yii-adldap

Yii Framework Extensions

Createnew extension

Popular Tags

yii-adldap Active directory support with authorization example

Requirements
Installation
Usage
Resources

Active directory support for Yii provided by adLDAP class.

Requirements ¶

Yii 1.1.14 or above (not tested on earlier versions)

Installation ¶

Copy adLDAP directory to extensions dir. Copy UserIdentity.php to components dir if you want support for AD authorization.

Usage ¶

In config file:

'components'=>array(
		'ldap'=>array(
			'class'=>'application.extensions.adLDAP.YiiLDAP',
			 // those are standard adLDAP options check http://adldap.sourceforge.net/ for documentation
			 'options'=> array(
		                    'ad_port'      => 389,
		                    'domain_controllers'    => array('ad_server'),
		                    'account_suffix' =>  '@domain_name',
		                    'base_dn' => NULL,
				    // for basic functionality this could be a standard, non privileged domain user (required)
		                    'admin_username' => 'jdoe',
		                    'admin_password' => 'password',
			),
		),

Example usage in every place of an application:

// gather info about domain computer
Yii::app()->ldap->computer()->info('computer_name', null);

If you would like to use UserIdentity class included in this package you could also get Active Directory information about authorized user:

// in template file
if(isset(Yii::app()->user->displayname) {
  echo Yii::app()->user->displayname; // or any other field from UserIdentity $_fields property
}

if(isset(Yii::app()->user->groups) {
  foreach(Yii::app()->user->groups as $group) {
    echo 'User belongs to: ' . $group ."\n";
  }
}

Resources ¶

Project page

2 0

10 followers

1 478 downloads

Yii Version: Unknown

License: GPL-2.0

Category: Networking

Tags: active, authorization, Directory, ldap

Developed by: Fedek6

Created on: Nov 7, 2013

Last updated: 10 years ago

Downloads

Yii-adLDAP.zip

show all

Related Extensions

User Contributed Notes 3

#17825

0 0

Way to authenticate via email

There's a way do authenticate user via the user email available in the Active Directory information?

Phelipe Folgierini at Jul 25, 2014, 9:34:09 PM

#17852

1 0

Re: Way to authenticate via email

I think it will be hard without messing with Active Directory settings. Check this link.

Fedek6 at Jul 31, 2014, 8:36:14 AM

#17856

0 0

Way to authenticate via email

To do this is necessary to use UPN auth method in the Active Directory. Since the adLDAP don't offer this support I have made a improvement in the adLDAP.php class.

In the "authenticate" method (near line 694) add the param $UPNLogin, as below:

public function authenticate($username, $password, $preventRebind = false, $UPNLogin = false) {

In the same method, near the line 713, change the code as below:

This:

$this->ldapBind = @ldap_bind($this->ldapConnection, $username . $this->accountSuffix, $password);

For this:

if($UPNLogin && strrpos($username, '@') != FALSE) {
    $this->ldapBind = @ldap_bind($this->ldapConnection, $username, $password);
} else {
    $this->ldapBind = @ldap_bind($this->ldapConnection, $username . $this->accountSuffix, $password);
}

So you need to call the authtentication method in this way:

Yii::app()->ldap->authenticate($this->username, $this->password, false, true);

And in the login form the user field can be both "username" or "username@domainname.com".

Phelipe Folgierini at Jul 31, 2014, 6:24:06 PM

Categories