After making the recommended changes, the browser returned:
LDAP bind successful...
Warning: ldap_search() [function.ldap-search]: Search: Bad search
filter in
e:\intertest\test.php on line 20
Warning: ldap_get_entries(): supplied argument is not a valid
ldap result resource in
e:\intertest\test.php on line 21
So my goal then is to produce a valid search filter.
I considered the most basic filter:
$filter = "(cn=*)";
And got this back:
LDAP bind successful...
Warning: ldap_search() [function.ldap-search]: Search: Operations
error in
e:\intertest\test.php on line 20
Warning: ldap_get_entries(): supplied argument is not a valid
ldap result resource in
e:\intertest\test.php on line 21
Did some googling and found that Win 2003 AD does not like the default
ldap settings for PHP. So I insert this code:
if ($ldapconn)
{
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION,3);
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS,0);
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);
And got back an error of too many results or something like that. So I
narrowed the filter to:
$filter = "(cn=*Kenney*)";
AND IT WORKS!
Also the field "ou" doesn't produce any results, so I did "sn"
instead, which returns the last name.
So for those who want the big picture (I usually do), here's what I
wound up with:
<?PHP
$ldaprdn = 'username@xxxxxxxxxxxxxx';
$ldappass = 'PWD';
$ds = 'servername.domainname.net';
$dn = 'dc=domainname,dc=net';
$ldapport = 389;
$ldapconn = ldap_connect($ds, $ldapport)
or die("Could not connect to LDAP server.");
if ($ldapconn)
{
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION,3);
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS,0);
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);
if ($ldapbind)
{
echo "LDAP bind successful...";
$filter = "(cn=*Kenney*)";
$fields = array("sn", "mail");
$sr = ldap_search($ldapconn, $dn, $filter, $fields);
$info = ldap_get_entries($ldapconn, $sr);
for ($i=0; $i<$info["count"]; $i++)
{
echo "<br>";
echo "lastname: " . $info[$i]["sn"][0];
echo "<br>";
echo "mail: " . $info[$i]["mail"][0];
}
}
else
{
echo "LDAP bind failed...";
}
}
ldap_close($ldapconn);
?>
-Aaron Kenney
On 3/9/06, Bowden, Zeb <zbowden@xxxxxx> wrote:
> The first parameter of ldap_search is the link resource (i.e.
> $ldapconn).
> I think something like this should work:
>
> $sr = ldap_search($ldapconn, $dn, $filter, $fields);
> $info = ldap_get_entries($ldapconn, $sr);
>
> -zeb
>
>
>
> -----Original Message-----
> From: Aaron Kenney [mailto:awkenney@xxxxxxxxx]
> Sent: Wednesday, March 08, 2006 5:30 PM
> To: php-windows@xxxxxxxxxxxxx
> Subject: LDAP newb gets errors against 2003 AD
>
> So here is the offending code:
>
> --------------------------------------------------
> <?PHP
> $ldaprdn = 'USR@xxxxxxxxxx';
> $ldappass = 'PWD';
> $ds = 'server.domain.net';
> $dn = 'dc=domain,dc=net';
> $ldapport = 389;
> $ldapconn = ldap_connect($ds, $ldapport)
> or die("Could not connect to LDAP server.");
>
> if ($ldapconn)
> {
> $ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);
> if ($ldapbind)
> {
> echo "LDAP bind successful...";
>
>
> $filter = "'cn=*Kenney*'";
> $fields = array("ou", "mail");
> $sr = ldap_search($ds, $dn, $filter, $fields);
>
> $info = ldap_get_entries($ds, $sr);
>
> for ($i=0; $i<$info["count"]; $i++)
> {
> echo "<br>";
> echo "ou: " . $info[$i]["ou"][0];
> echo "mail: " . $info[$i]["mail"][0];
> }
>
> }
> else
> {
> echo "LDAP bind failed...";
> }
> }
> ldap_close($ldapconn);
> ?>
> ----------------------------------------------
>
> Here is the result:
> -------------------------------------
> LDAP bind successful...
> Warning: ldap_search(): supplied argument is not a valid ldap link
> resource in e:\intertest\test.php on line 20
>
> Warning: ldap_get_entries(): supplied argument is not a valid ldap
> link resource in e:\intertest\test.php on line 22
> ------------------------------------------
>
> I know I'm just misusing the ldap_search() function or something, so
> please, someone set me straight here.
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
