Solved

PHP: Get all groups from Active Directory

Posted on 2013-06-26
3
349 Views
Last Modified: 2013-07-03
I am trying to just get all the global and local groups from active directory.
I am able to bind to the ldap, but I don't know how to go about getting the groups.
Can someone help?

The following code worked with set variables:

$ldapconn = ldap_connect($ad_host,$ad_port) or die("Could not connect to LDAP server.");	
@ldap_set_option($ldapconn , LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_set_option($ldapconn , LDAP_OPT_REFERRALS, 0);

// binding to ldap server
$ldapbind = ldap_bind($ldapconn,$userlogin, $password);

Open in new window


This is where I don't know what filter to use to get the group:

if ($ldapbind)
{
  $baseDN = "dc=test,dc=local";
  $strFilter = "(ou=accounts)";
  $strAttributes = array("Group");

  $group_search = ldap_search($ldapconn,$baseDN,$strFilter,$strAttributes);
}

Open in new window

0
Comment
Question by:lgduong
  • 2
3 Comments
 
LVL 52

Expert Comment

by:Julian Hansen
ID: 39280482
Try filter objectcategory=group
0
 

Author Comment

by:lgduong
ID: 39281849
JulianH,

It is not objectcategory=group.  It is objectClass=group.  I was able to parse out the group from this.  As a follow up, do you know how I can get the name or number of users that belong to this group?

Thanks for your assistance.
0
 
LVL 52

Accepted Solution

by:
Julian Hansen earned 350 total points
ID: 39282162
You have to get all users in the group and then loop through the collection and count them.

Not a PHP example but illustrates the point

http://blogs.technet.com/b/heyscriptingguy/archive/2007/09/19/how-can-i-count-the-number-of-users-in-a-group.aspx
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now