php ldap获取节点中的所有(递归)activedirectory用户
我这里有一个活动目录:
现在我将一个组名发布到ldap函数,并希望获得该组下的所有用户..
我跑了这个:
ldap_search($ldap_con, "DC=Company,DC=Intra", "(&(&(objectClass=user)(objectCategory=Person))(CN=*))");
它检索域中的所有用户,我只想在特定组中进行检索 我尝试过(这些用户看起来像'OU =公司名称'),但这些用户都没有工作..
ldap_search($ldap_con, "DC=Company,DC=Intra", "(&(&(objectClass=user)(objectCategory=Person))(CN=*,OU=Company))");
ldap_search($ldap_con, "DC=Company,DC=Intra", "(&(&(objectClass=user)(objectCategory=Person))(memberOf=OU=Company Name))");
ldap_search($ldap_con, "DC=Company,DC=Intra", "(&(&(objectClass=user)(objectCategory=Person))(memberOf=Kullanicilar,OU=Company Name))");
即使这不起作用:
ldap_search($ldap_con, "DC=Company,DC=Intra", "(&(&(objectClass=user)(objectCategory=Person))(OU=*))");
我是否必须在搜索参数中使用CN?如何在同一查询中检索CN和OU中的用户?
2 个答案:
答案 0 :(得分:0)
我找到了实现目标的方法。 ldap_search函数需要3个参数:(“ldap连接实例”,“基本节点路径,其distinguishedname属性的值..”,“和对象查询param,其静态,objectClass=user和{{1}需要将广告对象作为用户对象,所以..“)
这是我的函数(这个exp。检索你在上面讨论的节点中的用户):
objectCategory=Person它对我有用。如果有人需要,我希望这会有所帮助。
答案 1 :(得分:0)
我无法使它正常工作,所以我自己建立了。在具有多个组的OU中搜索的结果:
Name Members
Depth Object Path
groupname_users
1 user2
1 user1
groupname_admins
1 user2
groupname_group1
1 groupname_users
2 user2 groupname_users =>
2 user1 groupname_users =>
groupname_groups
1 groupname_group1
2 groupname_users groupname_group1 =>
3 user2 groupname_group1 => groupname_users =>
3 user1 groupname_group1 => groupname_users =>
使用以下功能创建:
public function ldap_get_groups($ld_prim_group){
$master = array();
function ldap_get_group_data($group,$con,$depth,$path,$parent) {
if ($parentData=ldap_read($con,$group, "(|(objectclass=person)(objectclass=groupOfNames))", array('cn','dn','member','objectclass'))){
$entry = ldap_get_entries($con, $parentData); #get all info from query
if($entry['count']>0){ //only if object person / group, will alway return 1 array!
$obj_group['objectclass']=$entry[0]['objectclass'][0];
$obj_group['cn']=$entry[0]['cn'][0];
$obj_group['dn']=$entry[0]['dn'];
$obj_group['memberCount']=$entry['0']['member']['count'] ?? 0;
unset($entry['0']['member']['count']); //remove awefull count key
$obj_group['member']=$entry[0]['member'] ?? null; //if entry has members than copy to object.
$obj_group['depth']=$depth;
$obj_group['path']=$path;
$parent['dn'] ? $obj_group['parentDN']= $parent['dn']:null; //create parentDN if parent['dn'] exist
$parent['cn'] ? $obj_group['parentCN']= $parent['cn']:null;
global $master;
if($depth ==0){ //modify self
$master[$depth][$obj_group['cn']]=$obj_group;
}
if($depth ==1){ //modify childs
//dept 1 = all users / groups under dept 0
$obj_group['top']=$parent['cn'];
$path .= $obj_group['cn'] . " => " ;
$master[1][$obj_group['top']][$obj_group['cn']]=$obj_group;
}
if($depth >1) { //modify grandchilds
//dept 2,3,4.. = all users / groups under dept 1
$obj_group['top']=$parent['top'];
$path .= $obj_group['cn'] . " => " ;
$master[1][$obj_group['top']][$obj_group['cn']]=$obj_group;
}
if($obj_group['objectclass']=='groupOfNames'){
#modify for next round
$depth+=1;
foreach($obj_group['member'] as $key=>$value){
ldap_get_group_data($value,$con,$depth,$path,$obj_group);
}
}
}
}
else {
#invalid primary group
return null;
}
}
$sr=ldap_search($this->cnx, $ld_prim_group, "(!(objectclass=organizationalUnit))", array('dn'));
$info = ldap_get_entries($this->cnx, $sr);
unset($info['count']);
foreach($info as $k=>$v){
if (ldap_get_group_data($v['dn'],$this->cnx,$depth=0,$path="",$parent=null)){
}
}
global $master;
return $master;
}
ldap_get_groups(“ DN_OF_GROUP_OU”);
将返回
Array
(
[0] => Array
(
[groupname_users] => Array
(
[objectclass] => groupOfNames
[cn] => groupname_users
[dn] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
[memberCount] => 2
[member] => Array
(
[0] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
[1] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
)
[depth] => 0
[path] =>
)
[groupname_admins] => Array
(
[objectclass] => groupOfNames
[cn] => groupname_admins
[dn] => cn=groupname_admins,ou=groups,ou=domain.local,dc=domain,dc=local
[memberCount] => 2
[member] => Array
(
[0] => cn=admin,dc=domain,dc=local
[1] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
)
[depth] => 0
[path] =>
)
[groupname_general] => Array
(
[objectclass] => groupOfNames
[cn] => groupname_general
[dn] => cn=groupname_general,ou=groups,ou=domain.local,dc=domain,dc=local
[memberCount] => 1
[member] => Array
(
[0] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
