Monday, December 21, 2009
Using PHP to edit LDAP
Before you can use the LDAP calls you will need to know :
- The name or address of the directory server you will use
- The "base dn" of the server (the part of the world directly that is held on this server, which could be "o=My Company, c=US")
- Whether you need a password to access the server (many severs will provide read access for an "anonymous bind" but require a password for anything else)
-----
The typical sequence of LDAP calls you will make in an application will follow this pattern:
---
ldap_connect() // establish connection to server
|
ldap_bind() // anonymous or authenticated "login"
|
do something like search or update the directory and display the results
|
ldap_close() // "logout"
---
Using the PHP LDAP ldap_connect
---
// LDAP Variables
$ldaphost = "ldap.example.com"; // your ldap servers
$ldapport = 389; // your ldap server's port number
// Connecting to LDAP
$ldapconn = ldap_connect ($ldaphost, $ldapport)
or die("Could not connect to $ldaphost");
?>
---
Using the PHP LDAP ldap_bind
---
// Using ldap bind
$ldaprdn = "username"; //ldap rdn or dn
$ldappass = "password"; //associated password
// connect to ldap server
$ldapconn = ldap_connect("ldap.example.com")
or die("Could not connect to LDAP server.");
if ($ldapconn) {
//binding to ldap server
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);
// verify binding
if ($ldapbind) {
echo "LDAP bind successful ...";
} else {
echo "LDAP bind failed ...";
}
}
?>
---
Using The PHP LDAP ldap_modify
---
$newinfo[attribute name]="value";
ldap_modify($ldapconn,"dn name",$newinfo);
---
Problem records
---
Q1. "Fatal error: Call to undefined function ldap_connect() ..."
A1. Edit php.ini (directory = C:/windows/php.ini) and ignore ";" on this line ";extension=php_ldap". And copy these two files "libeay32.dll" & "ssleay32.dll" from php folder to "WINDOWS/SYSTEM or SYSTEM32. Remember to disable firewall. Finally restart apache service.
Q2. Error Message : "Warning: ldap_mod_add() [function.ldap-mod-add]: Modify: Object class violation in C:\AppServ\www\addattribute.php on line 32"
A2. Because when you add a new objectClass and this objectClass include some "MUST" attributes. So when you add this new objectClass, you should add its "MUST" attribute together.
Q3.
A3.
---
Related Infomation
---
1. http://www.samba.org/samba/docs/man/Samba-Developers-Guide/pwencrypt.html
2. http://www.linuxtopia.org/online_books/network_administration_guides/samba_reference_guide/18_passdb_23.html
3. http://www.php.net/manual/en/function.ldap-bind.php
4. http://php.freehostingguru.com/function.php-ldap_add.php
---
Sunday, December 20, 2009
How to write C Program under Linux system
Compiler : Using "gcc"
Hands-on
1. vi hello.c
2. start writing :
---------
#include
main(void){
printf("Hello C World !\n");
}
---------
3. Start compile :
---
#gcc -o hello.out hello.c
---
4. Start running :
---
# ./hello.out
---
C Program's IDE under linux system : RHIDE
Sunday, December 13, 2009
LDAP-Samba
1. sambaSID=uidNumber*2+1000
LDAP Special Attributes for sambaSamAccounts
The sambaSamAccount ObjectClass is composed of the attributes shown in next tables:
Part A, and
Part B.
Table10.4.Attributes in the sambaSamAccount ObjectClass (LDAP), Part B
sambaUserWorkstations | Here you can give a comma-separated list of machines on which the user is allowed to login. You may observe problems when you try to connect to a Samba domain member. Because domain members are not in this list, the domain controllers will reject them. Where this attribute is omitted, the default implies no restrictions. |
sambaSID | The security identifier(SID) of the user. The Windows equivalent of UNIX UIDs. |
sambaPrimaryGroupSID | The security identifier (SID) of the primary group of the user. |
sambaDomainName | Domain the user is part of. |
The majority of these parameters are only used when Samba is acting as a PDC of
a domain (refer to
Domain Control, for details on
how to configure Samba as a PDC). The following four attributes
are only stored with the sambaSamAccount entry if the values are non-default values:
sambaHomePath
sambaLogonScript
sambaProfilePath
sambaHomeDrive
These attributes are only stored with the sambaSamAccount entry if
the values are non-default values. For example, assume MORIA has now been
configured as a PDC and that
logon home = \\%L\%u was defined in
its smb.conf
file. When a user named “becky” logs on to the domain,
the
logon home string is expanded to \\MORIA\becky.
If the smbHome attribute exists in the entry “uid=becky,ou=People,dc=samba,dc=org”,
this value is used. However, if this attribute does not exist, then the value
of the
logon home parameter is used in its place. Samba
will only write the attribute value to the directory entry if the value is
something other than the default (e.g., \\MOBY\becky
).
Wednesday, December 2, 2009
My Working Journal
Purpose of this journal is to clearly know what to do.