mark_l_sanders
asked on
Using PHP LDAP functions: problem with filters
I'm using php's ldap functions to authenticate users against an Open LDAP directory.
This filter: $filter = "cn=" .$userid.;
works fine - ($userid) comes via POST from a form.
So does this: $filter = "(&(|(cn=ISS*)(cn=ITS*))(c n=" .$userid."))";
So I'm pretty confident I can combine (AND/OR) arguments to the filter, and hard-code different forms of 'acceptable' usernames.
However, I want to limit the search to specific OU's. I'm trying to do this inside the filter, but as soon as I do even this:
$filter = "(&(ou=*)(cn=" .$userid."))";
it breaks. Am I trying to set 'acceptable' ou's in the wrong place, or something?
How do I specify acceptable containers?
thanks
This filter: $filter = "cn=" .$userid.;
works fine - ($userid) comes via POST from a form.
So does this: $filter = "(&(|(cn=ISS*)(cn=ITS*))(c
So I'm pretty confident I can combine (AND/OR) arguments to the filter, and hard-code different forms of 'acceptable' usernames.
However, I want to limit the search to specific OU's. I'm trying to do this inside the filter, but as soon as I do even this:
$filter = "(&(ou=*)(cn=" .$userid."))";
it breaks. Am I trying to set 'acceptable' ou's in the wrong place, or something?
How do I specify acceptable containers?
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
LDAP queries work based on object attributes, and while an object may be under an ou, it's not likely to have that ou as an attribute. Instead, do as LinuxNubb suggests and set the desired ou as a base DN for your search.