douboshan1466 2016-05-13 11:37
浏览 46
已采纳

PHP组的LDAP成员

I have groups and users in windows AD and i would like to check if member is a part of group. example:

user1 is in a group 1
         group 1 in group 2

and then i should see user 1 in group 2 as well. In this case i could like to have result 1 or 0 Connection is fine but problem in search statement.

$username = $_POST["username"];

$passw = $_POST["password"];


$ldap_dn = " OU=MANAGER GROUP,OU=ALL GROUPS,DC=domain,DC=uk";
$ldap_svr = "domain.uk";
$ldap_domain = "@domain.uk";
$conn=ldap_connect($ldap_svr) or die("Cannot connect to LDAP server!");

ldap_set_option ($conn, LDAP_OPT_REFERRALS, 0);
ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);

ldap_bind($conn,$username.$ldap_domain , $passw);


    $filter="(&(objectClass=user)(memberOf=CN=Group1,OU=MANAGER GROUP,OU=ALL GROUPS,DC=domain,DC=uk))";
    $justthese = array("cn", "sn", "givenname", "mail");

    $sr=ldap_search($conn, $ldap_dn, $filter, $justthese);

    $info = ldap_get_entries($conn, $sr);

    echo $info["count"]." entries returned
";
  • 写回答

1条回答 默认 最新

  • dpbyr64224 2016-05-14 10:36
    关注

    You might want to have a look at this stack-overflow question to see how to solve it without a library: ldap nested group membership

    Basically it boils down to using the LDAP_MATCHING_RULE_IN_CHAIN matching rule in your query.

    (memberOf:1.2.840.113556.1.4.1941:=CN=Group1,OU=MANAGER GROUP,OU=ALL GROUPS,DC=domain,DC=uk)

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 centos linux 7.9安装php8.2.18不支持mysqli模块的问题
  • ¥15 stata空间计量LM检验
  • ¥15 NAO机器人说出txt文本内容
  • ¥15 关于k8s node节点被释放后如何驱逐节点并添加新节点
  • ¥15 subprocess.CalledProcessError: Command ‘[‘ninja‘, ‘-v‘]‘ returned non-zero exit status 1
  • ¥15 for循环处理大量数据怎么优化
  • ¥15 笔记本接显卡扩展坞重启报错
  • ¥15 为什么这个指令报错啊,一直弄不懂为什么,想问问该怎么弄,决求解决,ubuntu刚入手
  • ¥15 用百度飞将的paddleyolo库里的yolov7训练自己数据集
  • ¥15 Saber里如何查看磁芯的磁通密度