headers
Tommy Pham | 1 Dec 2010 02:49
Picon

RE: LDAP, Active Directory, and permissions

> -----Original Message-----
> From: cknipe <at> savage.za.org [mailto:cknipe <at> savage.za.org] On Behalf Of
> Chris Knipe
> Sent: Tuesday, November 30, 2010 4:47 AM
> To: php-general <at> lists.php.net
> Subject: [PHP] LDAP, Active Directory, and permissions
> 
> Hi,
> 
> I've found various sources and are successfully manipulating Active
> Directory from PHP on our Domain Controller - frankly, things works much
> better than I expected :)
> 
> I have now reached the point where I need to set permissions on objects in
> Active Directory, i.e. to restrict read permissions to certain OUs and
objects
> within the directory (mainly related to Exchange stuff).
> 
> Is there anything in PHP which can be used to set permissions on AD
> objects?  I haven't found any reference to doing this anywhere, so I
thought
> I'd give it a chance here... If not, then I suppose I'll have to code some
..NET
> application to act as a gateway between the PHP interface and Active
> Directory, but naturally I would like to do as much as possible from
within
> PHP itself.
> 
> Many thanks,
>
(Continue reading)

Permalink | Reply | 2 comments |
headers
Mohammad Taghi Khalifeh | 1 Dec 2010 04:28
Picon

Re: PHP shows nothing

Daniel

On Wed, Dec 1, 2010 at 1:28 AM, Daniel P. Brown
<daniel.brown <at> parasane.net>wrote:

> On Tue, Nov 30, 2010 at 16:51, Mohammad Taghi Khalifeh
> <khalifeh.mt <at> gmail.com> wrote:
> > it seems that the problem is in pg_connect().
>
>     Do you have PostgreSQL support compiled into PHP?
>
>    Command line:
>        php -i | egrep -i 'postgres|pgsql'
>
>    Web:
>        <?php phpinfo(); /* Check in a browser for 'pgsql' or 'postgres' */
> ?>
>

In Command line output, there was --with-pgsql=shared and
--with-pdo-pgsql=shared,
but phpinfo() did not load any library related to pgsql. so I figured out
that some libraries are not installed.
Installing php-pgsql package from fedora repos, problem solved.
Thank you so much for your help: it works for me very well. :)

Other thing that I want to know is that,
somewhere<http://us2.php.net/manual/en/pdo.installation.php>I read
that loading pdo drivers
as shared libraries are not recommended. whats wrong with that? and how can
(Continue reading)

Permalink | Reply | 0 comments |
headers
Chris Knipe | 1 Dec 2010 07:52

RE: LDAP, Active Directory, and permissions

Hi,

> Chris,
> 
> 1) Shouldn't the OU security permissions be set within the AD itself?
> 2) If the above is done, then the user account that's being authenticated
> shouldn't be able to access privileged information.

1) Not sure.  The permissions I'm after is similar to that of NTFS
permissions on the file system.  Essentially, it is a way to restrict an
application to read certain OU's or Objects completely, making it invisible.
FYI... http://technet.microsoft.com/en-us/library/cc785913(WS.10).aspx

2) This is completely irrelevant to authentication.  See point 1 above.

> Just curious, are you using phpldapadmin?

A modified version of adLDAP, http://adldap.sourceforge.net/

Regards,
Chris.

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Permalink | Reply | 1 comment |
headers
Tommy Pham | 1 Dec 2010 08:50
Picon

RE: LDAP, Active Directory, and permissions

> -----Original Message-----
> From: Chris Knipe [mailto:cknipe <at> savage.za.org] On Behalf Of Chris Knipe
> Sent: Tuesday, November 30, 2010 10:52 PM
> To: php-general <at> lists.php.net
> Subject: RE: [PHP] LDAP, Active Directory, and permissions
> 
> Hi,
> 
> > Chris,
> >
> > 1) Shouldn't the OU security permissions be set within the AD itself?
> > 2) If the above is done, then the user account that's being
> > authenticated shouldn't be able to access privileged information.
> 
> 1) Not sure.  The permissions I'm after is similar to that of NTFS
permissions
> on the file system.  Essentially, it is a way to restrict an application
to read
> certain OU's or Objects completely, making it invisible.
> FYI... http://technet.microsoft.com/en-us/library/cc785913(WS.10).aspx

I guess you didn't read far down enough to 'User Authentication':  'Active
Directory ... to access objects...'  (Note that every OU is the same any
network resource.)  That's exactly what I mentioned.  OU security settings
is similar to NTFS, user/group with the lesser privilege applies.

> 
> 2) This is completely irrelevant to authentication.  See point 1 above.

It's completely relevant, if you set the permissions on the OUs. (How do you
(Continue reading)

Permalink | Reply | 0 comments |
headers
Bob McConnell | 1 Dec 2010 14:23
Favicon

RE: LDAP, Active Directory, and permissions

From: Chris Knipe

> I've found various sources and are successfully manipulating Active
> Directory from PHP on our Domain Controller - frankly, things works
much
> better than I expected :)
> 
> I have now reached the point where I need to set permissions on
objects in
> Active Directory, i.e. to restrict read permissions to certain OUs and
> objects within the directory (mainly related to Exchange stuff).
> 
> Is there anything in PHP which can be used to set permissions on AD
> objects?  I haven't found any reference to doing this anywhere, so I
thought
> I'd give it a chance here... If not, then I suppose I'll have to code
some
> ..NET application to act as a gateway between the PHP interface and
Active
> Directory, but naturally I would like to do as much as possible from
within
> PHP itself.

