How to authenticate users in PHP using Active Directory without username and password

Question

How to authenticate users in PHP using Active Directory without username and password. When a domain user login, it can also logged in PHP application which is connected with Active Directory.

possible duplicate of [Authenticating in PHP using LDAP through Active Directory](http://stackoverflow.com/questions/171519/authenticating-in-php-using-ldap-through-active-directory) — almalki, Feb 11 '15 at 11:24
Thanks for reply, Dear my php application is already connected with ldap. user get first php login page. after the authentication from ldap; user can access application. now i want to remove login page. user just login with domain user and reach get homepage with entering username and password. my php application auto match username and password from windows domain username and password. please guide. — , Feb 11 '15 at 11:49

score 0 · Accepted Answer · answered Feb 11 '15 at 12:48

What you are looking for is seamless kerberos SSO authentication using active directory where a browser automatically sends some negotiation token that you need to verify. Usually, this is delegated to the web server. There are several Apache plugins to do so:

mod_auth_sspi for Apache on Windows: http://mod-auth-sspi.sourceforge.net/

mod_auth_kerb for Apache on Linux: http://modauthkerb.sourceforge.net

mod_ntlm for Apache on Linux: http://modntlm.sourceforge.net

mod_auth_ntlm_winbind for Apache http://adldap.sourceforge.net/wiki/doku.php?id=mod_auth_ntlm_winbind

Did it work for you? Would you help me? How did you make it work? — HagaHood, Feb 27 '18 at 14:11

score 0 · Answer 2 · answered Apr 13 '23 at 09:50

// Active Directory Integration || Codeigniter version '3.1.11' || PHP

<?php 
#if ( ! defined('BASEPATH')) exit('No direct script access allowed');

 require FCPATH . 'vendor/autoload.php';
 use LdapRecord\Connection;

class Activedir
{
   private $CI;   

   function __construct()
   {
     $this->CI =& get_instance();  
   }

   public function auth($emp_code="",$pass="")
   {
        $connection = new Connection([
            'hosts'    => ["deepbase.in"],
            'username' => trim($emp_code)."@deepbase.in",
            'password' => trim($pass),
        ]);

        try {
            $connection->connect();
            $query = $connection->query();
            
            $resp = array(
                'status' => false,
                'auth_status' => "Authentication Successful",
                'error_msg' => ""
            );
            
            return $resp;
          
        } catch (\LdapRecord\Auth\BindException $e) {
            $error = $e->getDetailedError();

            $resp = array(
                'status' => true,
                'auth_status' => "Authentication Failed",
                'error_msg' => $error->getErrorMessage()
            );

            return $resp;

            // echo "Error Code :".$error->getErrorCode()."<br/>";
            // echo "Error Message :".$error->getErrorMessage()."<br/>";
            // echo "Error Diagnostic Message :".$error->getDiagnosticMessage()."<br/>";
        }

        
   }
}

How to authenticate users in PHP using Active Directory without username and password

2 Answers2