2015-03-20 20:13
浏览 130


I'm new to LDAP and Active Directory. I'm trying to fetch the Email-ID of an authenticated user using the following code. However when I run it, all I get is an array with a 0 in it.

Here's the code

$server ='ldaps://DOMAIN'; 
$username = 'DOMAIN\UID'; 
$password = 'PASSWORD';

$base_dn = 'dc=DOMAIN';
$search_filter = 'dn=UID'; 
$attributes = ['mail']; 

$ldap = ldap_connect($server);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_bind($ldap, $username, $password); 
$search = ldap_search($ldap, $base_dn, $search_filter, $attributes);
$data = ldap_get_entries($ldap, $search);

foreach($data as $dataPoint)
        echo $dataPoint;
        echo "<hr>";

This outputs just a 0 with a horizontal line below it.

The most challenging thing here is that there is no error message whatsoever and I'm not very familiar with LDAP nor with Active Directory.

Any idea as to why this could be happening.

图片转代码服务由CSDN问答提供 功能建议

我是LDAP和Active Directory的新手。 我正在尝试使用以下代码获取经过身份验证的用户的电子邮件ID。 但是当我运行它时,我得到的只是一个带有0的数组。


  $ server ='  LDAPS:// DOMAIN';  
 $ username ='DOMAIN \ UID';  
 $ password ='PASSWORD'; 
 $ base_dn ='dc = DOMAIN'; 
 $ search_filter ='dn = UID';  
 $ attributes = ['mail'];  
 $ ldap = ldap_connect($ server); 
ldap_set_option($ ldap,LDAP_OPT_REFERRALS,0); 
ldap_set_option($ ldap,LDAP_OPT_PROTOCOL_VERSION,3); 
ldap_bind($ ldap,$ username,$ password);  
 $ search = ldap_search($ ldap,$ base_dn,$ search_filter,$ attributes); 
 $ data = ldap_get_entries($ ldap,$ search); 
foreach($ data as $ dataPoint)
  echo $ dataPoint; 
 echo“&lt; hr&gt;”; 


最具挑战性的是,没有任何错误消息,我对LDAP和Active Directory也不是很熟悉。

任何想法都是为什么 这可能会发生。

  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • duangua5742 2015-03-21 15:02

    I see several things that could potentially be causing problems from the code above:

    • Do you really mean to use ldaps://? Usually that is not what you want to do. If you want to use an encrypted connection you should use ldap_start_tls and the call should be made after ldap_connect. For the purpose of testing I would just change it to ldap://.
    • Your $base_dn variable seems to be missing part of the domain. That should not be the NETBIOS name of your domain, but rather the fully qualified domain name. So if your domain was then the base dn would be dc=domain,dc=com.
    • Your search filter ($search_filter) is not properly formed. If you are trying to retrieve a user object from LDAP given an account name, you could use a search filter like: (sAMAccountName=UID)

    To get a better idea of what may be going wrong you can use ldap_error and call it after you connect: echo "Error: ".ldap_error($ldap);. You can do this after any LDAP related call to get more information on what may have gone wrong.

    解决 无用
    打赏 举报

相关推荐 更多相似问题