I don't know about your IT group, but around here and at any of our
clients, they will never allow anyone outside their office modify access
rights, or add users. It takes a written request by a manager or above
to get them to make any changes, and each request must include the
reasons for the change.

No we cannot use the master LDAP server for testing. We have a couple of
(Continue reading)

Permalink | Reply | 1 comment |
headers
Bundhoo M Nadim | 1 Dec 2010 15:50

$_POST issues

Hello,

Can someone explain me what this piece of code basically does ?

<?php
     header("Expires: " . gmdate("D, d M Y H:i:s", time() + (0*60)) . 
"GMT");
     header("Pragma: no-cache");
     print "REDIRECT=http://www.domaine.com/page.php?";
     $param = http_build_query($_POST);
     print $param;
     exit(0);
?>

Well, the code is redirecting to some page with query string constructed 
using the $_POST data.

My problem is not the redirection; but all I want is to get the data in 
$_POST

If I just put only this piece of code:

<?php
     var_dump($_POST);
?>

i get nothing. But the above codes is successfully redirecting me to 
page.php with a properly constructed query string -> which means that 
$_POST was never empty. So why var_dump($_POST) is returning just 
array(0) { } ???
(Continue reading)

Permalink | Reply | 19 comments |
headers
Richard Quadling | 1 Dec 2010 15:59
Picon
Gravatar

Re: $_POST issues

On 1 December 2010 14:50, Bundhoo M Nadim <nadim <at> alienworkers.com> wrote:
> Hello,
>
> Can someone explain me what this piece of code basically does ?
>
> <?php
>    header("Expires: " . gmdate("D, d M Y H:i:s", time() + (0*60)) . "GMT");
>    header("Pragma: no-cache");
>    print "REDIRECT=http://www.domaine.com/page.php?";
>    $param = http_build_query($_POST);
>    print $param;
>    exit(0);
> ?>
>
> Well, the code is redirecting to some page with query string constructed
> using the $_POST data.
>
> My problem is not the redirection; but all I want is to get the data in
> $_POST
>
> If I just put only this piece of code:
>
> <?php
>    var_dump($_POST);
> ?>
>
> i get nothing. But the above codes is successfully redirecting me to
> page.php with a properly constructed query string -> which means that $_POST
> was never empty. So why var_dump($_POST) is returning just array(0) { } ???
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Daniel P. Brown | 1 Dec 2010 16:01

Re: $_POST issues

On Wed, Dec 1, 2010 at 09:50, Bundhoo M Nadim <nadim <at> alienworkers.com> wrote:
>
> If I just put only this piece of code:
>
> <?php
>    var_dump($_POST);
> ?>
>
> i get nothing. But the above codes is successfully redirecting me to
> page.php with a properly constructed query string -> which means that $_POST
> was never empty. So why var_dump($_POST) is returning just array(0) { } ???

    Are you actually posting data to it?

-- 
</Daniel P. Brown>
Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting
(866-) 725-4321
http://www.parasane.net/

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Permalink | Reply | 9 comments |
headers
Bundhoo M Nadim | 1 Dec 2010 16:12

Re: $_POST issues

On 01/12/2010 19:01, Daniel P. Brown wrote:
> On Wed, Dec 1, 2010 at 09:50, Bundhoo M Nadim<nadim <at> alienworkers.com>  wrote:
>> If I just put only this piece of code:
>>
>> <?php
>>     var_dump($_POST);
>> ?>
>>
>> i get nothing. But the above codes is successfully redirecting me to
>> page.php with a properly constructed query string ->  which means that $_POST
>> was never empty. So why var_dump($_POST) is returning just array(0) { } ???
>      Are you actually posting data to it?

Actually this is the response page, i.e. a payment gateway is sending 
the result of a transaction to this page. Normally I expect to catch the 
data sent by the payment gateway using the $_POST array, i.e. $result = 
$_POST['result'], etc.

So i wanted to check the data sent by the payment gateway using 
var_dump($_POST); <--- this gives me array(0) { }

But if I put the other codes (lemme quote again here):

filename: response.php

<?php
>      header("Expires: " . gmdate("D, d M Y H:i:s", time() + (0*60)) . "GMT");
>      header("Pragma: no-cache");
>      print "REDIRECT=http://www.domaine.com/page.php?";
>      $param = http_build_query($_POST);
(Continue reading)

Permalink | Reply | 8 comments |
headers
Jay Blanchard | 1 Dec 2010 16:18

RE: $_POST issues

[snip]
>> If I just put only this piece of code:
>>
>> <?php
>>     var_dump($_POST);
>> ?>
>>
>> i get nothing.
[/snip]

Where are you putting this var_dump?

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Permalink | Reply | 4 comments |

Gmane