.
BOfH, 2002 "Episode" 10
|
Post #48,429
8/6/02 3:39:29 PM
|
Crazy Mad AD Trick Of The Month
You can do your replication via SMTP.
No, I'm not joking.
Peter
[link|http://www.debian.org|Shill For Hire]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Blog]
|
Post #48,454
8/6/02 5:11:17 PM
|
Maybe not joking, but I laughed when I saw that
..a little while ago, I was looking up some AD info on MS' website and it was ... weird. I mean, it's not as if the SMTP capability is some development backwater project with odd references you only find on comp.useless.hacks or something. It's all over their AD white papers.
I guess they're still trying to figure out exactly how Exchange can take over the enterprise without taking over the enterprise.
Finisterre said that while he wanted to resolve the dispute with HP, he resented receiving DMCA threats. "We are like the guys that found out that Firestone tires have issues on Ford explorers," he said. "It's not our fault your Explorer has crap tires. We just pointed it out. We should not get attacked for pointing out issues in someone\ufffds product nor for proving it is possible."
Many fears are born of stupidity and ignorance -
Which you should be feeding with rumour and generalisation.
BOfH, 2002 "Episode" 10
|
Post #48,455
8/6/02 5:11:17 PM
|
Maybe not joking, but I laughed when I saw that
..a little while ago, I was looking up some AD info on MS' website and it was ... weird. I mean, it's not as if the SMTP capability is some development backwater project with odd references you only find on comp.useless.hacks or something. It's all over their AD white papers.
I guess they're still trying to figure out exactly how Exchange can take over the enterprise without taking over the enterprise.
Finisterre said that while he wanted to resolve the dispute with HP, he resented receiving DMCA threats. "We are like the guys that found out that Firestone tires have issues on Ford explorers," he said. "It's not our fault your Explorer has crap tires. We just pointed it out. We should not get attacked for pointing out issues in someone\ufffds product nor for proving it is possible."
Many fears are born of stupidity and ignorance -
Which you should be feeding with rumour and generalisation.
BOfH, 2002 "Episode" 10
|
