[GRLUG] Looking for LDAP/ActiveDirectory coders.
Ben DeMott
ben.demott at gmail.com
Thu Jul 2 22:08:31 EDT 2009
I will login to the site when I get some more time and post examples - I'll
have to de-API the code and make it more basic.... :)
function ldapConnect($type = false,$server = false) {
// type can be 'admin' or 'user', function returns a connection object.
// pass a name of a server string if you prefer a server to connect to.
if(!is_callable('ldap_connect')) return false;
$connected = false;
$tries = 0;
while (!$connected) {
$tries++;
if(!empty($server)) {$lastId = $server['entry_id'];}
else { $lastId = false; }
$server = ldapServerArray(false,$server,$lastId);
@$ldapConn = ldap_connect($server['host']);
@ldap_set_option($ldapConn, LDAP_OPT_TIMELIMIT,
DEFAULT_LDAP_QUERY_TIMEOUT);
@ldap_set_option($ldapConn, LDAP_OPT_NETWORK_TIMEOUT,
DEFAULT_LDAP_TIMEOUT);
@ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
if($type == "admin") {
$user = $server['admin_name'];
$pass = $server['admin_pass'];
}
else {$user=$server['user_name']; $pass=$server['user_pass'];}
if(@$ldapBind = ldap_bind($ldapConn,$user . '@' .
$server['domain'],$pass)) {
$connected = true;
}
elseif($tries >= SITE_LDAP_CONNECT_ATTEMPTS) { return false; } // if we
have tried LDAP_MAX_CONNECTION_ATTEMPTS times to bind, quit - and stop
hassling the Ldap Server
else { ldap_close($ldapConn); }
}
return $ldapConn;
}
On Thu, Jul 2, 2009 at 9:52 PM, Michael Mol <mikemol at gmail.com> wrote:
> On Thu, Jul 2, 2009 at 9:47 PM, Ben DeMott<ben.demott at gmail.com> wrote:
> > Oh yeah, if that's what you are looking for I wrote a whole PHP api to do
> > common AD stuff like:
> > BaseSearchDn = (your DN)
> > function: adUserExists()
> > function: adGroupExists()
> > function: adIsGroupMember()
> >
> > calculating the AD password reset time,
> > and converting the AD LDAP fields into COMMON ldap fields - oh the
> memories
> > :)
> >
> > ... and LDAP (ad) API will actually come with OpenLEAF - but thats
> another
> > story.
> >
> > I will round up some examples for ya :)
>
> Feel free to create an account on the site, or even edit anonymously;
> It's an open-edit wiki. :-)
>
>
> --
> :wq
> _______________________________________________
> grlug mailing list
> grlug at grlug.org
> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shinobu.grlug.org/pipermail/grlug/attachments/20090702/ef70bd17/attachment.htm
More information about the grlug
mailing list