)
[depth] => 0
[path] =>
)
[groupname_groups] => Array
(
[objectclass] => groupOfNames
[cn] => groupname_groups
[dn] => cn=groupname_groups,ou=groups,ou=domain.local,dc=domain,dc=local
[memberCount] => 1
[member] => Array
(
[0] => cn=groupname_general,ou=groups,ou=domain.local,dc=domain,dc=local
)
[depth] => 0
[path] =>
)
)
[1] => Array
(
[groupname_users] => Array
(
[user2] => Array
(
[objectclass] => inetOrgPerson
[cn] => user2
[dn] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
[memberCount] => 0
[member] =>
[depth] => 1
[path] =>
[parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
[parentCN] => groupname_users
[top] => groupname_users
)
[user1] => Array
(
[objectclass] => inetOrgPerson
[cn] => user1
[dn] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
[memberCount] => 0
[member] =>
[depth] => 1
[path] =>
[parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
[parentCN] => groupname_users
[top] => groupname_users
)
)
[groupname_admins] => Array
(
[user2] => Array
(
[objectclass] => inetOrgPerson
[cn] => user2
[dn] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
[memberCount] => 0
[member] =>
[depth] => 1
[path] =>
[parentDN] => cn=groupname_admins,ou=groups,ou=domain.local,dc=domain,dc=local
[parentCN] => groupname_admins
[top] => groupname_admins
)
)
[groupname_general] => Array
(
[groupname_users] => Array
(
[objectclass] => groupOfNames
[cn] => groupname_users
[dn] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
[memberCount] => 2
[member] => Array
(
[0] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
[1] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
)
[depth] => 1
[path] =>
[parentDN] => cn=groupname_general,ou=groups,ou=domain.local,dc=domain,dc=local
[parentCN] => groupname_general
[top] => groupname_general
)
[user2] => Array
(
[objectclass] => inetOrgPerson
[cn] => user2
[dn] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
[memberCount] => 0
[member] =>
[depth] => 2
[path] => groupname_users =>
[parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
[parentCN] => groupname_users
[top] => groupname_general
)
[user1] => Array
(
[objectclass] => inetOrgPerson
[cn] => user1
[dn] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
[memberCount] => 0
[member] =>
[depth] => 2
[path] => groupname_users =>
[parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
[parentCN] => groupname_users
[top] => groupname_general
)
)
[groupname_groups] => Array
(
[groupname_general] => Array
(
[objectclass] => groupOfNames
[cn] => groupname_general
[dn] => cn=groupname_general,ou=groups,ou=domain.local,dc=domain,dc=local
[memberCount] => 1
[member] => Array
(
[0] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
)
[depth] => 1
[path] =>
[parentDN] => cn=groupname_groups,ou=groups,ou=domain.local,dc=domain,dc=local
[parentCN] => groupname_groups
[top] => groupname_groups
)
[groupname_users] => Array
(
[objectclass] => groupOfNames
[cn] => groupname_users
[dn] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
[memberCount] => 2
[member] => Array
(
[0] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
[1] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
)
[depth] => 2
[path] => groupname_general =>
[parentDN] => cn=groupname_general,ou=groups,ou=domain.local,dc=domain,dc=local
[parentCN] => groupname_general
[top] => groupname_groups
)
[user2] => Array
(
[objectclass] => inetOrgPerson
[cn] => user2
[dn] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
[memberCount] => 0
[member] =>
[depth] => 3
[path] => groupname_general => groupname_users =>
[parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
[parentCN] => groupname_users
[top] => groupname_groups
)
[user1] => Array
(
[objectclass] => inetOrgPerson
[cn] => user1
[dn] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
[memberCount] => 0
[member] =>
[depth] => 3
[path] => groupname_general => groupname_users =>
[parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
[parentCN] => groupname_users
[top] => groupname_groups
)
)
)
)
相关问题
- 从LDAP获取所有用户
- 获取Active Directory组中的所有用户
- Active Directory中具有相同名称的两个用户
- 通过powershell获取ActiveDirectory中不同OU的所有用户
- php ldap获取节点中的所有(递归)activedirectory用户
- 获取PHP / LDAP组中的所有用户
- PHP ActiveDirectory到LDAP - 如何查找用户主要组的名称?
- C#以DOMAIN \ User格式获取所有ActiveDirectory用户
- npm activedirectory获取objectGUID
- 如何使用ActiveDirectory库从LDAP AD组中获取所有用户?
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?