Zend - The PHP Company




Authentication

Add Code


Simple UNIX SMB Authentication  
Type: code fragment
Added by: alfell249
Entered: 16/06/2002
Last modified: 06/12/2001
Rating: - (fewer than 3 votes)
Views: 8631
Simple UNIX SMB authentication. This script allows web site users to be managed by a Windows NT/2000 or SAMBA primary domain controller. *** Please note that this PHP script will not execute correctly if placed on a Windows web server. *** Requires the installation of Samba (http://samba.sourceforge.net/) to validate usernames/passwords. The actual Samba server software does not need to run at all. It only uses the small "smbclient" binary installed with Samba. The only other requirement is that a file named "phpauth" be placed in the SMB logon servers NETLOGON directory (\\SERVERNAME\NETLOGON\). The file must contain only the word 'allow'. This script basically works exactly the same way as Squid Proxy Cache's SMB authentication does. It has been tested on Mac OS X with Samba 2.2.2 and Windows NT 4 SP 6. If you have any problems, please email me and I'd be happy to help out. Please note that this PHP script will not execute correctly if placed on a Windows web server.


<html>
<body>
<h1>PHP SMB Authentication</h1>
<form method="POST">
<table>
<tr><td>Username:</td><td><input type="text" name="USER" size="12"></td></tr>
<tr><td>Password:</td><td><input type="password" name="PASS" size="12"></td></tr>
<tr><td>&nbsp;</td><td><input type="submit" value="submit" name="submit"></td></tr>
</table>
</form>
<p>


<?php

 if ($REQUEST_METHOD=="POST") {
    global $USER;
    global $PASS;

 ###
# Be sure to create a file in the '$NETLOGONfolder' share (Usually //SERVER/NETLOGON/) 
# of the SMB PDC named '$filename', containing only the word 'allow'. 
#
# This script requires the installation of Samba, http://samba.sourceforge.net/
#
# Example terminal line executed using defaults below. The contents of the '$filename' should be returned, ie 'allow'
# /usr/local/samba/bin/smbclient "//SERVER/NETLOGON" -I 192.168.27.1 -d 0 -E -U administrator%****** -W "DOMAIN" -c "get proxyauth -"
###

# PDC Variables Below:-
    $SambaPath="/usr/local/samba/";
    $ServerNetBIOS="SERVER";
    $NETLOGONfolder="NETLOGON";
    $ServerIP="192.168.27.1";
    $DomainName="DOMAIN";
    $filename="phpauth";


 # Execute at UNIX command line:-
    $smbauth exec($SambaPath."bin/smbclient "//".$ServerNetBIOS."/".$NETLOGONfolder."" -I ".$ServerIP." -d 0 -E -U ".$USER."%".$PASS." -W "".$DomainName."" -c "get ".$filename." -"");


# Check to see if 'allow' is returned:-
    if ($smbauth=="allow" || $smbauth=="allown") {
        echo "Username and Password Accepted!";
    } else {
        echo "Bad Username/Password!";
    }
}

 ?>
 </p>
</body>
</html>


Usage Example




Rate This Script





Search



This Category All Categories
Solutions
Products
Services
© 2013 Zend Technologies Ltd. All rights reserved.