Can you get a Windows AD username in PHP

Question

I have a PHP web application on an intranet that can extract the IP and host name of the current user on that page  but I was wondering if there is a way to get extract their Active Directory Windows username as well  Is this possible

User · Answer

No   But what you can do is have your Active Directory admin enable LDAP so that users can maintain one set of credentials  http   us2 php net ldap

User · Answer

If you are looking for retrieving remote user IDSID Username  use   echo gethostbyaddr   SERVER  REMOTE ADDR       You will get something like iamuser1-mys corp company com  Filter the rest of the domain behind  and you are able to get the idsid only    For more information visit http   lostwithin net how-to-get-users-ip-and-computer-name-using-php

User · Answer

You could probably authenticate the user in Apache with mod auth kerb by requiring authenticated access to some files     I think that way  the username should also be available in PHP environment variables somewhere     probably best to check with  lt  php phpinfo      gt  once you get it runnning

User · Answer

Check the AUTH USER request variable  This will be empty if your web app allows anonymous access  but if your server s using basic or Windows integrated authentication  it will contain the username of the authenticated user   In an Active Directory domain  if your clients are running Internet Explorer and your web server filesystem permissions are configured properly  IE will silently submit their domain credentials to your server and AUTH USER will be MYDOMAIN user name without the users having to explicitly log in to your web app

User · Answer

try this code     user  shell exec  echo  username          echo  user    user     you get your windows AD  username in php

User · Answer

You can say getenv  USERNAME

User · Answer

Look at the PHP LDAP library functions  http   us php net ldap    Active Directory  mostly  conforms to the LDAP standard

User · Answer

Use this code   shell exec  wmic computersystem get username

User · Answer

Referencing trying to also figure out if AUTH USER is part of a particular domain group  a clever way to do this is t create a locked down folder with text files  can be blank    Set security to only having the security distro group you want to validate   Once you run a  file get contents   lt ---will toss a warning    if the user does not have group access they will not be able to get the file contents and hence  will not have that particular AD group access   This is simple and works wonderfully

User · Answer

I tried almost all of these suggestions  but they were all returning empty values  If anyone else has this issue  I found this handy function on php net  http   php net manual en function get-current-user php    get current user     username   get current user    echo  username    This was the only way I was finally able to get the user s active directory username  If none of the above answers has worked  give this a try

User · Answer

We have multiple domains in our environment so I use preg replace with regex to get just the username without DOMAIN     preg replace                    SERVER  AUTH USER

User · Answer

If you re using Apache on Windows  you can install the mod auth sspi from   https   sourceforge net projects mod-auth-sspi   Instructions are in the INSTALL file  and there is a whoami php example   It s just a case of copying the mod auth sspi so file into a folder and adding a line into httpd conf    Once it s installed and the necessary  settings are made in httpd conf to protect the directories you wish  PHP will populate the   SERVER  REMOTE USER   with the user and domain   USER DOMAIN   of the authenticated user in IE -- or prompt and authenticate in Firefox before passing it in   Info is session-based  so single ish  signon is possible even in Firefox     -Craig

User · Answer

get user name works the same way as getenv  USERNAME     I had encoding with cyrillic  problems using getenv  USERNAME

User · Answer

Check out patched NTLM authentication module for Apache https   github com rsim mod ntlm  Based on NTLM auth module for Apache Unix http   modntlm sourceforge net   Read more at http   blog rayapps com   Source  http   imthi com blog programming leopard-apache2-ntlm-php-integrated-windows-authentication php

User · Answer

This is a simple NTLM AD integration example  allows single sign on with Internet Explorer  requires login configuration in other browsers   PHP Example   lt  php   user     SERVER  REMOTE USER     domain   getenv  USERDOMAIN       gt    In your apache httpd conf file  LoadModule authnz sspi module modules mod authnz sspi so   lt Directory   path to folder  gt      AllowOverride     All     Options           ExecCGI     AuthName           SSPI Authentication      AuthType          SSPI     SSPIAuth          On     SSPIAuthoritative On     SSPIOmitDomain    On     Require           valid-user     Require           user  NT AUTHORITY ANONYMOUS LOGON  denied  lt  Directory gt    And if you need the module  this link is useful   https   www apachehaus net modules mod authnz sspi

User · Answer

I ve got php mysql running on IIS - I can use   SERVER  AUTH USER   if I turn on Windows Authentication in IIS -  Authentication  and turn off Anonymous authentication  important   I ve used this to get my user and domain    user     SERVER  AUTH USER       user will return a value like  DOMAIN username on our network  and then it s just a case of removing the DOMAIN  from the string   This has worked in IE  FF  Chrome  Safari  tested  so far

[php] Can you get a Windows (AD) username in PHP?

Examples related to php

Examples related to windows

Examples related to authentication