From: tedd on
At 11:16 AM +0100 6/4/10, Mayer, Jonathan wrote:
>Hello,
>
>Has anyone got any ideas how I might add a user to a local group on a
>remote networked Windows machine via a PHP script? The idea is to make
>an automated tool where users can request access to a shared folder via
>our intranet, and after suitable approval the system add them to a group
>which has read privileges for the folder in question.
>
>If I run apache using an account with suitable privileges, I've been
>able to do it with COM, but for security reasons I'd like to be able to
>authenticate through the script instead, and leave apache running on the
>standard local system account.
>
>Perhaps COM is the wrong way to go about the problem - perhaps exec? Any
>ideas gladly appreciated!
>
>Thanks,
>
>Jon.

Jon:

The concept is pretty simple.

1. Have a database set up for users with logons and passwords, such as:

http://php1.net/a/edit-db-demo <-- just add logon and password fields.

2. Have a method of approving users for access to the documents. Such
as providing them with the password via email, phone, mail, or an act
such as providing a real email address (i.e., subscribing):

http://webbytedd.com/b/sub-email/

3. Provide an url that checks for authorization before providing the
document(s), such as:

http://webbytedd.com/b/password-db/index.php

or

http://webbytedd.com/ccc/protected-download1/

4. Provide a method for users to find the document(s) for download:

http://php1.net/b/zip-files/

You throw all of that together and you have a way to solve your
problem. Here's a working example I wrote for a client:

http://webbytedd.com/ccc/protected-download1

The password is: 'a'
The email address is: 'tedd(a)sperling.com'

Also, the access of the data is registered (IP/Date) and an email is
sent to me that someone accessed the file. So you can get as
elaborate as you want.

Cheers,

tedd

--
-------
http://sperling.com http://ancientstones.com http://earthstones.com