<bdo id='calvi'></bdo><ul id='calvi'></ul>
  • <small id='calvi'></small><noframes id='calvi'>

      <tfoot id='calvi'></tfoot>

    1. <i id='calvi'><tr id='calvi'><dt id='calvi'><q id='calvi'><span id='calvi'><b id='calvi'><form id='calvi'><ins id='calvi'></ins><ul id='calvi'></ul><sub id='calvi'></sub></form><legend id='calvi'></legend><bdo id='calvi'><pre id='calvi'><center id='calvi'></center></pre></bdo></b><th id='calvi'></th></span></q></dt></tr></i><div id='calvi'><tfoot id='calvi'></tfoot><dl id='calvi'><fieldset id='calvi'></fieldset></dl></div>
      1. <legend id='calvi'><style id='calvi'><dir id='calvi'><q id='calvi'></q></dir></style></legend>
      2. 使用 PHP 更新 AD 密码问题

        时间:2024-08-23

          <tbody id='iGJNn'></tbody>
          1. <i id='iGJNn'><tr id='iGJNn'><dt id='iGJNn'><q id='iGJNn'><span id='iGJNn'><b id='iGJNn'><form id='iGJNn'><ins id='iGJNn'></ins><ul id='iGJNn'></ul><sub id='iGJNn'></sub></form><legend id='iGJNn'></legend><bdo id='iGJNn'><pre id='iGJNn'><center id='iGJNn'></center></pre></bdo></b><th id='iGJNn'></th></span></q></dt></tr></i><div id='iGJNn'><tfoot id='iGJNn'></tfoot><dl id='iGJNn'><fieldset id='iGJNn'></fieldset></dl></div>
            <tfoot id='iGJNn'></tfoot>

                <bdo id='iGJNn'></bdo><ul id='iGJNn'></ul>
              • <legend id='iGJNn'><style id='iGJNn'><dir id='iGJNn'><q id='iGJNn'></q></dir></style></legend>

                  <small id='iGJNn'></small><noframes id='iGJNn'>

                • 本文介绍了使用 PHP 更新 AD 密码问题的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

                  问题描述

                  您好,我编写了以下脚本来更新特定用户的密码

                  但是当我运行它时,我得到了以下错误,

                  [root@web chpasswd]# php ad_change.phpPHP 警告:模块 'intl' 已加载到第 0 行的未知中1 个条目返回大批([unicodePwd] =>密码!1234")错误:请稍后再试!服务器不愿意执行53[root@web chpasswd]#

                  我在这里做错了什么?我一直在玩加密,但这也无济于事.我有 Windows Server 2012 R2 Active Directory.

                  非常感谢

                  解决方案

                  结果证明这不是我的代码的问题.我必须在我的服务器上设置证书颁发机构.这就是我所做的,

                  确保您的 PHP 安装同时启用了 ldap 和 openssl 扩展.

                  Windows/Linux 程序

                  验证 ldap.conf 文件设置.

                  对于 Windows,请验证 C:openldapsysconfldap.conf 文件是否存在.

                  对于 Linux,验证/etc/openldap/ldap.conf 文件是否存在.如果没有,请创建它.

                  对于 Linux 和 Windows,ldap.conf 文件应包含以下行:** -

                  TLS_REQCERT 从不

                  如果你想让 php 向颁发证书的证书颁发机构验证 ldap 服务器的 ssl 证书,你需要把根证书放在这里:导出受信任的根证书.(有关详细信息,请参阅如何通过 SSL 测试 LDAP 中的步骤 1).

                  使用此命令将 DER 转换为 PEM:

                  openssl x509 -in RootCert.der -inform DER -out RootCert.pem -outform PEM

                  在 Windows 上,您可以从以下两个站点下载 openssl 二进制文件:

                  http://gnuwin32.sourceforge.net/packages.html

                  http://www.ShininglightPro.com/

                  现在将 rootcert.pem 复制到 certs 文件夹:

                  对于 Linux,/etc/openldap/cert/rootcert.pem

                  对于 Windows,C:openldapsysconfcerts ootcert.pem

                  对于 Linux 和 Windows,ldap.conf 文件应包含以下行:

                  (Linux) TLS_CACERT/etc/openldap/cert/rootcert.pem

                  (Windows) TLS_CACERT c:OpenLDAPsysconfcerts ootcert.pem

                  您可以在 https://github.com/achintha85/AD_User_Password_Change_PHP 上找到我的最新代码p>

                  希望这对将来的人有所帮助.

                  Hi I have written following script to update a password for a specific user

                  <?php
                  
                  function create_ldap_connection() {
                  
                          $ip = "192.168.168.1";
                          $ldaps_url = "192.168.168.1";
                  
                          $port = 389;
                          $ldap_conn = ldap_connect($ldaps_url, $port) or die("Sorry! Could not connect to LDAP server ($ip)");
                  
                          $password = "password";
                          $binddn = "CN=Administrator,CN=Users,DC=ad,DC=test,DC=com";
                          $result = ldap_bind( $ldap_conn, $binddn, $password ) or die("  Error: Couldn't bind to server using provided credentials!");
                  
                          if($result) {
                  
                                  return $ldap_conn;
                          }
                          else {
                                  die (" Error: Couldn't bind to server with supplied credentials!");
                          }
                  }
                  
                  function get_user_dn($ldap_conn, $user_name) {
                  
                          /* Write the below details as per your AD setting */
                          $basedn = "OU=ITS Users,DC=ad,DC=test,DC=com";
                  
                          /* Search the user details in AD server */
                          $searchResults = ldap_search($ldap_conn, $basedn, $user_name);
                  
                          if(!is_resource($searchResults)) die('Error in search results.');
                          /* Get the first entry from the searched result */
                          $entry = ldap_first_entry($ldap_conn, $searchResults);
                  
                          $info = ldap_get_entries($ldap_conn, $searchResults);
                          echo $info["count"]." entries returned
                  ";
                  
                          return ldap_get_dn($ldap_conn, $entry);
                  }
                  
                  function pwd_encryption($newPassword) {
                  
                          $newPassword = """ . $newPassword . """;
                          $len = strlen($newPassword);
                          $newPassw = "";
                  
                          for ($i = 0; $i < $len; $i++) {
                  
                                  $newPassw .= "{$newPassword {$i}}00";
                          }
                  
                          $userdata["unicodePwd"] = $newPassw;
                          return $userdata;
                  }
                  
                  $user_name = "(|(sn=archieg*)(SamAccountName=archieg*))";
                  
                  $user_password = "password!1234";
                  $ldap_conn = create_ldap_connection();
                  $userDn = get_user_dn($ldap_conn, $user_name);
                  $userdata = pwd_encryption ($user_password);
                  
                  print_r($userdata);
                  
                  //$result = ldap_mod_replace($ldap_conn, $userDn , $userdata);  /* Check whether the password updated successfully or not. */
                  $result = ldap_modify($ldap_conn, $userDn , $userdata);
                  
                  if($result) {
                  
                          echo "Success attempting to modify password in AD";
                  }
                  else {
                  
                          echo "Error: Please try again later!
                  ";
                          $e = ldap_error($ldap_conn);
                          $e_no = ldap_errno($ldap_conn);
                          echo $e . "
                  ";
                          echo $e_no . "
                  ";
                  }
                  
                  ?>
                  

                  However when I run this I get the following error,

                  [root@web chpasswd]# php ad_change.php 
                  PHP Warning:  Module 'intl' already loaded in Unknown on line 0
                  1 entries returned
                  Array
                  (
                      [unicodePwd] => "password!1234"
                  )
                  Error: Please try again later!
                  Server is unwilling to perform
                  53
                  [root@web chpasswd]# 
                  

                  What am I doing wrong here? I've been playing around with the encryption but that didn't help either. I have Windows Server 2012 R2 Active Directory.

                  Many Thanks

                  解决方案

                  It worked out that this wasn't a issue with my code. I had to setup certificate authority on my server. This is what I did,

                  Make sure your PHP install has both the ldap and openssl extensions enabled.

                  Windows/Linux Procedure

                  Verify the ldap.conf file settings.

                  For Windows, verify that the C:openldapsysconfldap.conf file exists.

                  For Linux, verify that the /etc/openldap/ldap.conf file exists. If it does not, create it.

                  For both Linux and Windows, the ldap.conf file should contain this line: ** -

                  TLS_REQCERT never

                  If you want php to verify the ldap server's ssl certificate with the Certificate Authority that issued the certificate, you need to put the root certificate here: Export the trusted root Certificate. (For details, see Step 1 in How to test LDAP over SSL).

                  Use this command to convert the DER to PEM:

                  openssl x509 -in RootCert.der -inform DER -out RootCert.pem -outform PEM

                  On Windows you can download openssl binaries from these two sites:

                  http://gnuwin32.sourceforge.net/packages.html

                  http://www.ShininglightPro.com/

                  Now copy the rootcert.pem to the certs folder:

                  For Linux, /etc/openldap/cert/rootcert.pem

                  For Windows, C:openldapsysconfcerts ootcert.pem

                  For both Linux and Windows, the ldap.conf file should contain this line:

                  (Linux) TLS_CACERT /etc/openldap/cert/rootcert.pem

                  (Windows) TLS_CACERT c:OpenLDAPsysconfcerts ootcert.pem

                  You can find my latest code on https://github.com/achintha85/AD_User_Password_Change_PHP

                  Hope this helps someone in the future.

                  这篇关于使用 PHP 更新 AD 密码问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

                      <tbody id='0oon9'></tbody>

                    • <i id='0oon9'><tr id='0oon9'><dt id='0oon9'><q id='0oon9'><span id='0oon9'><b id='0oon9'><form id='0oon9'><ins id='0oon9'></ins><ul id='0oon9'></ul><sub id='0oon9'></sub></form><legend id='0oon9'></legend><bdo id='0oon9'><pre id='0oon9'><center id='0oon9'></center></pre></bdo></b><th id='0oon9'></th></span></q></dt></tr></i><div id='0oon9'><tfoot id='0oon9'></tfoot><dl id='0oon9'><fieldset id='0oon9'></fieldset></dl></div>
                      <tfoot id='0oon9'></tfoot>
                        <legend id='0oon9'><style id='0oon9'><dir id='0oon9'><q id='0oon9'></q></dir></style></legend>
                        • <bdo id='0oon9'></bdo><ul id='0oon9'></ul>
                        • <small id='0oon9'></small><noframes id='0oon9'>