如何使用PHP从LDAP目录获取用户列表?
如何使用PHP从LDAP获取所有用户的列表?上述代码在ldap_搜索函数中失败,并发出此警告 “警告:ldap_search():搜索:操作错误” 我的用户名、ldaphost等都是正确的。但我不确定过滤器的情况。来自: 您应该使用如何使用PHP从LDAP目录获取用户列表?,php,ldap,Php,Ldap,如何使用PHP从LDAP获取所有用户的列表?上述代码在ldap_搜索函数中失败,并发出此警告 “警告:ldap_search():搜索:操作错误” 我的用户名、ldaphost等都是正确的。但我不确定过滤器的情况。来自: 您应该使用ldap\u bind()登录&after所有操作ldap\u close()关闭连接 /** *从Active Directory获取用户列表。 */ $ldap_password='password'; $ldap\u用户名=USERNAME@DOMAIN'; $
ldap\u bind()ldap\u close()/**
*从Active Directory获取用户列表。
*/
$ldap_password='password';
$ldap\u用户名=USERNAME@DOMAIN';
$ldap\u connection=ldap\u connect(主机名);
if(FALSE==$ldap\u连接){
//哦,有点不对劲。。。
}
//我们必须为正在使用的Active Directory版本设置此选项。
ldap_set_选项($ldap_连接,ldap_OPT_协议版本,3)或die(‘无法设置ldap协议版本’);
ldap_设置_选项($ldap_连接,ldap_选项_引用,0);//我们需要这个来进行LDAP搜索。
if(TRUE==ldap\u绑定($ldap\u连接,$ldap\u用户名,$ldap\u密码)){
$ldap_base_dn='DC=XXXX,DC=XXXX';
$search_filter='(&(objectCategory=person)(samaccountname=*));
$attributes=array();
$attributes[]='givenname';
$attributes[]=“邮件”;
$attributes[]=“samaccountname”;
$attributes[]='sn';
$result=ldap\u search($ldap\u connection,$ldap\u base\u dn,$search\u filter,$attributes);
if(FALSE!==$result){
$entries=ldap\u get\u条目($ldap\u connection,$result);
对于($x=0;$x strtolower(trim($entries[$x]['mail'][0]),'first_name'=>trim($entries[$x]['givenname'][0]),'last_name'=>trim($entries[$x]['sn 0]);
}
}
}
ldap_解除绑定($ldap_连接);//打扫干净。
}
$message.=“已检索”。计数($ad\U用户)。“Active Directory用户\n”;
$ldaphost = "my_host_name";
$ds=ldap_connect($ldaphost) or die("Could not connect to $ldaphost");
ldap_set_option ($ds, LDAP_OPT_REFERRALS, 0);
ldap_set_option ($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
if ($ds)
{
$basedn = 'my_dc_string';
$samaccountname = 'my_user_name';
$filters = "(samaccountname={$samaccountname})";
$result = ldap_search($ds, $basedn, $filters);
}
ldap_connect() // establish connection to server
|
ldap_bind() // anonymous or authenticated "login"
|
do something like search or update the directory
and display the results
|
ldap_close() // "logout"
/**
* Get a list of users from Active Directory.
*/
$ldap_password = 'PASSWORD';
$ldap_username = 'USERNAME@DOMAIN';
$ldap_connection = ldap_connect(HOSTNAME);
if (FALSE === $ldap_connection){
// Uh-oh, something is wrong...
}
// We have to set this option for the version of Active Directory we are using.
ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3) or die('Unable to set LDAP protocol version');
ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, 0); // We need this for doing an LDAP search.
if (TRUE === ldap_bind($ldap_connection, $ldap_username, $ldap_password)){
$ldap_base_dn = 'DC=XXXX,DC=XXXX';
$search_filter = '(&(objectCategory=person)(samaccountname=*))';
$attributes = array();
$attributes[] = 'givenname';
$attributes[] = 'mail';
$attributes[] = 'samaccountname';
$attributes[] = 'sn';
$result = ldap_search($ldap_connection, $ldap_base_dn, $search_filter, $attributes);
if (FALSE !== $result){
$entries = ldap_get_entries($ldap_connection, $result);
for ($x=0; $x<$entries['count']; $x++){
if (!empty($entries[$x]['givenname'][0]) &&
!empty($entries[$x]['mail'][0]) &&
!empty($entries[$x]['samaccountname'][0]) &&
!empty($entries[$x]['sn'][0]) &&
'Shop' !== $entries[$x]['sn'][0] &&
'Account' !== $entries[$x]['sn'][0]){
$ad_users[strtoupper(trim($entries[$x]['samaccountname'][0]))] = array('email' => strtolower(trim($entries[$x]['mail'][0])),'first_name' => trim($entries[$x]['givenname'][0]),'last_name' => trim($entries[$x]['sn'][0]));
}
}
}
ldap_unbind($ldap_connection); // Clean up after ourselves.
}
$message .= "Retrieved ". count($ad_users) ." Active Directory users\n";