• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2814
  • Last Modified:

LDAP Active Directory Syntax

I need to write PHP code to connect to active directory using LDAP and perform several reads. The parameters that will be read are: user name, office/building address, email, phone, and department,  The code will be a few PHP functions. The problem is that active directory is not installed yet. The code will be tested with another LDAP server.
Does active directory have the same syntax as other LDAP directories (cn = user name, and so on)? Is it safe to write the code and test it with another LDAP server?
0
msosno
Asked:
msosno
  • 4
  • 3
1 Solution
 
Chris DentPowerShell DeveloperCommented:

In part.

The attribute names you're working with are likely to differ significantly. For the fields you quote above the attribute names are:

Username -> sAMAccountName
Office Name -> physicalDeliveryOfficeName
Street -> streetAddress
Post / Zip Code -> postalCodel
State -> st
City -> l
Country -> c
Email -> mail
Phone -> telephoneNumber
Department -> department

Then you may find yourself working with the structure of the directory, depending on how you're retrieving the data.

Chris
0
 
msosnoAuthor Commented:
Thanks for your response! I am connecting with PHP and it can search for distinguished name.
http://us2.php.net/ldap
I have two questions:
1. It looks like CN, C and other parameters are the same for all LDAP directories, am I right (see the table in the middle: http://www.rlmueller.net/LDAP_Binding.htm ) ?
2. The main thing that worries me, will I be able to write code for an LDAP server other than active directory and then make it work with active directory easily (just by changing variable names (if necessary)?
0
 
Chris DentPowerShell DeveloperCommented:

1. Common Name and Domain Component are used in all X500 compliant directories, including Active Directory. So those at least carry easily.

2. In theory, yes I don't see why not. But I couldn't give you a fully qualified, practically backed, answer to that.

Chris
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
msosnoAuthor Commented:
Thanks. The fields that really interest me are also IP Address and Mac Address.
Does active directory store all this information in one record? For example, does a record for user contain IP Address, MAC address, owner's name and so on? Or is it up to the administrator how these records are populated?
0
 
Chris DentPowerShell DeveloperCommented:

It doesn't store those at all I'm afraid. You'd have to retrieve those by other means (nslookup, ping, etc for IP).

Chris
0
 
msosnoAuthor Commented:
ok, thanks for your help. I am just curious, do experts get paid somehow?
0
 
Chris DentPowerShell DeveloperCommented:

Nope, all entirely voluntary.

Chris
0
 
Wiseman1982Commented:
This might help (from my website):
http://www.wisesoft.co.uk/Scripts/activedirectoryschema.aspx

It maps the attributes in the user interface to their "real" names in the directory.
0

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now