Solved

PHP: Get all groups from Active Directory

Posted on 2013-06-26
3
358 Views
Last Modified: 2013-07-03
I am trying to just get all the global and local groups from active directory.
I am able to bind to the ldap, but I don't know how to go about getting the groups.
Can someone help?

The following code worked with set variables:

$ldapconn = ldap_connect($ad_host,$ad_port) or die("Could not connect to LDAP server.");	
@ldap_set_option($ldapconn , LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_set_option($ldapconn , LDAP_OPT_REFERRALS, 0);

// binding to ldap server
$ldapbind = ldap_bind($ldapconn,$userlogin, $password);

Open in new window


This is where I don't know what filter to use to get the group:

if ($ldapbind)
{
  $baseDN = "dc=test,dc=local";
  $strFilter = "(ou=accounts)";
  $strAttributes = array("Group");

  $group_search = ldap_search($ldapconn,$baseDN,$strFilter,$strAttributes);
}

Open in new window

0
Comment
Question by:lgduong
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 57

Expert Comment

by:Julian Hansen
ID: 39280482
Try filter objectcategory=group
0
 

Author Comment

by:lgduong
ID: 39281849
JulianH,

It is not objectcategory=group.  It is objectClass=group.  I was able to parse out the group from this.  As a follow up, do you know how I can get the name or number of users that belong to this group?

Thanks for your assistance.
0
 
LVL 57

Accepted Solution

by:
Julian Hansen earned 350 total points
ID: 39282162
You have to get all users in the group and then loop through the collection and count them.

Not a PHP example but illustrates the point

http://blogs.technet.com/b/heyscriptingguy/archive/2007/09/19/how-can-i-count-the-number-of-users-in-a-group.aspx
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to implement server side field validation and display customized error messages to the client.
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question