PHP and LDAP Query with !-statement not working

Hi all!

I've got a question about the function ldap_search and a filter that I use.

Here's what the code looks like

$filter = (&(objectclass=user)(cn=$)(!memberof=cn=domain admins,cn=users,dc=domain,dc=tld))
$result = ldap_search($conn,$ou,$filter);

This doesn't work (ldap search filter error), however if I omit the ! from the !memberof, it does work. Somehow PHP doesn't like the ! (not-statement). Running the LDAP-query within AD does work just fine.

Any ideas?

LVL 11
Who is Participating?
svgmucConnect With a Mentor Commented:
The ! needs to be parenthesized.

$filter = '(&(objectclass=user)(cn=$)(!(memberof=cn=domain admins,cn=users,dc=domain,dc=tld)))';
MichaelVHAuthor Commented:

either it's me or either I'm stupid ;-)

Here's the code and it doesn't work, it might be because of the ' around the $_GET['q']... Though I'm not sure...

Thanks again for your help.

//NEW CODE (doesn't work)
$filter='(&(objectcategory=person)(objectclass=user)(cn=*".$_GET['q'].*)(!(memberof=cn=domain admins,cn=users,dc=domain,dc=tld)))'
$result_ctc = ldap_search($ctc,"dc=domain,dc=tld",$filter) or die ("Error in search query");

//OLD QUERY (does work)
//$result_ctc = ldap_search($ctc,"dc=domain,dc=tld","(&(objectcategory=person)(objectclass=user)(cn=*".$_GET['q']."*))") or die ("Error in search query");

Open in new window

MichaelVHAuthor Commented:
I actually copy-pasted your solution and then it worked, seems as if I didn't type it over correctly the first time. Thank you very much!
All Courses

From novice to tech pro — start learning today.