Terry Woods
asked on
Get all users from Active Directory using PHP, LDAP
I'm modifying some PHP code that previously pulled all staff details from LDAP to now pull the data from Active Directory.
The code (for Active Directory) does an ldap_bind and connect, then it looks like this:
This works, but unfortunately also picks up some non-staff records. I've tried altering the filter to various values to exclude the non-staff records, but with no luck. In particular, I thought that filtering on "distinguishedname" (to look for OU=Users) might work, but the only thing I could get to match was the entire string for just one user (nothing using a wildcard).
How can I filter out the non-staff? Thanks!
I tried this filter, but it returns nothing:
Staff data looks like this (only partly shown, to reduce sanitisation effort):
And some non-user records, looking like this (just a part of it):
The code (for Active Directory) does an ldap_bind and connect, then it looks like this:
$filter = "(&(objectCategory=person)(objectClass=user)(sn=$search*))";
$dn = 'DC=acmeco,DC=global';
$ldap_data = ldap_get_entries($con, ldap_search($con, $dn, $filter));
This works, but unfortunately also picks up some non-staff records. I've tried altering the filter to various values to exclude the non-staff records, but with no luck. In particular, I thought that filtering on "distinguishedname" (to look for OU=Users) might work, but the only thing I could get to match was the entire string for just one user (nothing using a wildcard).
How can I filter out the non-staff? Thanks!
I tried this filter, but it returns nothing:
$filter = "(&(objectCategory=person)(objectClass=user)(distinguishedname=*OU=Users*)(sn=$search*))";
Staff data looks like this (only partly shown, to reduce sanitisation effort):
[0] => Array
(
[objectclass] => Array
(
[count] => 4
[0] => top
[1] => person
[2] => organizationalPerson
[3] => user
)
[0] => objectclass
[cn] => Array
(
[count] => 1
[0] => Joe Bloggs
)
[1] => cn
[sn] => Array
(
[count] => 1
[0] => Bloggs
)
[2] => sn
[c] => Array
(
[count] => 1
[0] => AU
)
[3] => c
[l] => Array
(
[count] => 1
[0] => Melbourne
)
[4] => l
[st] => Array
(
[count] => 1
[0] => Victoria
)
[5] => st
[title] => Array
(
[count] => 1
[0] => Project Manager
)
[6] => title
[postalcode] => Array
(
[count] => 1
[0] => VIC 3000
)
[7] => postalcode
[physicaldeliveryofficename] => Array
(
[count] => 1
[0] => Melbourne
)
[8] => physicaldeliveryofficename
[givenname] => Array
(
[count] => 1
[0] => Joe
)
[9] => givenname
[distinguishedname] => Array
(
[count] => 1
[0] => CN=Joe Bloggs,OU=MB,OU=Users,OU=NS,OU=AU,DC=acmeco,DC=global
)
[10] => distinguishedname
And some non-user records, looking like this (just a part of it):
[113] => Array
(
[objectclass] => Array
(
[count] => 4
[0] => top
[1] => person
[2] => organizationalPerson
[3] => user
)
[0] => objectclass
[cn] => Array
(
[count] => 1
[0] => Service App Pool 1
)
[1] => cn
[sn] => Array
(
[count] => 1
[0] => App Pool 1
)
[2] => sn
[givenname] => Array
(
[count] => 1
[0] => Service
)
[3] => givenname
[distinguishedname] => Array
(
[count] => 1
[0] => CN=Service App Pool 1,OU=SharePoint Administration,OU=Services,DC=acmeco,DC=global
)
[4] => distinguishedname
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.