dtcrw26206 2011-04-27 20:46
浏览 91
已采纳

使用Zend_Ldap查询用户的所有组

I haven't really got much to show because I'm not overly familiar with ldap (Open Directory) at all and I'm having a bit of trouble understanding how to actually query the groups of a particular user. Using Zend_Auth_Adapter_Ldap(), 

$ldap = array(
    array('host' => 'od-master.foobar.net',
        'baseDn' => 'cn=users,dc=foobar,dc=net',
        'bindRequiresDn' => true,
        'accountCanonicalForm' => 2));

$authAdapter = new Zend_Auth_Adapter_Ldap($ldap);
// Set the input credential values to authenticate against
$authAdapter->setIdentity($form->getValue('username'));
$authAdapter->setCredential($form->getValue('password'));
//etc

I have the account being authenticated, but now I need to retrieve a list of groups this user belongs to. I'm not generally one to ask for help without trying stuff first, but I can't even get to that point. Any help is greatly appreciated.

In case my question wasn't obvious: how do you query all the groups of a particular user?

===== EDIT =====

As per suggestions given, this was my latest attempt:

$attributes = array('memberOf'); //also tried member
$users = $ldapAdapter->search('cn=username', $ldapAdapter->getBaseDn(), Zend_Ldap::SEARCH_SCOPE_SUB, $attributes);
foreach ($users as $user) {
   var_dump($user);
}

I did also try to do this outside of Zend_Ldap unsuccessfully.

$attributes = array('memberOf'); //also tried member
$result = ldap_search($ldapAdapter->getResource(), $baseDn, 'cn=username', $attributes);
$info = ldap_get_entries($ldapAdapter->getResource(), $result);

Which results in an empty array. Any further direction would be greatly appreciated.

===== EDIT 2 =====

So I tried to completely remove Zend_Ldap so I can test things easier, here is what I ended up with which results in array('count' => 0) returned.

$resource = ldap_connect('od-master.foobar.net', 389);
ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3);
$bind = ldap_bind($resource, 'uid=johnc,cn=users,dc=foobar,dc=net', '***');
$result = ldap_search($resource, 'cn=users,dc=foobar,dc=net', '(cn=username)');
$info = ldap_get_entries($resource, $result);
  • 写回答

4条回答 默认 最新

  • doujie1917 2011-04-28 08:12
    关注

    You just add to make a Ldap_Search in nod cn=users,dc=foobar,dc=net with a filter like cn=username for an attribute called memberOf.

    When you write a SEARCH in LDAP you give :

    1. The DN of the nod where begin the search
    2. The attributes you want to retreive
    3. the filter ((&(cn=username))
    4. The deepness of your search and here it's subtree (not OneLevel, nor base)
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥50 导入文件到网吧的电脑并且在重启之后不会被恢复
  • ¥15 (希望可以解决问题)ma和mb文件无法正常打开,打开后是空白,但是有正常内存占用,但可以在打开Maya应用程序后打开场景ma和mb格式。
  • ¥20 ML307A在使用AT命令连接EMQX平台的MQTT时被拒绝
  • ¥20 腾讯企业邮箱邮件可以恢复么
  • ¥15 有人知道怎么将自己的迁移策略布到edgecloudsim上使用吗?
  • ¥15 错误 LNK2001 无法解析的外部符号
  • ¥50 安装pyaudiokits失败
  • ¥15 计组这些题应该咋做呀
  • ¥60 更换迈创SOL6M4AE卡的时候,驱动要重新装才能使用,怎么解决?
  • ¥15 让node服务器有自动加载文件的功能