/ php

LDAP 連線範例

在 linux 上用 LDAP 連接 Windows 2003 的 AD 的範例程式
重點 1. 注意連接的 Port, Windows 的 LDAP 請走 port 3268
重點 2. 連線登入時請輸入完整的 filter string 作為帳號,
ex. ad_access_account@your_org
or
CN=Guest,OU=IT-Test,OU=CompanyMember,DC=Company,DC=local

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

< ?php
// 本例使用到 connect, bind, search, interpret search
// result, close connection 等等 LDAP 的功能。
 
echo "<h3>LDAP 搜尋測試";
echo "連線中 ...";
 
// 先連上有效的 LDAP 伺服器
$ds=ldap_connect("192.168.xxx.xxx",3268)or die("Could not connect");
 
echo "連上 ".$ds."<p>";
 
if ($ds) {
echo "Binding ... ";
$r=ldap_bind($ds,"ad_access_account@your_org","your_password");
 
if ($r) { echo "Bind Successful!";
echo "Bind result is " . $r . "<br />";
}
 
else echo "Bind Failure!";
 
echo "Searching for (OU=2140-IT) ...";
 
// Search surname entry
$sr=ldap_search($ds, "DC=company,DC=local", "CN=search_someone_account");
 
if ($sr)
{ echo "Search result is " . $sr . "<br />";
echo "Number of entires returned is " . ldap_count_entries($ds, $sr) . "<br />";
}
 
else echo "Search fail <br />";
echo "Getting entries ...</p><p>";
$info = ldap_get_entries($ds, $sr);
echo "Data for " . $info["count"] . " items returned:</p><p>";
 
for ($i=0; $i< $info["count"]; $i++) {
echo "dn is: " . $info[$i]["dn"] . "<br />";
echo "first cn entry is: " . $info[$i]["cn"][0] . "<br />";
echo "first email entry is: " . $info[$i]["mail"][0] . "<br /><hr />";
}
 
echo "Closing connection";
ldap_close($ds);
} else {
echo "<h4>無法連接到 LDAP 伺服器</h4>";
}
?>
</p>