如何使用 PHP 在 LDAP 目录中搜索特定的登录脚本?
how to search for certain logon script in LDAP directory using PHP?
我正在尝试根据某些登录脚本从活动目录中获取所有用户的全名,例如:"Staff" 在他们在活动目录中的个人资料中,而不是基于组织单位。
这是我的代码:
<?php
// active directory
$ldap_host = "xxx";
$ldap_port = "xxx";
// Active Directory DN
$ldap_dn[] = "ou=Staff,DC=xxx,DC=xxx,DC=xx";
$ldap_dn[] = "ou=Faculty,DC=xxx,DC=xxx,DC=xx";
// Domain, for purposes of constructing $user
$ldap_usr_dom = "@xxx.xxx.xx";
// connect to active directory
$ldap = ldap_connect($ldap_host, $ldap_port);
$ldap_id[] = $ldap;
$ldap_id[] = $ldap;
$username = "xxx";
$password = "xxx";
// verify user and password
if ($bind = @ldap_bind($ldap, $username . $ldap_usr_dom, $password)) {
$filter = "(objectCategory=person)";
$result = ldap_search($ldap_id, $ldap_dn, $filter) or exit("Unable to search LDAP server");
foreach ($result as $value) {
if (ldap_count_entries($ldap, $value) > 0) {
$search = $value;
break;
}
}
if ($search) {
$entries = ldap_get_entries($ldap, $search);
for ($x = 0; $x < $entries['count']; $x++) {
if (!empty($entries[$x]['cn'][0])) {
$ad_users[$x] = $entries[$x]['cn'][0];
print_r($ad_users);
echo $ad_users[$x]."<br>";
}
}
}
ldap_unbind($ldap); // Clean up after ourselves.
}
$m .= "Retrieved " . count($ad_users) . " Active Directory users\n";
echo $m;
?>
我的代码使用不同的登录脚本检索 Staff 单元下的所有用户,有些是 Staff,有些是 User。
对于 ldap 过滤器,您可以尝试以下方法:
$script='staff.vbs';
$filter = "(&(objectCategory=person)(objectClass=user)(scriptPath={$script}))";
我正在尝试根据某些登录脚本从活动目录中获取所有用户的全名,例如:"Staff" 在他们在活动目录中的个人资料中,而不是基于组织单位。
这是我的代码:
<?php
// active directory
$ldap_host = "xxx";
$ldap_port = "xxx";
// Active Directory DN
$ldap_dn[] = "ou=Staff,DC=xxx,DC=xxx,DC=xx";
$ldap_dn[] = "ou=Faculty,DC=xxx,DC=xxx,DC=xx";
// Domain, for purposes of constructing $user
$ldap_usr_dom = "@xxx.xxx.xx";
// connect to active directory
$ldap = ldap_connect($ldap_host, $ldap_port);
$ldap_id[] = $ldap;
$ldap_id[] = $ldap;
$username = "xxx";
$password = "xxx";
// verify user and password
if ($bind = @ldap_bind($ldap, $username . $ldap_usr_dom, $password)) {
$filter = "(objectCategory=person)";
$result = ldap_search($ldap_id, $ldap_dn, $filter) or exit("Unable to search LDAP server");
foreach ($result as $value) {
if (ldap_count_entries($ldap, $value) > 0) {
$search = $value;
break;
}
}
if ($search) {
$entries = ldap_get_entries($ldap, $search);
for ($x = 0; $x < $entries['count']; $x++) {
if (!empty($entries[$x]['cn'][0])) {
$ad_users[$x] = $entries[$x]['cn'][0];
print_r($ad_users);
echo $ad_users[$x]."<br>";
}
}
}
ldap_unbind($ldap); // Clean up after ourselves.
}
$m .= "Retrieved " . count($ad_users) . " Active Directory users\n";
echo $m;
?>
我的代码使用不同的登录脚本检索 Staff 单元下的所有用户,有些是 Staff,有些是 User。
对于 ldap 过滤器,您可以尝试以下方法:
$script='staff.vbs';
$filter = "(&(objectCategory=person)(objectClass=user)(scriptPath={$script}))";