Home arrow PHP arrow Page 5 - Using PHP With LDAP (part 1)

Anatomy 101 - PHP

Among its many other capabilities, PHP also comes with afull-featured API to connect to, and communicate with, LDAP directoryservers. This article explores how PHP and LDAP can be used together,beginning with a crash course in LDAP basics and proceeding to a series ofsimple examples that demonstrate how PHP can be used to search an LDAPdirectory and format the results for the Web.

  1. Using PHP With LDAP (part 1)
  2. Looking For Answers
  3. The Bare Necessities
  4. Code Poet
  5. Anatomy 101
  6. What's In A Name?
By: Harish Kamath, (c) Melonfire
Rating: starstarstarstarstar / 34
April 04, 2003

print this article


At the onset, I should tell you that communicating with an LDAP server through PHP is very similar to communicating with a database server - open a connection, use the connection to search for some information, iterate over the resource handle containing the results of the search and close the connection.

1. Let's begin with the basic connection.

<?php // specify the LDAP server to connect to $conn = ldap_connect("localhost") or die("Could not connect to server"); ?>
The ldap_connect() function is used to open a connection with the LDAP server. If a connection is possible, the function returns a link identifier that is used for all subsequent communication with the LDAP server. If a connection is not possible, the function returns false.

By default, the ldap_connect() function looks for an LDAP server on port 389. In case your LDAP server is running on a non-standard port, you can specify that port number as an additional argument to ldap_connect(), as in the following code snippet.

<?php // LDAP server running on non-standard port 510 $conn = ldap_connect("localhost", 510) or die("Could not connect to server"); ?>
2. Once a connection is established, the next step is to "bind" it to the LDAP server via the ldap_bind() function call.

<?php // bind to the LDAP server specified above $r = ldap_bind($conn) or die("Could not bind to server"); ?>
In the example above, this is a so-called "anonymous" bind, as no authentication credentials are provided in my call to ldap_bind().

3. Now for the meat of the script - the ldap_search() function.

<?php // start searching // specify both the start location and the search criteria // in this case, start at the top and return all entries $result = ldap_search($conn,"dc=my-domain,dc=com", "(cn=*)") or die ("Error in search query"); ?>
This function requires three parameters - the LDAP link identifier, the DN of the location in the LDAP hierarchy where the search should begin, and the search query string itself. In the example above, I'm asking the system to begin searching at the root of the hierarchy, and return all entries which have a valid common name ("cn") attribute.

The return value of ldap_search() is a result set with the entries that match the query.

4. Once a result set has been obtained, the entries within it may be placed in a multi-dimensional array via a call to ldap_get_entries().

<?php // get entry data as array $info = ldap_get_entries($conn, $result); // iterate over array and print data for each entry for ($i=0; $i<$info["count"]; $i++) { echo "dn is: ". $info[$i]["dn"] ."<br>"; echo "first cn is: ". $info[$i]["cn"][0] ."<br>"; echo "first email address is: ". $info[$i]["mail"][0] ."<p>"; } ?>
Every element of this array corresponds to one entry from the LDAP directory. Each of these elements (entries) is further structured as an array, whose elements correspond to the attributes of each entry; these attributes may be accessed either by name or index number. A "for" loop is used to iterate over this multi-dimensional array, and return a subset of the data within it.

A count of all the entries in the result set can be obtained via a call to ldap_count_entries()

<?php // print number of entries found echo "Number of entries found: " . ldap_count_entries($conn, $result) . "<p>"; ?>
5. Once the result set has been processed, the connection to the LDAP server can be closed via a call to ldap_close().

<?php // all done? clean up ldap_close($conn); ?>
It's generally a good idea to close the connection once you're done using it, so that system resources used by the script are freed up and made available to other programs.

The five steps outlined above make up a general template for interacting with an LDAP server through PHP. You will see that these steps (and the code that they consist of) recur over almost every example in this tutorial.

>>> More PHP Articles          >>> More By Harish Kamath, (c) Melonfire

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates


Dev Shed Tutorial Topics: