How can I ensure that users are only granted access to the website if they belong to a specific group in the Active Directory?

To ensure that users are only granted access to the website if they belong to a specific group in the Active Directory, you can use LDAP (Lightweight Directory Access Protocol) to authenticate users against the Active Directory and check if they belong to the specified group.

$ldapServer = &#039;ldap://your_ldap_server&#039;;
$ldapBaseDn = &#039;dc=example,dc=com&#039;;
$ldapAdminUsername = &#039;admin_username&#039;;
$ldapAdminPassword = &#039;admin_password&#039;;

$ldapConn = ldap_connect($ldapServer);
ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);

if ($ldapConn) {
    $ldapBind = ldap_bind($ldapConn, $ldapAdminUsername, $ldapAdminPassword);

    if ($ldapBind) {
        $userDn = &#039;cn=user,ou=Users,&#039; . $ldapBaseDn;
        $groupDn = &#039;cn=specific_group,ou=Groups,&#039; . $ldapBaseDn;

        $filter = &quot;(&amp;(objectClass=user)(memberOf=$groupDn))&quot;;
        $result = ldap_search($ldapConn, $ldapBaseDn, $filter);
        $entries = ldap_get_entries($ldapConn, $result);

        if ($entries[&#039;count&#039;] &gt; 0) {
            // User belongs to the specific group, grant access
            echo &#039;Access granted&#039;;
        } else {
            // User does not belong to the specific group, deny access
            echo &#039;Access denied&#039;;
        }
    }

    ldap_close($ldapConn);
}

Keywords

PHP Active Directory LDAP authentication authorization

How can I ensure that users are only granted access to the website if they belong to a specific group in the Active Directory?

Keywords

Related Questions