In this post, i’m gonna explain how to connect to a LDAP server via using PHP.<\/p>\n
First i wanna talk about some definitions;<\/p>\n
LDAP<\/strong> means Lightweight Directory Access Protocol.<\/p>\n As you can understand from it’s name, it is a database which uses directory-tree based structure.<\/p>\n It’s used by OpenLDAP, Sun Directory Server, Microsoft Active Directory and such directory services.<\/p>\n LDIF<\/strong> means LDAP Data Interchange Format.<\/p>\n You can easily execute LDAP queries using ldif files. For example;<\/p>\n You can see some other terms(actually attributes) in the LDAP query above. Such as\u00a0dn: Distinguished Name,\u00a0cn: Common Name,\u00a0sn: Surname.<\/p>\n I’ll give more information about LDAP later in another post.<\/p>\n PHP LDAP Functions<\/strong><\/p>\n PHP has it’s own LDAP functions by it’s own. But i’ve decided to write a class for easier access to these functions.<\/p>\n First, you have to include our class below.<\/p>\n And then you may want to initialize and use our class. Usage is so simple.<\/p>\n That’s all for now.<\/strong><\/p>\n If you have questions or advices about this class please leave a message in comments section.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":" In this post, i’m gonna explain how to connect to a LDAP server via using PHP. First i wanna talk about some definitions; LDAP means Lightweight Directory Access Protocol. As you can understand from it’s name, it is a database which uses directory-tree based structure. It’s used by OpenLDAP, Sun Directory Server, Microsoft Active Directory […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","footnotes":""},"categories":[384,416,435],"tags":[],"yst_prominent_words":[667,2006,1261,2010,2003,2000,2016,960,936,2013,337],"class_list":["post-652","post","type-post","status-publish","format-standard","hentry","category-ldap","category-php-programming","category-web-developer"],"jetpack_featured_media_url":"","uagb_featured_image_src":{"full":false,"thumbnail":false,"medium":false,"medium_large":false,"large":false,"1536x1536":false,"2048x2048":false},"uagb_author_info":{"display_name":"ckaraca","author_link":"https:\/\/www.veriteknik.net.tr\/en\/author\/ckaraca\/"},"uagb_comment_info":0,"uagb_excerpt":"In this post, i’m gonna explain how to connect to a LDAP server via using PHP. First i wanna talk about some definitions; LDAP means Lightweight Directory Access Protocol. As you can understand from it’s name, it is a database which uses directory-tree based structure. It’s used by OpenLDAP, Sun Directory Server, Microsoft Active Directory…","_links":{"self":[{"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/posts\/652","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/comments?post=652"}],"version-history":[{"count":0,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/posts\/652\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/media?parent=652"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/categories?post=652"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/tags?post=652"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/yst_prominent_words?post=652"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}dn: cn=John Doe,dc=example,dc=com\ncn: John Doe\ngivenName: John\nsn: Doe\ntelephoneNumber: +1 888 555 6789\ntelephoneNumber: +1 888 555 1232\nmail: john@example.com\nManager: cn=Jane Doe,dc=example,dc=com\nobjectClass: inetOrgPerson\nobjectClass: organizationalPerson\nobjectClass: person\nobjectClass: top<\/pre>\n
<?php \n\nclass LDAP{\n\n public $ldapserver = \"99.245.56.89\";\n public $ldapport = \"389\";\n public $basedn = \"cn=admin,dc=web-sistem,dc=com\";\n public $basepass = \"yourldap_password\"; \n\n\tfunction connect($server,$port){\n\n\t\techo \"Connecting to LDAP Server...\"; \n\t\t$connection = ldap_connect($server,$port); \/\/ must be a valid LDAP server!\t\n\t\tldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);\n\n\t\t\/\/ PHP Reference says there is no control of connection status in OpenLDAP 2.x.x\n\t\t\/\/ So we'll use binding function to check connection status.\n\n\t\treturn $connection;\n\n\t}\n\n\tfunction bind($connection,$basedn,$basepass){\n\n\t\techo \"<br><br>Binding...<br>\"; \n\t\t$ldaprdn = $basedn; \/\/ ldap rdn or dn \n\t\t$ldappass = $basepass; \/\/ associated password\n\t\t$bind = ldap_bind($connection, $ldaprdn, $ldappass);\n\n\t\tif ($bind) { \n\t\t\techo \"LDAP bind successful...