I am trying to grab all groups that a user belongs to using PHP. I am able to grab all of the groups that are listed in the memberof attribute, but not the user's inherited groups.
I've tried modifying the code to also do an ldap_search for the group name/samaccount name but I've not been successful in searching for the group's memberof attribute.
Below is the code that I'm using.
$checkDn=$this->setDn(true);
$results[0]=$attribute;
// We need to search for this user in order to get their entry.
$this->result=@ldap_search($this->connection,$checkDn,$this->getUserIdentifier()."=$uname",$results);
$info=ldap_get_entries($this->connection, $this->result);
// Only one entry should ever be returned(no user will have the same uid)
$entry=ldap_first_entry($this->connection, $this->result);
if(!$entry){
$this->ldapErrorCode=-1;
$this->ldapErrorText="Couldn't find user";
return false; // Couldn't find the user...
}
// Get all the member DNs
if(!$values=@ldap_get_values($this->connection,$entry,$attribute)){
$this->ldapErrorCode=ldap_errno($this->connection);
$this->ldapErrorText=ldap_error($this->connection);
return false; // No matching attributes
}
// Return an array containing the attributes.
return $values;
Here is a sample group that they belong to.
CN=Business Operations,OU=Groups,OU=Operations,OU=Corporate,OU=company name,DC=website,DC=com
Thanks for any assistance with this!
