我们创建了一个Intranet站点,该站点需要与用户的网络登录相同的密码,因此我们使用LDAP来检查用户名/密码。
这很好,但是如果他们错误地输入三次就会锁定他们的帐户,并且有一两个用户发现这令人困惑。
无论如何,我可以检查,使用LDAP / PHP,无论他们的帐户是否被锁定,所以我可以显示一条消息,提示他们联系IT?
谢谢
We've created an intranet site that requires the same password as the user's network login, so we use LDAP to check the username/password.
That's fine, but if they enter it incorrectly three times it locks their account out, and one or two users have found this confusing.
Is there anyway at all I could check, using LDAP/PHP whether or not their account is locked, so I can display a little message prompting them to contact IT?
Thanks
最满意答案
您需要使用PHP中的LDAP功能连接到LDAP并执行搜索/读取以查找和获取信息。 你可以在这里阅读: http : //us3.php.net/manual/en/book.ldap.php
查找阅读条目的示例代码:
if (!($ldap=ldap_connect($ldapip, $ldapport))) { die("Error:Unable to connect to the LDAP Server"); return; } if (!ldap_bind($ldap, $admindn, $adminpwd)) { die("Error:Unable to bind to '$dn'!"); return; } $sr=ldap_search($ldap, $userbasedn, $filter); $info = ldap_get_entries($ldap, $sr); if($info["count"] > 0) { $entry = ldap_first_entry($ldap, $sr); $return_array = ldap_get_attributes($ldap, $entry); if($return_array) { for ($i=0;$i<$return_array['count'];$i++) { print($return_array[$i]); print($return_array[$return_array[$i]][0]); } } }您可能想要检查AD中的字段lockoutTime,LDAP中的nsaccountlock并读取它们
You need to connect to the LDAP using the LDAP functions in PHP and perform search/read to locate and get the information. You can read about it here: http://us3.php.net/manual/en/book.ldap.php
Find a sample code for reading entries:
if (!($ldap=ldap_connect($ldapip, $ldapport))) { die("Error:Unable to connect to the LDAP Server"); return; } if (!ldap_bind($ldap, $admindn, $adminpwd)) { die("Error:Unable to bind to '$dn'!"); return; } $sr=ldap_search($ldap, $userbasedn, $filter); $info = ldap_get_entries($ldap, $sr); if($info["count"] > 0) { $entry = ldap_first_entry($ldap, $sr); $return_array = ldap_get_attributes($ldap, $entry); if($return_array) { for ($i=0;$i<$return_array['count'];$i++) { print($return_array[$i]); print($return_array[$return_array[$i]][0]); } } }You might want to check for the fields lockoutTime in AD, nsaccountlock in LDAP and read them
更多推荐
发布评论