04/02/2014 - PHP
Her ne kadar aşağıdaki örneklerin çoğu fazla değişmesede, bulunduğunuz organizasyona göre ufak tefek değişiklikler olabilir, bu nedenle gerekli değişiklikleri yapmak size kalmış. Daha fazla bilgi için Mozilla ve PHP.net sitelerini ziyaret edin.
$username = 'inanzzz';
$password = '123123';
$server = '192.168.32.4';
$domain = '@yourdomain.local';
$port = 389;
$connection = ldap_connect($server, $port);
if (!$connection) {
exit('Connection failed');
}
// Help talking to AD
ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, 0);
$bind = @ldap_bind($connection, $username.$domain, $password);
if (!$bind) {
exit('Binding failed');
}
// This is where you can do your work
ldap_close($ldap_connection);
Aşağıdaki örnekler size LDAP ve AD hakkında ufak tefek bilgiler verirler.
function list_organisational_units($ldap_connection, $organisation = 'inanzzz')
{
$distinguished_name = "DC=yourdomain,DC=local";
$filter = "ou=*";
$search = ldap_list($ldap_connection, $distinguished_name, $filter);
$total_record = ldap_count_entries($ldap_connection, $search);
$returned = ldap_get_entries($ldap_connection, $search);
for ($i = 0; $i < $total_record; $i++) {
echo $returned[$i]['ou'][0];
}
}
function list_all_users($ldap_connection, $unit = 'accounts')
{
$distinguished_name = "OU=$unit,DC=yourdomain,DC=local";
$filter = "(sAMAccountName=*)";
$search = ldap_search($ldap_connection, $distinguished_name, $filter);
$total_record = ldap_count_entries($ldap_connection, $search);
$returned = ldap_get_entries($ldap_connection, $search);
if ($total_record > 0) {
print_r($returned);
}
}
function search_user($ldap_connection, $unit = 'accounts', $person = 'name surname')
{
$distinguished_name = "CN=$person,OU=$unit,DC=yourdomain,DC=local";
$filter = "(sAMAccountName=*)";
$search = ldap_search($ldap_connection, $distinguished_name, $filter);
$total_record = ldap_count_entries($ldap_connection, $search);
$returned = ldap_get_entries($ldap_connection, $search);
if ($total_record > 0) {
print_r($returned);
}
}
function search_username_for_login($ldap_connection, $person = 'inanzzz.surname')
{
$distinguished_name = "DC=yourdomain,DC=local";
$filter = "(|(mail=$person@*))";
$search = ldap_search($ldap_connection, $distinguished_name, $filter);
$total_record = ldap_count_entries($ldap_connection, $search);
$returned = ldap_get_entries($ldap_connection, $search);
if ($total_record > 0) {
print_r($returned);
}
}
function search_similar_users($ldap_connection, $person = 'inanzzz')
{
$distinguished_name = "DC=yourdomain,DC=local";
$filter = "(|(givenname=$person*))";
$search = ldap_search($ldap_connection, $distinguished_name, $filter);
$total_record = ldap_count_entries($ldap_connection, $search);
$returned = ldap_get_entries($ldap_connection, $search);
if ($total_record > 0) {
print_r($returned);
}
}
function search_username_for_registration($ldap_connection, $person = 'inanzzz.surname')
{
$distinguished_name = "DC=yourdomain,DC=local";
$filter = "(|(mail=$person*))";
$search = ldap_search($ldap_connection, $distinguished_name, $filter);
$total_record = ldap_count_entries($ldap_connection, $search);
$returned = ldap_get_entries($ldap_connection, $search);
if ($total_record > 0) {
echo 'Name : ' . $returned[0]['givenname'][0];
echo 'Surname : ' . $returned[0]['sn'][0];
echo 'Email : ' . $returned[0]['mail'][0];
}
}
function list_all_active_users($ldap_connection)
{
$distinguished_name = "DC=yourdomain,DC=local";
$filter = "(cn=*)";
$search = ldap_search($ldap_connection, $distinguished_name, $filter);
$total_record = ldap_count_entries($ldap_connection, $search);
$returned = ldap_get_entries($ldap_connection, $search);
for ($i = 0; $i < $total_record; $i++)
{
if (false === stripos($returned[$i]['dn'], 'Disabled'))
{
if (isset($returned[$i]['givenname']) && isset($returned[$i]['cn']) && isset($returned[$i]['sn']) &&
isset($returned[$i]['mailnickname']) && isset($returned[$i]['mail']) && isset($returned[$i]['memberof']))
{
if (! preg_match('#[0-9]#', $returned[$i]['cn'][0]))
{
echo 'FULLNAME (cn) : ' . $returned[$i]['cn'][0];
echo 'FIRSTNAME (givenname) : ' . $returned[$i]['givenname'][0];
echo 'SURNAME (sn) : ' . $returned[$i]['sn'][0];
echo 'EMAIL NICKNAME (mailnickname) : ' . $returned[$i]['mailnickname'][0];
echo 'EMAIL (mail) : ' . $returned[$i]['mail'][0];
$memberof = null;
foreach ($returned[$i]['memberof'] as $key => $value)
{
if ($key != 'count')
{
$memberof_array = explode(',', $value);
foreach ($memberof_array as &$member)
{
if (substr($member, 0, 2) == 'OU')
{
$memberof .= substr($member, 3) . '|';
}
}
}
}
$memberof = substr($memberof, 0, -1);
echo 'GROUPS (memberof - OU only) : ' . $memberof;
}
}
}
}
}
function list_all_disabled_users($ldap_connection)
{
$distinguished_name = "DC=yourdomain,DC=local";
$filter = "(|(mail=*@*))";
$search = ldap_search($ldap_connection, $distinguished_name, $filter);
$total_records = ldap_count_entries($ldap_connection, $search);
$returned = ldap_get_entries($ldap_connection, $search);
//If record found
if ($total_records != 0)
{
$list = array();
//Iterate through records
for ($i = 0; $i < $total_records; $i++)
{
$name = isset($returned[$i]['givenname'][0]) ? $returned[$i]['givenname'][0] : null;
$surname = isset($returned[$i]['sn'][0]) ? $returned[$i]['sn'][0] : null;
$email = isset($returned[$i]['mail'][0]) ? $returned[$i]['mail'][0] : null;
$disabled = (stripos($returned[$i]['distinguishedname'][0], 'OU=Disabled Accounts') !== false) ? 'YES' : 'NO';
//Extract mail address
$mail_parts = explode('@', $email);
//If the rule is satisfied
if ($name != '' && $surname != '' && $email != '' && $mail_parts[1] == 'yourdomain.co.uk' && $disabled == 'YES')
{
//Set array
$list[] = ucfirst($name) . ' ' . ucfirst($surname) . ' - ' . $email;
}
}
}
//If there are disabled users then list them
if (count($list) > 0)
{
//Sort array in alphabetical order
asort($list);
$i = 1;
foreach ($list as $user)
{
echo $i . ' - ' . $user;
$i++;
}
}
}