什么是LDAP_PHP
LDAP
LDAP是什么LDAP是一个用来发布目录信息到许多不同资源的协议。通常它都作为一个集中的地址本使用,不过根据组织者的需要,它可以做得更加强大。
LDAP最基本的形式是一个连接数据库的标准方式。该数据库为读查询作了优化。因此它可以很快地得到查询结果,不过在其它方面,例如更新,就慢得多。要特别注意的是,LDAP通常作为一个hierarchal数据库使用,而不是一个关系数据库。因此,它的结构用树来表示比用表格好。正因为这样,就不能用SQL语句了。
简单说来,LDAP是一个得到关于人或者资源的集中、静态数据的快速方式。
LDAP是轻量目录访问协议(Lightweight Directory Access Protocol)的缩写,其实是一话号码簿,类似于我们所使用诸如NIS(Network Information Service)、DNS (Domain Name Service)等网络目录,也类似于你在花园中所看到的树木。
LDAP是一种特殊的数据库。但是LDAP和一般的数据库不同,明白这一点是很重要的。 LDAP对查询进行了优化,与写性能相比LDAP的读性能要优秀很多。
1.1 LDAP的存储规则
区分名(DN,Distinguished Name)
和自然界中的树不同,文件系统/LDAP/电话号码簿目录的每一片枝叶都至少有一个独一无二的属性,这一属性可以帮助我们来区别这些枝叶。
在文件系统中, 这些独一无二的属性就是带有完整路径的文件名。比如/etc/passwd,该文件名在该路径下是独一无二的。当然我们可以有/usr/passwd, /opt/passwd,但是根据它们的完整路径,它们仍然是唯一的。
在LDAP中,一个条目的区分名称叫做“dn”或者叫做区分名。在一个目录中这个名称总是唯一的。比如,我的dn是"uid=aghaffar, ou=People, o=developer.ch"。不可能有相同的dn,但是我们可以有诸如"uid=aghaffar, ou=Administrators, o=developer.ch"的dn。这同上面文件系统中/etc/passwd 和 /usr/passwd的例子很类似。
我们有独一无二的属性,在"ou=Administrators, o=developer.ch" 中uid和在"ou=People, o=developer.ch"中的uid。这并不矛盾。
CN=Common Name 为用户名或服务器名,最长可以到80个字符,可以为中文;
OU=Organization Unit为组织单元,最多可以有四级,每级最长32个字符,可以为中文;
O=Organization 为组织名,可以3—64个字符长
C=Country为国家名,可选,为2个字符长
LDAP目录以一系列“属性对”的形式来存储记录项,每一个记录项包括属性类型和属性值(这与关系型数据库用行和列来存取数据有根本的不同)。
mail = testmail@mccc.net
othermailbox = testmailother@mccc.com
givenname = givenname
sn = test sn
属性可添加,以下一个属性必须赋值:
objectclass=person (值为:person 或 server 或 organization 或 其他自定义的值)
2 Php如何操作LDAP
2.1 Php如何与LDAP连接和关闭
$ds=ldap_connect("ServerName")
ServerName是LDAP的服务器名,
例:
$ds=ldap_connect(“10.31.172.30:1000”)
返回值是:true 或 false
关闭连接
ldap_close($ds);
2.2 在php中如何搜索用户信息
$ds=ldap_connect("10.31.172.30:1000");
//首先连接上服务器
$justthese = array("cn","userpassword",”location”);
//搜索函数中的一个参数,要求返回哪些信息,
//以上传回cn,userpassword,location,这些都要求小写
$sr=ldap_search($ds,"o=jite", "cn=dom*",$justthese);
//第一个参数开启LDAP的代号
//第二个参数最基本的 dn 条件值 , 例:”o=jite,c=cn”
//第三个参数 filter 为布林条件,它的语法可以在 Netscape 站上找一份 dirsdkpg.pdf 档案.
// ’o’为组织名,’cn’ 为用户名,用户名可用通配符 ’*’
echo "domadmin姓氏有".ldap_count_entries($ds,$sr)." 个
";
//ldap_count_entries($ds,$sr)传回记录总数
$info = ldap_get_entries($ds, $sr);
//LDAP的全部传回资料
echo "资料传回 ".$info["count"]."笔:
";
for ($i=0; $iecho "dn为:". $info[$i]["dn"] ."
";
echo "cn为:". $info[$i]["cn"][0] ."
"; //显示用户名
echo "email为:". $info[$i]["mail"][0] ."
"; //显示mail
echo "email为:". $info[$i][“userpassword"][0] ."
"; //显示加密后的密码
}
2.3 添加用户
$ds=ldap_connect("10.31.172.30:1000");
//首先连接上服务器
$r=ldap_bind($ds,"cn=domadmin,o=jite","password");
//系住一个管理员,有写的权限
// cn=domadmin,o=jite顺序不能变
$info["cn"]="aaa"; //必填
$info["userpassword"]="aaa";
$info["location"]="shanghai";
$info["objectclass"] = "person"; //必填person为个人,还有server…
ldap_add($ds, "cn=".$info["cn"].",o=jite", $info);
ldap_unbind($ds);
//取消绑定
ldap_close($ds);
//关闭连接
2.4 删除用户
$ds=ldap_connect("10.31.172.30:1000");
//首先连接上服务器
ldap_bind($ds,"cn=domadmin,o=jite","password");
//绑定管理员,有删除的权限
$dn="cn=dingxf,o=jite";
ldap_delete($ds, $dn);
//删除用户
ldap_unbind($ds);
//取消绑定
ldap_close($ds);
//关闭连接
2.5 修改用户资料
$ds=ldap_connect("10.31.172.30:1000");
//首先连接上服务器
ldap_bind($ds,"cn=domadmin,o=jite","password");
//绑定管理员,有修改的权限
$dn="cn=dingxf,o=jite";
//用户dn
$info["userpassword"]="aaa"; //要修改的信息,放在数组变量中
$info["location"]="shanghaisdaf";
ldap_modify($ds, $dn , $info);
//修改函数
ldap_unbind($ds);
//取消绑定
ldap_close($ds);
//关闭连接
2.6 用户登录验证
$ds=ldap_connect("10.31.172.30:1000");
//首先连接上服务器
if (ldap_bind($ds,"cn=dingxf,o=jite","dingxf")){
echo "验证通过";
}else{
echo "验证不通过";
}
ldap_unbind($ds);
//取消绑定
ldap_close($ds);
//关闭连接
注:此方法比较简单,实用,它也有不足之处,如果不通过,ldap_bind()提示它自带的提示语:”Warning: LDAP: Unable to bind to server: Inappropriate authentication in /home/htdocs/jldl.net/ldap/test.php3 on line 16”
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1376
52
How to use Xiaohongshu account to find users? Can I find my mobile phone number?
