msosno
asked on
LDAP Active Directory Syntax
I need to write PHP code to connect to active directory using LDAP and perform several reads. The parameters that will be read are: user name, office/building address, email, phone, and department, The code will be a few PHP functions. The problem is that active directory is not installed yet. The code will be tested with another LDAP server.
Does active directory have the same syntax as other LDAP directories (cn = user name, and so on)? Is it safe to write the code and test it with another LDAP server?
Does active directory have the same syntax as other LDAP directories (cn = user name, and so on)? Is it safe to write the code and test it with another LDAP server?
ASKER
Thanks for your response! I am connecting with PHP and it can search for distinguished name.
http://us2.php.net/ldap
I have two questions:
1. It looks like CN, C and other parameters are the same for all LDAP directories, am I right (see the table in the middle: http://www.rlmueller.net/LDAP_Binding.htm ) ?
2. The main thing that worries me, will I be able to write code for an LDAP server other than active directory and then make it work with active directory easily (just by changing variable names (if necessary)?
http://us2.php.net/ldap
I have two questions:
1. It looks like CN, C and other parameters are the same for all LDAP directories, am I right (see the table in the middle: http://www.rlmueller.net/LDAP_Binding.htm ) ?
2. The main thing that worries me, will I be able to write code for an LDAP server other than active directory and then make it work with active directory easily (just by changing variable names (if necessary)?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks. The fields that really interest me are also IP Address and Mac Address.
Does active directory store all this information in one record? For example, does a record for user contain IP Address, MAC address, owner's name and so on? Or is it up to the administrator how these records are populated?
Does active directory store all this information in one record? For example, does a record for user contain IP Address, MAC address, owner's name and so on? Or is it up to the administrator how these records are populated?
It doesn't store those at all I'm afraid. You'd have to retrieve those by other means (nslookup, ping, etc for IP).
Chris
ASKER
ok, thanks for your help. I am just curious, do experts get paid somehow?
Nope, all entirely voluntary.
Chris
This might help (from my website):
http://www.wisesoft.co.uk/Scripts/activedirectoryschema.aspx
It maps the attributes in the user interface to their "real" names in the directory.
http://www.wisesoft.co.uk/Scripts/activedirectoryschema.aspx
It maps the attributes in the user interface to their "real" names in the directory.
In part.
The attribute names you're working with are likely to differ significantly. For the fields you quote above the attribute names are:
Username -> sAMAccountName
Office Name -> physicalDeliveryOfficeName
Street -> streetAddress
Post / Zip Code -> postalCodel
State -> st
City -> l
Country -> c
Email -> mail
Phone -> telephoneNumber
Department -> department
Then you may find yourself working with the structure of the directory, depending on how you're retrieving the data.
Chris