doujiao8649
doujiao8649
2019-03-07 09:48

在AD LDAP中查找用户

  • ldap
  • php

Good time of the day, i've came across the problem of building the filter for LDAP.

Few notes before the actual question:

Фамилия = Family Name (will be presented as FamilyName)  
Имя = Name (will be presented as Name)  
Отчество = Patronymic (will be presented as Patronymic)

I have a user with the following information in the AD:

CN=Фамилия Имя Отчество
sn=FamilyName
givenname=Name

I want to provide the following functionality:

  1. User can either enter theName FamilyName in the field on the website, this will result in the array of 2 filters for Name FamilyName and FamilyName Name'
  2. User can enter Имя Фамилия and the search should switch from (&(sn=)(givenname=)) to (cn=)

Currently i have the following piece of code to accomplish the first option:

    /**
     * Generate search terms
     * @param string $query
     * @return LDAPSearcher
     */
    protected function generateSearchTerms(string $query) : self {
        $this->searchTerms = [];
        $explode = explode(' ', $query);
        $combinations = [];
        array_combinations($explode, $combinations);

        foreach($combinations as $index => $combination) {
            if (false !== strpos($combination, ' ')) {
                [$firstName, $lastName] = explode(' ', $combination);
                $this->searchTerms[] = [
                    'sn'        =>  $lastName,
                    'cn'        =>  $combination,
                    'givenname' =>  $firstName,
                    'filter'    =>  '(&(sn=' . $firstName . ')(givenname=' . $lastName . '))'
                ];
            }
        }

        return $this;
    }

And it works just fine when user using the Latin representation of his/her First and Last names, but when i want to switch to using CN, i have no idea on how to do it.
I've tried the following piece of code for the filter, however it shows that filter is incorrect:
((&(sn=' . $firstName . ')(givenname=' . $lastName . '))|(cn=' . $combination . '*))

Any help is really appreciated!

P.S. it DOES NOT matter which variables i assing to SN or GivenName, since the combinations will match the correct user anyways, i'm running at most 3 searches for each user to ensure that the correct one is found (just to eliminate possibility of answers with assigning correct values to variables)

P.P.S. Combinations are generated using the following piece of code

if (! function_exists('array_combinations')) {

    function array_combinations(array $source, array &$target, ?string $tempString = null) {
        if ($tempString !== null) {
            $target[] = $tempString;
        }
        $size = \count($source);
        for ($i = 0; $i < $size; $i++) {
            $copy = $source;
            $element = array_splice($copy, $i, 1);
            $tmp = null;
            if ($tempString !== null) {
                $tmp = $tempString . ' ' . $element[0];
            } else {
                $tmp = $element[0];
            }
            if (\count($copy) > 0) {
                array_combinations($copy, $target, $tmp);
            } else {
                $target[] = $tmp;
            }
        }

    }

}
  • 点赞
  • 回答
  • 收藏
  • 复制链接分享

1条回答

为你推荐