Jump to content

LDAP, PHP and AD Groups

sacredzero

By sacredzero
in PHP Coding Help

Recommended Posts

sacredzero Newbie

sacredzero

Posted
Posted

I'm using Active Directory and PHP with LDAP.

 

I have been trying to create a script that will list all the members of each group in a OU.  When I run this script in an OU with Users, it will return an array with all the available attributes of each User.  However when I use it with a group, it doesn't return any attributes of the group.

 

<?php
$ig_ldaphost="LDAP://domain/"; //filtered for security
$ig_ldapou="OU=Drive Security,OU=Groups,DC=this,DC=and,dc=that"; //filtered for security

$ig_ldapconn=ldap_connect($ig_ldaphost)
    or die("Could not connect to {$ig_ldaphost}");
$ig_ldapopt=ldap_set_option($ig_ldapconn,LDAP_OPT_PROTOCOL_VERSION,3)
    or die("Could not set options: {$ig_ldapopt}");
$ig_ldapbind=ldap_bind($ig_ldapconn)
    or die("Could not bind: {$ig_ldapbind}");
   
$ig_ldapsearch=ldap_search($ig_ldapconn,$ig_ldapou,"objectClass=*");

for ($ig_ldapentry=ldap_first_entry($ig_ldapconn,$ig_ldapsearch);$ig_ldapentry!=FALSE;$ig_ldapentry=ldap_next_entry($ig_ldapconn,$ig_ldapentry))
{
    $ig_ldapvalues=ldap_get_attributes($ig_ldapconn,$ig_ldapentry);
   $ig_ldapdn=ldap_explode_dn(ldap_get_dn($ig_ldapconn,$ig_ldapentry),1);
   echo "/".$ig_ldapdn[1]."/".$ig_ldapdn[0]."<br />";
   var_dump($ig_ldapvalues);
   echo "<br /><br />";
}
ldap_close($ig_ldapconn);
?>

 

Can anyone help with this?

Link to comment
https://forums.phpfreaks.com/topic/259276-ldap-php-and-ad-groups/
Share on other sites
  • 2 weeks later...
daveneil Newbie

daveneil

Posted
Posted

this works for me :

 

function get_members($group,$ldapuser,$ldappassword) {

    $ldap_host = "10.10.10.10";

    $ldap_dn = "DC=domainname,DC=local";

    $base_dn = "DC=domainname,DC=local";

    $ldap = ldap_connect($ldap_host);

 

    ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION,3);

    ldap_set_option($ldap, LDAP_OPT_REFERRALS,0);

 

ldap_bind($ldap, $ldapuser, $ldappassword) or die("Could not bind to server");

    $results = ldap_search($ldap,$ldap_dn, "cn=" . $group);

    $member_list = ldap_get_entries($ldap, $results);

 

    $dirty = 0;

    $group_member_details = array();

 

    foreach($member_list[0]['member'] as $member) {

        if($dirty == 0) {

            $dirty = 1;

        } else {

            $member_dn = explode_dn($member);

            $member_cn = str_replace("CN=","",$member_dn[0]);

            $member_search = ldap_search($ldap, $base_dn, "(CN=" . $member_cn . ")");

            $member_details = ldap_get_entries($ldap, $member_search);

            $group_member_details[] = array($member_details[0]['givenname'][0],$member_details[0]['sn'][0],$member_details[0]['mail'][0],$member_details[0]['samaccountname'][0]);

        }

    }

    ldap_close($ldap);

    return $group_member_details;

}

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.