Need help with ldap_search function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I'm not familiar with LDAP so the problem may be more LDAP related and
my lack of LDAP knowledge than a PHP problem but I'm not so sure.
Trying to do ldap_search against the LDAP server.  I can get the
information I need against the CN records in the top DC but am unable to
get any record information from a sub DC.  The directory structure is
like so:

|--DC=com
  |--DC=dhwin2knet
    |--OU=DHCMC
    |  |--OU=Regular Users
    |    |--CN=User 100
    |    |--CN=User 101
    |    |--etc
    |
    |--DC=dhsp
      |--OU=DHSP
        |--CN=User 900
        |--CN=User 901
        |--etc


Using the following code to search for records:

// ldap auth info
$ldap = "my_ldap_server.dhwin2knet.com";
$auth_user = "dhwin2knet\\some_userid";
$auth_pass = 'foobar';
$base_dn = "dc=dhwin2knet,dc=com";
$filter =
"(&(objectClass=user)(objectCategory=person)(samaccountname=*))";

// connect to server and set options
$connect = ldap_connect($ldap);
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);

// bind to server
$bind = ldap_bind($connect, $auth_user, $auth_pass);

// search directory
if (!($search=@ldap_search($connect, $base_dn, $filter))) {
     die("Unable to search ldap server");
}

// get the number of entries found
$number_returned = ldap_count_entries($connect,$search);
echo "The number of entries returned is " . $number_returned;


Using the above code I can return ~500 user records but this is giving
me only the users in the OUs directly below DC=dhwin2knet,DC=com and
none of the ~250 records in the sub-domain, DC=dhsp,DC=dhwin2knet,DC=com
i.e.

Found: CN=User 100,OU=Regular Users,OU=DHCMC,DC=dhwin2knet,DC=com

Not found: CN=User 900,OU=DHSP,DC=dhsp,DC=dhwin2knet,DC=com


I've tried changing the user id that is connecting to the LDAP to be a
user in the dhsp sub-domain, changing the base dn to
"dc=dhsp,dc=dhwin2knet,dc=com", using different filters etc but no
matter what I'm trying I am unable to get any records returned from
DC=dhsp,DC=dhwin2knet,DC=com.  I have used the Softerra LDAP Browser to
browse and verify my base dn and filter.  Using the dn and filter from
the code above in LDAP Browser I am getting the ~750 entries that I am
expecting to see.

BTW, using PHP 5.0.3 on Win2000 SP4 against a Windows 2000 Active
Directory server.  The following info on the ldap module is returned by
php_info():

LDAP Support 	enabled
RCS Version 	$Id: ldap.c,v 1.154 2004/06/28 22:31:28 iliaa Exp $
Total Links 	0/unlimited
API Version 	2004
Vendor Name 	OpenLDAP
Vendor Version 	0


TIA,

Dave Merritt
merrittd@xxxxxxxxx

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux