轻量级目录访问协议(LDAP)是一种用于通过IP网络访问和维护分布式目录信息服务的应用程序协议。
openldap:如何获取包含OU = idmap的所有条目?
这条线以SambaidMapentry返回所有条目 ldapsearch -q -h ldaps://ldap1.blu.priv -b dc = ldap1,dc = blu,dc = priv -d cn = mailAccountreader,ou = manager,dc = ldap1,dc = ldap1,dc = blu,dc = priv = priv priv -vvv -lll -lll -ll -ll -lll -wl -ll -ll -ll -ll -ll -wl -ll -ll -ll -ll -wl -wl -wl -wl -wl -ww -w passwork ...
JAVALDAP错误Javax.Naming.NamingException:[LDAP:错误代码1- 000004DC:LDAPERR:DSID -0C09075A
我有一个C#代码可以连接到LDAP服务器,并且可以很好地运行 工作C#代码在下面给出 user =“ myname@myorg.com”; 字符串pwd =“秘密”; 字符串uid =“ ...
如何使用ldapsearch列出所有sysaccounts? 我尝试一些事情(失败): ldapsearch -x -b“ dc =示例,dc = com” -h ldap://ipa.example.com -d \ “ uid = myuser,cn = sysaccounts,cn = etc,dc =
然后在usercontroller中登录函数: // Login User public function login() { // Check if the user is already logged in if ($this->Session->check('Auth.User.id')){ // Redirect to login page $this->redirect($this->Auth->loginRedirect); } else{ // If the user is not logged in session_set_cookie_params(0); // If the request is a POST request if ($this->request->is('post')) { //get credentials $this->username = $this->request->data['User']['username']; $this->password = $this->request->data['User']['password']; $this->domain = $this->request->data['User']['domain']; //debug($this->username); debug($this->domain) ; if ($this->Auth->login() ) { // Successful login //Check if specific user exists in LDAP: $this->loadModel('LdapUser'); $this->ds = $this->LdapUser->isConnected(); //print_r('Ldap status: '. $this->ds); //debug($this->ds) ; //echo $this->ds; $this->isLdapUser = $this->LdapUser->isLdapUser($this->username . //debug($this->isLdapUser); if ( $this->username =='tsc' || $this->ds ){ if ($this->isLdapUser || 'tsc' ) { // Get all the user information and store in Session $this->User->id = $this->Auth->user('id'); $this->User->contain(array('User', 'Role' => array('Ui', 'Action.name'))); $this->Session->write('User', $this->User->read()); $actions = array(); foreach ($this->Session->read('User.Role.Action') as $key => $value){ array_push($actions, $value['name']); } $this->Session->write('User.Role.Action', $actions); // Render different layout depending on user type if($this->Session->read('User.Role.Ui.name') == Configure::read('usertype.msp')){ $this->Session->write('SessionValues.ui', Configure::read('usertype.msp')); $this->Auth->loginRedirect = array('controller' => 'PortStats', 'action' => 'index'); } else if($this->Session->read('User.Role.Ui.name') == Configure::read('usertype.tsc')){ $this->Session->write('SessionValues.ui', Configure::read('usertype.tsc')); $this->Auth->loginRedirect = array('controller' => 'PortStats', 'action' => 'index'); } else if($this->Session->read('User.Role.Ui.name') == Configure::read('usertype.superAdminUserType')){ $this->Auth->loginRedirect = array('controller' => 'uis', 'action' => 'index'); } // Redirect to main login page $this->redirect($this->Auth->loginRedirect); } else { // Failed login session_destroy(); $this->Session->setFlash(__('Login failed: access not granted'), 'default', array(), 'fail'); } } else { // Failed login session_destroy(); $this->Session->setFlash(__('Login failed: LDAP out of reach'), 'default', array(), 'fail'); } } else { // Failed login $this->Session->setFlash(__('Invalid username or password, please try again'), 'default', array(), 'fail'); } } } } 我得到: Warning (2): ldap_bind() [http://php.net/function.ldap-bind]: Unable to bind to server: Invalid credentials [APP/Model/LdapUser.php, line 56] Warning (512): Model "User" is not associated with model "User" [CORE/Cake/Model /Behavior/ContainableBehavior.php, line 339] 我的猜测是,这可能是platofrms之间有案例敏感性的东西,但确实很困扰,在Ubuntu中不起作用。 [编辑]有我的用户模型: <?php App::uses('AuthComponent', 'Controller/Component'); class User extends AppModel { public $name = 'User'; var $actsAs = array('Containable'); // Define which database to use var $useDbConfig = 'myDb'; // Many-To-One relationship var $belongsTo = array('Role'); // validation of input data public $validate = array( 'username' => array( 'required' => array( 'rule' => 'notEmpty', 'message' => 'A username is required' ), 'isUnique' => array ( 'rule' => 'isUnique', 'message' => 'This username already exists' ) ), 'password' => array ( 'not_empty' => array ( 'rule' => 'notEmpty', 'message' => 'The field "Password" cannot be empty' ), 'between_chars' => array ( 'rule' => array ('between', 4, 10), 'message' => 'Password must be between 4 and 10 chars' ) ), 'passwordVerify' => array( 'not_empty' => array ( 'rule' => 'notEmpty', 'message' => 'The field "Confirm Password" cannot be empty' ), 'match_password' => array ( 'rule' => 'matchPasswords', 'message' => '"Confirm Password" must be the same as "Password"' ) ), 'name' => array( 'required' => array( 'rule' => array('notEmpty'), 'message' => 'A name is required' ) ), 'surname' => array( 'required' => array( 'rule' => array('notEmpty'), 'message' => 'A surname is required' ) ), 'role_id' => array( 'valid' => array( 'rule' => 'notEmpty', 'message' => 'Please enter a valid role', 'allowEmpty' => false ) ), 'oldPassword' => array ( 'match_password' => array ( 'rule' => 'matchOldPassword', 'message' => 'Invalid password' ), 'required' => array ( 'rule' => 'requiredOldPassword', 'message' => '"Current Password" is required if you wish to edit the password' ) ), 'newPassword' => array ( 'required' => array ( 'rule' => 'requiredNewPassword', 'message' => '"New Password" is required if you wish to edit the password' ), 'between_chars' => array ( 'rule' => 'lengthNewPassword', 'message' => 'Password must be between 4 and 10 chars' ) ), 'newPasswordVerify' => array ( 'required' => array ( 'rule' => 'requiredNewPasswordVerify', 'message' => '"Confirm Password" is required if you wish to edit the password' ), 'match_password' => array ( 'rule' => 'matchNewPasswordVerify', 'message' => '"Confirm Password" must be the same as "New Password"' ) ) ); // Verify that password and password verification match when creating a new user public function matchPasswords ($data) { if ($this->data['User']['password'] == $this->data['User']['passwordVerify']) { return true; } else { return false; } } public function matchOldPassword ($data) { if (!empty($this->data['User']['oldPassword'])){ // when an input is given for 'oldPassword'... if ($_SESSION['User']['User']['password'] == AuthComponent::password($this->data['User']['oldPassword'])) { // when password is correct (equal to 'password') return true; } else { // when password is invalid (not equal to 'password') return false; } } return false; // default value when 'oldPassword' is empty } // Verify that a value for 'oldPassword' (current password) is given when 'newPassword' or 'newPasswordVerify' are also given during the procedure of editing the password public function requiredOldPassword ($data) { if (!empty($this->data['User']['newPassword']) || !empty($this->data['User'] ['newPasswordVerify'])){ // when an input is given for 'newPassword' or 'newPasswordVerify'... if (!empty($this->data['User']['oldPassword'])){ // when an input is given for oldPassword... return true; } else { // when no input is given for oldPassword... return false; } } return false; // default