PHP LDAP communication

I setup this script from php.net  And i know its connecting.   and i know its binding, but it wont search.  I was wondering is someone can tell me what may be wrong.  here is the resulting page


"

LDAP query test
Connecting ...connect result is Resource id #1
Binding ...LDAP bind successful...Bind result is 1
Searching for (sn=S* ...LDAP search failed...Search result is
Number of entries returned is
getting entries...
Data from items returned:

Closing connection

"

and the code will be below.
<?php
// basic sequence with LDAP is connect, bind, search, interpret search
// result, close connection
$uname = "cfusion";
$pass = "cfusion";
echo "<h3>LDAP query test</h3>";
echo "Connecting ...";
$ds=ldap_connect("dc01.ad.my_companies_domain.org");  // must be a valid LDAP server!
echo "connect result is " . $ds . "<br />";
$base_dn = "DC=ad, DC=chsnj, DC=org";
if ($ds) { 
    echo "Binding ..."; 
    $r=ldap_bind($ds, $uname, $pass);     // this is an "anonymous" bind, typically
	
	if ($r) {
        echo "LDAP bind successful...";
    } else {
        echo "LDAP bind failed...";
    }
                          
    echo "Bind result is " . $r . "<br />";
 
    echo "Searching for (sn=S*) ...";
    // Search surname entry
    $sr=ldap_search($ds, "OU=Users, OU=Officers, ".$basedn, "CN=Meyer");
		if ($sr) {
        echo "LDAP search successful...";
    } else {
        echo "LDAP search failed...";
    }  
    echo "Search result is " . $sr . "<br />";
 
    echo "Number of entires returned is " . ldap_count_entries($ds, $sr) . "<br />";
 
    echo "Getting entries ...<p>";
    $info = ldap_get_entries($ds, $sr);
    echo "Data for " . $info["count"] . " items returned:<p>";
 
    for ($i=0; $i<$info["count"]; $i++) {
        echo "dn is: " . $info[$i]["dn"] . "<br />";
        echo "first cn entry is: " . $info[$i]["cn"][0] . "<br />";
        echo "first email entry is: " . $info[$i]["mail"][0] . "<br /><hr />";
    }
 
    echo "Closing connection";
    ldap_close($ds);
 
} else {
    echo "<h4>Unable to connect to LDAP server</h4>";
}
?>

Open in new window

LVL 1
deanmbAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

hernst42Commented:
You might add ldap_error to your failed to get a clue why the search failed
echo "LDAP search failed..." . ldap_error($ds);

Open in new window

0
deanmbAuthor Commented:
thanks for the quick response.  I tried that and it was causing a object error.

so i changed some lines to this

    echo "Searching for (sn=S*) ...";
    // Search surname entry
    $sr=ldap_search($ds, $basedn, '', "sn=S*");
      if ($sr) {
        echo "LDAP search successful...";
    } else {
        echo "LDAP search error: ".ldap_error($ds);
    }  


and now.  i still get the error as if its not working.  but i get a success message at the same time... the output is

LDAP search error: Success

thats this part

LDAP search error: ".ldap_error($ds);

so it's failing and the if statement sees that, and there is no search results, yet it thinks the search was successful... and i no with the 3000 employees someone has to have a surname that starts with S
0
hernst42Commented:
There is still access control which might prevent the used ldap user from seeing those entries.
0
C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

deanmbAuthor Commented:
no this user is used to access ldap via coldfusion, but i use PHP so i'm trying to do it in php.
0
hernst42Commented:
Try using an alternative ldap-browser and there use the sa,e credentials as in php and see if that ldap-browser does return a result. If not the permissions for the cf-user are not enought on the ldap-server.

Btw this is wrong:
$sr=ldap_search($ds, $basedn, '', "sn=S*");
should be
$sr=ldap_search($ds, $basedn, "sn=S*");
the 4th parameter must be an array
0
deanmbAuthor Commented:
what do you mean a ldap-browser? you can';t just run this though a regular browser like firefox or msie?
0
hernst42Commented:
No some software like http://www.jxplorer.org/
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
deanmbAuthor Commented:
i thought you can run it in a regular browser.  Is there any way to run it in a regular browser? ColdFusion will run LDAP in a regular browser.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.