Provides Active Directory authentication, with the capability of domain administrators to make changes to AD through a self-built web application. This does not involve hard-coding administrative credentials. All that's needed is a single read-only LDAP user.
My changes to the original library make this fairly alpha, particularly given what I'm doing to store an encrypted copy of the user's credentials, for convenient reuse.
- The library makes use of the PHP function
ldap_modify_batch()
, which is only available in 5.4 >= 5.4.26, PHP 5.5 >= 5.5.10, PHP 5.6 >= 5.6.0 and PHP 7. Ubuntu 14.04's max version (at the time of writing) is PHP 5.5.9 so Ubuntu 14 does not have this function by default. You could use Ondrej SurĂ˝'s PPA for PHP 5.5 to overcome this. - For obvious reasons, this requires the PHP LDAP module.
- Your domain's root certificate needs to be installed on the web server, for LDAPS to work. Alternatively, you can set TLS_REQCERT to "never" in your ldap.conf (not recommended).