douboshan1466 2016-05-13 11:37
浏览 46
已采纳

PHP组的LDAP成员

I have groups and users in windows AD and i would like to check if member is a part of group. example: 

user1 is in a group 1
         group 1 in group 2

and then i should see user 1 in group 2 as well. In this case i could like to have result 1 or 0 Connection is fine but problem in search statement.

$username = $_POST["username"];

$passw = $_POST["password"];


$ldap_dn = " OU=MANAGER GROUP,OU=ALL GROUPS,DC=domain,DC=uk";
$ldap_svr = "domain.uk";
$ldap_domain = "@domain.uk";
$conn=ldap_connect($ldap_svr) or die("Cannot connect to LDAP server!");

ldap_set_option ($conn, LDAP_OPT_REFERRALS, 0);
ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);

ldap_bind($conn,$username.$ldap_domain , $passw);


    $filter="(&(objectClass=user)(memberOf=CN=Group1,OU=MANAGER GROUP,OU=ALL GROUPS,DC=domain,DC=uk))";
    $justthese = array("cn", "sn", "givenname", "mail");

    $sr=ldap_search($conn, $ldap_dn, $filter, $justthese);

    $info = ldap_get_entries($conn, $sr);

    echo $info["count"]." entries returned
";
  • 写回答

1条回答 默认 最新

  • dpbyr64224 2016-05-14 10:36
    关注

    You might want to have a look at this stack-overflow question to see how to solve it without a library: ldap nested group membership

    Basically it boils down to using the LDAP_MATCHING_RULE_IN_CHAIN matching rule in your query.

    (memberOf:1.2.840.113556.1.4.1941:=CN=Group1,OU=MANAGER GROUP,OU=ALL GROUPS,DC=domain,DC=uk)

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 怎么获取下面的: glove_word2id.json和 glove_numpy.npy 这两个文件
  • ¥15 js调用html页面需要隐藏某个按钮
  • ¥15 ads仿真结果在圆图上是怎么读数的
  • ¥20 Cotex M3的调试和程序执行方式是什么样的?
  • ¥20 java项目连接sqlserver时报ssl相关错误
  • ¥15 一道python难题3
  • ¥15 牛顿斯科特系数表表示
  • ¥15 arduino 步进电机
  • ¥20 程序进入HardFault_Handler
  • ¥15 oracle集群安装出bug