Home arrow PHP arrow Page 2 - Using PHP With LDAP (part 1)

Looking For Answers - PHP

Among its many other capabilities, PHP also comes with afull-featured API to connect to, and communicate with, LDAP directoryservers. This article explores how PHP and LDAP can be used together,beginning with a crash course in LDAP basics and proceeding to a series ofsimple examples that demonstrate how PHP can be used to search an LDAPdirectory and format the results for the Web.

  1. Using PHP With LDAP (part 1)
  2. Looking For Answers
  3. The Bare Necessities
  4. Code Poet
  5. Anatomy 101
  6. What's In A Name?
By: Harish Kamath, (c) Melonfire
Rating: starstarstarstarstar / 34
April 04, 2003

print this article


In case you're not familiar with LDAP, this section is designed to give you a crash course in the basics. It is not intended to be exhaustive - you should take a look at the links at the end of this article for more detailed material - but it should get you through the remainder of this article without confusing you too much.

An LDAP directory is usually structured hierarchically, as a tree of nodes (the LDAP directory tree is sometimes referred to as the Directory Information Tree, or DIT). Each node represents a record, or "entry", in the LDAP database.

An LDAP entry consists of numerous attribute-value pairs, and is uniquely identified by what is known as a "distinguished name" or "DN". If you're familiar with RDBMS, it's pretty easy to draw an analogy here: an LDAP entry is analogous to a record, its attributes are the fields of that record, and a DN is a primary key that uniquely identifies each record.

Consider the following example of an LDAP entry, which might help make things clearer:

dn: mail=sue@my-domain.com, dc=my-domain, dc=com objectclass: inetOrgPerson cn: Sue sn: Jones mail: sue@my-domain.com telephoneNumber: 1 234 567 8912
This is an entry for a single person, Sue Jones. As you can see, the different components of the entry - name, email address, telephone number - are split into attribute-value pairs, with the entire record identified by a unique DN (the first line of the entry). Some of these attributes are required and some are optional, depending on the object class being used for the entry (more on this later); however, the entire set of data constitutes a single entry, or node, on the LDAP directory tree.

Since LDAP entries are arranged in a hierarchical tree, and since each node on the tree can be uniquely identified by a DN, the LDAP model lends itself well to sophisticated queries and powerful search filters. For example, I could restrict my search to a particular subset of the tree simply by specifying a different base for the query to begin from, or query only against specific attributes in the directory tree. Heck, I could even do both, and feel like a Real Programmer!

>>> More PHP Articles          >>> More By Harish Kamath, (c) Melonfire

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates


Dev Shed Tutorial Topics: