Posts

Showing posts from October, 2010

Python webservice that executes local commands

There are a few different options when it comes to managing server-side scripting on a web site. Usually folks use php or perl and even python in many occasions. This blog post is about using python to execute code locally on the server in response to http GET requests. So far you are thinking so what? You are already crafting your comment and it is saying something like, "Google mod_python" or "Google mod_perl". You are right, the best way to do CGI is via mod_perl, mod_php or mod_perl. The problem is user access and chroot. Apache will execute server side scripts as the user / group defined in the main httpd.conf. In my case: apache / apache. Apache will also assume a document root of /var/www/ for scripts (on a Centos 5.5 box) even if the userdir module is in use. My problem was: How to get apache to execute scripts as dave:dave on doc root = /home/dave/. It was critical to get this working because the scripts in question interact with the .gnupg/pubkeyring

Use PHP to perform an LDAP Bind to Windows Active Directory for User Authentication

This example shows some basic LDAP bind lookups on a Windows 2003 active directory server. The sequence is: Connect  Bind using privileged user  search for 'dn' of supplied credentials re-bind using this dn and password of supplied credentials unbind The per-requisite is that php_ldap modules are loaded and compiled.  These are fairly standard now days.  In fedora it was just a matter of executing: # yum install php-ldap Anyway:  Here is the example.  It's farily well commented so should be a simple matter to make work in your own environment. <?php // example.php // // David Latham @ 2010 // david-latham.blogspot.com // // This code cannot be executed on the same server as AD is installed on!!! // // Active Directory has an Organizational Unit of "_Test_Users" with 3 users loaded // into it. // user1 | User One // user2 | User Two // ldapbind | ldap bind // // execute with php -q example.php // credentials to test $user='user2@example.local';