All geek questions in one place

How to get the password of the active directory by ldap in php?

I have a password problem in Active Directory. I want to get the password from the "username" of the user I tried the function "ldap_search", but I did not find the correct attribute for the password I tried as: password, userpassword, userPassword, unicodePwd, unicodepwd, but they are not correct.

I look forward to helping everyone. Thanks to everyone: D trankinhly

+4
source share
3 answers

Passwords in Active Directory cannot be recovered. They are also not listed in most directories. (eDirectory has a password policy that if you bind as the specified user, then you can get passwords through LDAP extensions)

Some directories may allow you to recover hashed versions, but this is also not the case.

To be cross-platform, it’s best to try to relate to the provided values ​​and succeed or fail. In addition, LDAP says that binding with an empty password is actually an anonymous connection, which is likely to be successful, so you need to filter for this case.

Once you are attached to the user, you can look at their group membership (as they usually can see their own) or look at some other attribute, which, if they can read it, means that they have a certain level of rights . (Ie Authorization as well as authentication).

+6
source

AD does not save the password in plain text. The password hash is stored in unicodePwd. This attribute can only be obtained using the ldapi interface. Normal ldap_search will not return anything.

+4
source

I just requested Active Directory (using ldapsearch on Ubuntu 10.04) running on MS-Windows Server 2003, and it might seem that only the following can be obtained and note that the password is not there.

 givenName distinguishedName instanceType whenCreated whenChanged displayName uSNCreated memberOf uSNChanged name objectGUID userAccountControl badPwdCount codePage countryCode badPasswordTime lastLogoff lastLogon pwdLastSet primaryGroupID objectSid accountExpires logonCount sAMAccountName sAMAccountType userPrincipalName

You can also contact:

+3
source

Source: https://habr.com/ru/post/1338994/

More articles:


All Articles