dsce23640 2016-02-01 21:03
浏览 231

使用samaccountname修改AD LDAP对象

I have a php script which works but I need to change it to use an AD account (samaccountname) instead of CN in this sample;


$base_dn="CN=Peter Parker,OU=Subcontainer,OU=Subcontainer,OU=Container,
$ldapconn = ldap_connect("host.domain.com") or die("Could not connect to LDAP server.");

if ($ldapconn)
    $ldapbind = ldap_bind($ldapconn, $ldapusername, $ldappassword);

    if ($ldapbind)
        echo "LDAP bind successful ...";
        echo "LDAP bind failed ...";


The intention is to modify the ipphone object for users in AD, but I can't use CN because this input is not unique enough for the task. If the CN in the account's base DN is the descriptive name of the user, am I out of luck?

  • 写回答

1条回答 默认 最新

  • dpdhnd3577 2016-02-02 14:14

    You have to give ldap_modify the distinguished name (DN) of the account you want to change. There is no way around that.

    If you start out only knowing the sAMAccountName, then you can search the domain for the account first, then grab the distinguishedName attribute from the results.

    To search, use ldap_search using the filter "(sAMAccountName=username)"

    本回答被题主选为最佳回答 , 对您是否有帮助呢?



  • ¥15 mysql , 用自己创建的本地主机和用户名 登录不上
  • ¥15 关于#web项目#的问题,请各位专家解答!
  • ¥15 vmtools环境不正常
  • ¥15 请问如何在Ubuntu系统中安装使用microsoft R open?
  • ¥15 jupyter notebook
  • ¥30 informer时间序列预测
  • ¥20 SSR引物多态性分析
  • ¥15 大漠插件在Win11易语言注册调用和免注册灵异事件,VS上注册调用完全没问题
  • ¥15 Addressable缓存机制做热更新的问题
  • ¥15 微信开发者工具vant组件