Mar 22, 2024 am 08:40 AM
With the rapid development of social media, Xiaohongshu has become one of the most popular social platforms. Users can create a Xiaohongshu account to show their personal identity and communicate and interact with other users. If you need to find a user’s Xiaohongshu number, you can follow these simple steps. 1. How to use Xiaohongshu account to find users? 1. Open the Xiaohongshu APP, click the "Discover" button in the lower right corner, and then select the "Notes" option. 2. In the note list, find the note posted by the user you want to find. Click to enter the note details page. 3. On the note details page, click the "Follow" button below the user's avatar to enter the user's personal homepage. 4. In the upper right corner of the user's personal homepage, click the three-dot button and select "Personal Information"
Log in to Ubuntu as superuser
Mar 20, 2024 am 10:55 AM
In Ubuntu systems, the root user is usually disabled. To activate the root user, you can use the passwd command to set a password and then use the su- command to log in as root. The root user is a user with unrestricted system administrative rights. He has permissions to access and modify files, user management, software installation and removal, and system configuration changes. There are obvious differences between the root user and ordinary users. The root user has the highest authority and broader control rights in the system. The root user can execute important system commands and edit system files, which ordinary users cannot do. In this guide, I'll explore the Ubuntu root user, how to log in as root, and how it differs from a normal user. Notice
How to connect keep body fat scale
Mar 07, 2024 pm 04:50 PM
How to connect the keep body fat scale? Keep has a specially designed body fat scale, but most users do not know how to connect the keep body fat scale. Next is the graphic tutorial on the connection method of the keep body fat scale that the editor brings to users. , interested users come and take a look! How to connect the keep body fat scale 1. First open the keep software, go to the main page, click [My] in the lower right corner, and select [Smart Hardware]; 2. Then on the My Smart Devices page, click the [Add Device] button in the middle; 3 , then select the device you want to add interface, select [Smart Body Fat/Weight Scale]; 4. Then on the device model selection page, click the [keep body fat scale] option; 5. Finally, in the interface shown below, finally [Add Now] at the bottom
What is sudo and why is it important?
Feb 21, 2024 pm 07:01 PM
sudo (superuser execution) is a key command in Linux and Unix systems that allows ordinary users to run specific commands with root privileges. The function of sudo is mainly reflected in the following aspects: Providing permission control: sudo achieves strict control over system resources and sensitive operations by authorizing users to temporarily obtain superuser permissions. Ordinary users can only obtain temporary privileges through sudo when needed, and do not need to log in as superuser all the time. Improved security: By using sudo, you can avoid using the root account during routine operations. Using the root account for all operations may lead to unexpected system damage, as any mistaken or careless operation will have full permissions. and
How to solve limited network connection in Windows 10
Feb 19, 2024 pm 09:20 PM
Solutions to Restricted Network Connections in Win10 With the rapid development of technology, the Internet has become an indispensable part of people's lives. However, sometimes we may encounter some problems when connecting to the Internet on computers using the Windows 10 operating system, one of which is restricted connections. In this case, we cannot access web pages, download files, or use network functions normally. So, is there any way to solve this problem? This article will introduce you to several common solutions. 1. Check the network connection settings. First, I
What does printer error code 0x0000011b mean?
Feb 18, 2024 pm 10:02 PM
What does 0x0000011b mean when connecting to a printer? Users often encounter various error codes when using computers, laptops or other devices. Among them, 0x0000011b is a common printer connection error code. So, what does connecting printer 0x0000011b mean? First, we need to understand the basic principles of printer connection. When we need to print files from the computer, we usually need to connect the printer to the computer for data transfer between the two. This connection can be made via
Analysis of user password storage mechanism in Linux system
Mar 20, 2024 pm 04:27 PM
Analysis of user password storage mechanism in Linux system In Linux system, the storage of user password is one of the very important security mechanisms. This article will analyze the storage mechanism of user passwords in Linux systems, including the encrypted storage of passwords, the password verification process, and how to securely manage user passwords. At the same time, specific code examples will be used to demonstrate the actual operation process of password storage. 1. Encrypted storage of passwords In Linux systems, user passwords are not stored in the system in plain text, but are encrypted and stored. L
How to connect OnePlus watch to Bluetooth headset_How to connect OnePlus watch to Bluetooth headset
Mar 23, 2024 pm 01:16 PM
1. Place the earphones in the earphone box and keep the lid open. Press and hold the button on the box to enter the pairing state of the earphones. 2. Turn on the watch music function and select Bluetooth headphones, or select Bluetooth headphones in the watch settings function. 3. Select the headset on the watch to pair successfully.