value when 'newPassword' and 'newPasswordVerify' are left empty } // Verify that a value for 'newPassword' (current password) is given when public function requiredNewPassword ($data) { if (!empty($this->data['User']['oldPassword']) || !empty($this->data['User']['newPasswordVerify'])){ // when an input is given for 'oldPassword' or 'newPasswordVerify'... if (!empty($this->data['User']['newPassword'])){ return true; } else { // when no input is given for newPassword... return false; } } return false; } // Verify that 'newPassword' has an appropriate length public function lengthNewPassword ($data) { if (!empty($this->data['User']['newPassword'])) { )>=4 && . strlen($this->data['User']['newPassword'])<=10){ // when length is valid.. return true; } else { // when length is invalid... return false; } } return false; // default value when 'newPassword' is left empty } public function matchNewPasswordVerify ($data) { if ($this->data['User']['newPassword'] == $this->data['User'] ['newPasswordVerify']) { return true; } else { return false; } } public function requiredNewPasswordVerify ($data) { if (!empty($this->data['User']['oldPassword']) || !empty($this->data['User']['newPassword'])){ // when an input is given for 'oldPassword' or 'newPassword'... if (!empty($this->data['User']['newPasswordVerify'])){ // when an return true; } else { // when no input is given for newPasswordVerify... return false; } } return false; // default value when 'oldPassword' and 'newPassword' are left empty } // Password stored with SHA1 (cakePHP default) or MD5 hashing algorithm public function beforeSave($options = array()) { if (isset($this->data[$this->alias]['password'])) { $this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']); //$this->data['User']['password'] = md5($this->data['User'] ['password']); // MD5 hashing algorithm } return true; } var $hasMany = array( 'MspDashboard' => array( 'className' => 'MspDashboard', 'foreignKey' => 'user_id', 'dependent' => false, 'conditions' => '', 'fields' => '', 'order' => '', 'limit' => '', 'offset' => '', 'exclusive' => '', 'finderQuery' => '', 'counterQuery' => '' ) ); } [编辑]: 我倾向于相信警告对我的问题不负责: 它发生在两个平台中,但不应该中断站点的汇集。 当Windows中的调试级别= 2时,我会看到: 但是,在Ubuntu中,我得到的只是这个屏幕: 512关联错误: $this->User->contain(array('User', 'Role' => array('Ui', 'Action.name'))); 改变: $this->User->contain(array('Role' => array('Ui', 'Action.name'))); 不包含模型本身。 LDAP错误似乎是这样的行: $this->exists = ldap_bind($this->ds, $user, $pass); 我将从这样的代码开始进行调试: var_dump($this->ds); var_dump($user); var_dump($pass); $this->exists = ldap_bind($this->ds, $user, $pass); 拷贝 - 将这些数据放入某些LDAP工具中,并首先验证它们是正确的。 尝试此功能以获取更多错误信息: http://php.net/manual/en/function.ldap-error.php ,神秘解决: 警告与此无关: 代码线是错误的: if ($this->isLdapUser || 'tsc' ) { ....... 用户TSC在本地DB中是管理员,并且在LDAP中不存在,因此肯定会从LDAP_BIND中获得时间,看起来Ubuntu平台会在浏览器超时上崩溃我的应用程序。相反,我的本地机器将在时间外等待并继续登录。 我刚刚修改了我的代码,所以管理用户'tsc' 将直接登录而无需从LDAP auth登录。
以前曾问过这个问题,但答案已经过时了,我想知道现代方法是什么。 我有一些C#代码可以搜索具有员工ID的员工的Active Directory ...
https://grafana.com/docs/grafana/latest/latest/developers/http_api/http_api/dashboard/dashboard/#gets-the-home-dashboard
使用Java代码,我试图在AD LDAP中误解用户,但是我无法将用户accountControl状态设置为512,尽管我试图通过我的代码将状态传递为512,但是创建了用户
I使用KeyCloak API获取所有用户(分批)。 KeyCloak在处理此请求时为每个用户提出LDAP请求。 在获得所有KeyCloak用户时,是否可以排除LDAP搜索? 它...
superset丢失密码,并在ldap Integration添加用户时丢失密码
I已启用了超级集合的LDAP,现在我在添加用户时看不到密码并确认密码。 如果我删除LDAP,则一切正常。 超级版本:4.0.2 先感谢您。 这是...
的keycloak用户 我通过用户联合会在OpenLDAP和KEYCLOAK之间进行同步,一切正常(从LDAP,身份验证等导入)。 我需要有可能从LD禁用KeyCloak用户...
我设法与Fedora 389合作。 我创建了一个“启用”属性作为字符串,并在联邦配置中创建了相应的映射器,为“用户 - attribute-dap-mapper”。 现在,当我更改KeyCloak中的“启用”开关时,更改将传播到ldap