sacredzero Posted March 19, 2012 Share Posted March 19, 2012 I'm using Active Directory and PHP with LDAP. I have been trying to create a script that will list all the members of each group in a OU. When I run this script in an OU with Users, it will return an array with all the available attributes of each User. However when I use it with a group, it doesn't return any attributes of the group. <?php $ig_ldaphost="LDAP://domain/"; //filtered for security $ig_ldapou="OU=Drive Security,OU=Groups,DC=this,DC=and,dc=that"; //filtered for security $ig_ldapconn=ldap_connect($ig_ldaphost) or die("Could not connect to {$ig_ldaphost}"); $ig_ldapopt=ldap_set_option($ig_ldapconn,LDAP_OPT_PROTOCOL_VERSION,3) or die("Could not set options: {$ig_ldapopt}"); $ig_ldapbind=ldap_bind($ig_ldapconn) or die("Could not bind: {$ig_ldapbind}"); $ig_ldapsearch=ldap_search($ig_ldapconn,$ig_ldapou,"objectClass=*"); for ($ig_ldapentry=ldap_first_entry($ig_ldapconn,$ig_ldapsearch);$ig_ldapentry!=FALSE;$ig_ldapentry=ldap_next_entry($ig_ldapconn,$ig_ldapentry)) { $ig_ldapvalues=ldap_get_attributes($ig_ldapconn,$ig_ldapentry); $ig_ldapdn=ldap_explode_dn(ldap_get_dn($ig_ldapconn,$ig_ldapentry),1); echo "/".$ig_ldapdn[1]."/".$ig_ldapdn[0]."<br />"; var_dump($ig_ldapvalues); echo "<br /><br />"; } ldap_close($ig_ldapconn); ?> Can anyone help with this? Quote Link to comment Share on other sites More sharing options...
daveneil Posted March 29, 2012 Share Posted March 29, 2012 this works for me : function get_members($group,$ldapuser,$ldappassword) { $ldap_host = "10.10.10.10"; $ldap_dn = "DC=domainname,DC=local"; $base_dn = "DC=domainname,DC=local"; $ldap = ldap_connect($ldap_host); ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION,3); ldap_set_option($ldap, LDAP_OPT_REFERRALS,0); ldap_bind($ldap, $ldapuser, $ldappassword) or die("Could not bind to server"); $results = ldap_search($ldap,$ldap_dn, "cn=" . $group); $member_list = ldap_get_entries($ldap, $results); $dirty = 0; $group_member_details = array(); foreach($member_list[0]['member'] as $member) { if($dirty == 0) { $dirty = 1; } else { $member_dn = explode_dn($member); $member_cn = str_replace("CN=","",$member_dn[0]); $member_search = ldap_search($ldap, $base_dn, "(CN=" . $member_cn . ")"); $member_details = ldap_get_entries($ldap, $member_search); $group_member_details[] = array($member_details[0]['givenname'][0],$member_details[0]['sn'][0],$member_details[0]['mail'][0],$member_details[0]['samaccountname'][0]); } } ldap_close($ldap); return $group_member_details; } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.