\";\n\n\t\t} else { \n\t\t\techo \"LDAP bind failed...\"; \n\t\t}\n\t}\n\n\tfunction search($connection, $searchdn, $filter, $attributes = array()){\n\n\t\t$sr = ldap_search($connection, $searchdn, $filter, $attributes);\n\n\t\tif ($sr) {\n\t\t\techo 'Search Succeeded. Getting Entries...<br>';\n\n\t echo \"Number of entires returned: \" . ldap_count_entries($connection, $sr) . \"<br \/>\";\n\n\t $info = ldap_get_entries($connection, $sr);\n\n\t echo \"Data for \" . $info[\"count\"] . \" items returned:<p>\\n\";\n\n\t\t\tprint_r($info);\n\t\t\techo '<hr><br>';\n\n\t\t} else {\n\t\t\techo 'Search Failed.<br>';\n\t\t}\n\t}\n\n\tfunction addRecord($connection, $adddn, $record){\n\n\t $addProcess = ldap_add($connection, $adddn, $record);\n\n\t if($addProcess){\n\t echo \"Entry added<br>\";\n\t\t\techo '<hr><br>';\n\t } else {\n\t \techo \"Please check your data<br>\";\n\t\t\techo '<hr><br>';\n\t }\n\t}\n\n\tfunction modifyRecord($connection, $modifydn, $record){\n\t\t$modifyProcess = ldap_modify($connection, $modifydn, $record);\n\t if($modifyProcess){\n\t echo \"Entry modified<br>\";\n\t\t\techo '<hr><br>';\n\t } else {\n\t \techo \"Please check your data<br>\";\n\t\t\techo '<hr><br>';\n\t }\n\t}\n\n\tfunction deleteRecord($connection, $dn, $recursive = false){\n\t echo \"Deleting Record...<br>\";\n\n\t if($recursive == false){\n\t \techo 'Entry: ' . $dn . ' deleted.';\n\t return(ldap_delete($connection, $dn));\n\t } else {\n\n\t \/\/ Search for child entries\t \n\t $sr = ldap_list($connection, $dn, \"ObjectClass=*\", array(\"\"));\n\t $info = ldap_get_entries($connection, $sr);\n\n\t for($i=0;$i<$info['count'];$i++){\n\t \/\/ Recursive delete child entries - using myldap_delete to recursive deletion\n\t $result = myldap_delete($connection, $info[$i]['dn'], $recursive);\n\t if(!$result){\n\t \/\/ return status code if deletion fails.\n\t return($result);\n\t }\n\t }\n\t\t\t\/\/ Delete top dn\n\t\t\techo 'Entry: ' . $dn . ' deleted.';\n\t return(ldap_delete($connection, $dn));\n\t }\n\t}\n\n\tfunction close($connection){\n\t\techo '<hr><br>';\n\t echo \"Closing connection\";\n\t ldap_close($connection);\n\t}\n\n}\n\n?><\/pre>\n<?php\n\n\trequire_once('class.ldap.php');\n\n\t$ldap = new LDAP();\n\n\t\/\/ Connect to LDAP Server - connect(ldap_server, port)\n\t$connection = $ldap->connect($ldap->ldapserver,$ldap->ldapport);\n\n\t\/\/ Bind with LDAP instance\n\t$ldap->bind($connection,'cn=admin,dc=web-sistem,dc=com','yourldap_password');\n\n\techo '<hr><br>';\n\n\t\/\/ Search LDAP directory\n\n\t\/\/ Search with a wildcard\n\t$ldap->search($connection,'o=hosting,dc=web-sistem,dc=com','vd=*');\n\n\t\/\/ Search with no attributes specified\t\n\t$ldap->search($connection,'o=hosting,dc=web-sistem,dc=com','vd=plugged.in');\n\n\t\/\/ Search with attributes (attributes must be an array)\n\n\t$ldap->search($connection,'o=hosting,dc=web-sistem,dc=com','vd=web-sistem.com', array('custID'));\n\n\t\/\/ Prepare data to insert\n\n\t\/\/ Please change the record entry as required by your company directory structure\n\n\t$insert_data['objectclass'][0] = \"top\";\n\t$insert_data['objectclass'][1] = \"VirtualDomain\";\n\n\t$insert_data[\"accountActive\"] = \"TRUE\";\n\t$insert_data[\"delete\"] = \"FALSE\";\n\t$insert_data[\"lastChange\"] = \"103\";\n\t$insert_data[\"vd\"] = \"plugged.in\";\n\t$insert_data[\"adminID\"] = \"3\";\n\t$insert_data[\"custID\"] = \"2\";\n\t$insert_data[\"editAV\"] = \"FALSE\";\n\t$insert_data[\"maxAlias\"] = \"20\";\n\t$insert_data[\"maxMail\"] = \"22\";\n\t$insert_data[\"maxQuota\"] = \"300\";\n\t$insert_data[\"postfixTransport\"] = \"maildrop:\";\n\n\t\/\/ LDAP Insert DN\t\t\n\t$addDN = \"vd=plugged.in,o=hosting,dc=web-sistem,dc=com\";\n\t$ldap->addRecord($connection,$addDN,$insert_data);\n\n\t\/\/ Prepare data to modify\n\n\t\/\/ Please change the record entry as required by your company directory structure\n\n\t$modify_data[\"adminID\"] = \"3213\";\n\t$modify_data[\"custID\"] = \"2441\";\n\n\t\/\/ LDAP Modify DN\t\t\n\t$modifyDN = \"vd=plugged.in,o=hosting,dc=web-sistem,dc=com\";\n\t$ldap->modifyRecord($connection,$modifyDN,$modify_data);\n\n\t\/\/ Delete LDAP record\t(third parameter is \"Recursive\")\n\t$deleteDN = \"vd=plugged.in,o=hosting,dc=web-sistem,dc=com\";\n\t$ldap->deleteRecord($connection,$deleteDN,true);\n\n\t\/\/Close LDAP Connection\n\t$ldap->close($connection);\n?><\/pre>\n