* You are viewing the archive for August, 2009

PHP Active Directory Integration: get userAccountControl attributes

zooperman August 28, 2009 Code 3 Comments

While trying to integrate an AD based login in my php application, I came across the problem of checking which user accounts were not disabled.

After going through some forums I did the following to see accounts which were not disabled:
$result = ldap_search($ad, “OU=Users,OU=Office1,DC=country,DC=company,DC=com”, “(&(objectCategory=user)(!(userAccountControl=514)))”);

Microsoft returns the flags set for any user in the userAccountControl attribute in a cumulative manner. The flag values used by Active Directory are mentioned here.

So e.g.
John has a Normal Account [Flag 512]
Alex had a Normal Account [Flag 512] but now has been disabled [Flag 2] so the status on … Continue Reading

Some of the tools I use

zooperman August 28, 2009 Code No Comments

I  was going to write about Notepad2 but just didn’t get around doing it. So here I am just listing out a few tools I use :

Notepad2 (Windows notepad is dead, this one has truly replaced all my windows systems)

WinMerge (diff tool)

Softerra LDAP Administrator (amazing ldap manager)

Easy Eclipse (eclipse installation for the truly lazy people)