我正在尝试连接到Active Directory并验证我的用户是否可以正常工作,并且我检索了某个字段,该字段返回了工资和存储在AD中的薪资/ ESS应用程序的employeecode,此代码已在多个不同的客户端上工作,但是突然在一个客户端上,代码一直运行到到达ldap_get_entries为止,ldap_search成功运行,但是get_entries中没有返回任何内容
如果检查了一些类似的问题,即人们在过滤器中将sAMAccount更改为uid或电子邮件,但这并没有帮助我解决此问题,那么有人可能会想到我错过了什么使该代码在一个系统上失败但是对别人很好
魔术发生在第二个函数(RetrieveADEntry)中,第一个(Authenticate)只是为了显示我的联系
public function authenticate()
{
error_reporting(0);
//10.0.4.22
$this->ldapConnection = ldap_connect($this->mHost, $this->mPort);
if(isset($this->ldapConnection))
{
if(trim($this->mUsername) === "")
{
$this->mErrorCode = ERR_USERNAME_REQUIRED;
$this->mConnected = false;
return false;
}
else if(trim($this->mPassword) === "")
{
$this->mErrorCode = ERR_PASSWORD_REQUIRED;
$this->mConnected = false;
return false;
}
echo "pre bind";
ldap_set_option($this->ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
if ($this->mGroup == null)
{
$ldaprdn = $this->mPrdn . "\\" . $this->mUsername;
}
else
{
$ldaprdn = 'cn='.$this->mGroup.$this->mPrdn . "\\" . $this->mUsername;
}
$mConnected = ldap_bind($this->ldapConnection, $ldaprdn, $this->mPassword);
if ($mConnected)
{
$this->retrieveADEntry();
echo "Binded";
if ($this->mErrorCode == UNAUTHORIZED)
{
$this->mErrorCode = UNAUTHORIZED;
$this->mConnected = false;
}
else if ($this->mErrorCode == ERR_LOGIN_FAILED)
{
$this->mErrorCode = ERR_LOGIN_FAILED;
$this->mConnected = false;
}
else
{
$this->mErrorCode = SUCCESSFUL;
$this->mConnected = true;
if ($data->{"rlogcompanycode"} != ''){
$this->setCompanyCode(trim((string)$data->{"rlogcompanycode"}));
}
}
}
else
{
echo "Not binded";
$this->mErrorCode = ERR_LOGIN_FAILED;
$this->mConnected = false;
}
return $this->mConnected;
}
else{
$this->mErrorCode = ERR_CONNECTION_FAILED;
$this->mConnected = false;
return false;
}
error_reporting(E_ALL);
}
private function retrieveADEntry()
{
//$ldap_base_dn = 'DC='.$this->mDC.',DC='.$this->mDomain;
$ldap_base_dn = "OU=group,DC=domain,DC=co,DC=za";
$filter = "";
$attr = array(
$this->mField,
"sAMAccountName",
);
$filter .="(sAMAccountName=$this->mUsername)";
$search_results = ldap_search($this->ldapConnection,$ldap_base_dn, $filter);
//For each account returned by the search
if (FALSE !== $search_results ){
$entries = ldap_get_entries($this->ldapConnection, $search_results);
$values = ldap_get_values($this->ldapConnection,$search_results, $attr);
$access = 0;
//For each account returned by the search
echo "succesfull query";
echo $entries['count'];
echo $this->mUsername;
var_dump($values);
for ($x=0; $x<$entries['count']; $x++)
{
echo "in loop";
var_dump($entries);
if (strpos( $entries[$x]['memberof'][0], $this->mGroup)) //Check if member is part of specified group
{
echo "GroupCheck1";
$access = 1;
$group = $this->mGroup;
}
if ($this->mGroup == null)
{
echo "GroupCheck2";
$access = 1;
}
echo "PostGroupChecks";
echo $access;
if ($access != 0)
{
echo "access";
echo $this->mField;
echo $entries[$x]['sAMAccountName'][0];
if (!empty($entries[$x][$this->mField][0]))
{
$this->setEmpkey($entries[$x][$this->mField][0]);
echo $entries[$x][$this->mField][0];
}
echo "return succesfull";
$this->mConnected = true;
$this->mErrorCode = SUCCESSFUL;
}
else
{
echo "No Access";
$this->mConnected = false;
$this->mErrorCode = UNAUTHORIZED;
} //END for loop
}
//END FALSE !== $result
ldap_unbind($ldap_connection); // Clean up after ourselves.
}
else
{
$this->mConnected = false;
$this->mErrorCode = ERR_LOGIN_FAILED;
}
return $this->ldapEntry;
}
PS。我还为我们的桌面应用程序编写了一个C#脚本,该脚本在该系统上可以正常工作,就像在所有其他系统上一样,并且不会出现此问题