php ldap获取节点中的所有(递归)activedirectory用户

时间:2015-10-26 10:00:35

标签: php phpldapadmin

我这里有一个活动目录:

enter image description here

现在我将一个组名发布到ldap函数,并希望获得该组下的所有用户..

我跑了这个:

ldap_search($ldap_con, "DC=Company,DC=Intra", "(&(&(objectClass=user)(objectCategory=Person))(CN=*))");

它检索域中的所有用户,我只想在特定组中进行检索 我尝试过(这些用户看起来像'OU =公司名称'),但这些用户都没有工作..

ldap_search($ldap_con, "DC=Company,DC=Intra", "(&(&(objectClass=user)(objectCategory=Person))(CN=*,OU=Company))");
ldap_search($ldap_con, "DC=Company,DC=Intra", "(&(&(objectClass=user)(objectCategory=Person))(memberOf=OU=Company Name))");
ldap_search($ldap_con, "DC=Company,DC=Intra", "(&(&(objectClass=user)(objectCategory=Person))(memberOf=Kullanicilar,OU=Company Name))");

即使这不起作用:

ldap_search($ldap_con, "DC=Company,DC=Intra", "(&(&(objectClass=user)(objectCategory=Person))(OU=*))");

我是否必须在搜索参数中使用CN?如何在同一查询中检索CN和OU中的用户?

2 个答案:

答案 0 :(得分:0)

我找到了实现目标的方法。 ldap_search函数需要3个参数:(“ldap连接实例”,“基本节点路径,其distinguishedname属性的值..”,“和对象查询param,其静态,objectClass=user和{{1}需要将广告对象作为用户对象,所以..“)

这是我的函数(这个exp。检索你在上面讨论的节点中的用户):

objectCategory=Person

它对我有用。如果有人需要,我希望这会有所帮助。

答案 1 :(得分:0)

我无法使它正常工作,所以我自己建立了。在具有多个组的OU中搜索的结果:

Name    Members

    Depth   Object  Path
groupname_users          
    1   user2   
    1   user1   
groupname_admins             
    1   user2   
groupname_group1             
    1   groupname_users 
    2   user2   groupname_users =>
    2   user1   groupname_users =>
groupname_groups             
    1   groupname_group1    
    2   groupname_users groupname_group1 =>
    3   user2   groupname_group1 => groupname_users =>
    3   user1   groupname_group1 => groupname_users =>

使用以下功能创建:

public function ldap_get_groups($ld_prim_group){
    $master = array();
    function ldap_get_group_data($group,$con,$depth,$path,$parent) {

        if ($parentData=ldap_read($con,$group, "(|(objectclass=person)(objectclass=groupOfNames))", array('cn','dn','member','objectclass'))){
            $entry = ldap_get_entries($con, $parentData); #get all info from query
            if($entry['count']>0){ //only if object person / group, will alway return 1 array!
                $obj_group['objectclass']=$entry[0]['objectclass'][0];
                $obj_group['cn']=$entry[0]['cn'][0];
                $obj_group['dn']=$entry[0]['dn'];
                $obj_group['memberCount']=$entry['0']['member']['count'] ?? 0;
                unset($entry['0']['member']['count']);  //remove awefull count key
                $obj_group['member']=$entry[0]['member'] ?? null; //if entry has members than copy to object.
                $obj_group['depth']=$depth;
                $obj_group['path']=$path;
                $parent['dn'] ? $obj_group['parentDN']= $parent['dn']:null; //create parentDN if parent['dn'] exist     
                $parent['cn'] ? $obj_group['parentCN']= $parent['cn']:null;         

                global $master;

                if($depth ==0){ //modify self
                    $master[$depth][$obj_group['cn']]=$obj_group;
                }
                if($depth ==1){ //modify childs
                    //dept 1 = all users / groups under dept 0
                    $obj_group['top']=$parent['cn'];
                    $path .= $obj_group['cn'] . " => " ;
                    $master[1][$obj_group['top']][$obj_group['cn']]=$obj_group;
                }
                if($depth >1) { //modify grandchilds
                    //dept 2,3,4.. = all users / groups under dept 1
                    $obj_group['top']=$parent['top'];
                    $path .= $obj_group['cn'] . " => " ;
                    $master[1][$obj_group['top']][$obj_group['cn']]=$obj_group;
                }


                if($obj_group['objectclass']=='groupOfNames'){
                    #modify for next round  
                    $depth+=1;
                    foreach($obj_group['member'] as $key=>$value){
                        ldap_get_group_data($value,$con,$depth,$path,$obj_group);
                    }

                }   
            }
        }

        else { 
            #invalid primary group
            return null;
        }
    }

    $sr=ldap_search($this->cnx, $ld_prim_group, "(!(objectclass=organizationalUnit))", array('dn'));
    $info = ldap_get_entries($this->cnx, $sr);
    unset($info['count']);  
    foreach($info as $k=>$v){
    if (ldap_get_group_data($v['dn'],$this->cnx,$depth=0,$path="",$parent=null)){

        }
    }
    global $master;
    return  $master;
}

ldap_get_groups(“ DN_OF_GROUP_OU”);

将返回

Array
(
    [0] => Array
        (
            [groupname_users] => Array
                (
                    [objectclass] => groupOfNames
                    [cn] => groupname_users
                    [dn] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
                    [memberCount] => 2
                    [member] => Array
                        (
                            [0] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
                            [1] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
                        )

                    [depth] => 0
                    [path] => 
                )

            [groupname_admins] => Array
                (
                    [objectclass] => groupOfNames
                    [cn] => groupname_admins
                    [dn] => cn=groupname_admins,ou=groups,ou=domain.local,dc=domain,dc=local
                    [memberCount] => 2
                    [member] => Array
                        (
                            [0] => cn=admin,dc=domain,dc=local
                            [1] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
                        )

                    [depth] => 0
                    [path] => 
                )

            [groupname_general] => Array
                (
                    [objectclass] => groupOfNames
                    [cn] => groupname_general
                    [dn] => cn=groupname_general,ou=groups,ou=domain.local,dc=domain,dc=local
                    [memberCount] => 1
                    [member] => Array
                        (
                            [0] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
                        )

                    [depth] => 0
                    [path] => 
                )

            [groupname_groups] => Array
                (
                    [objectclass] => groupOfNames
                    [cn] => groupname_groups
                    [dn] => cn=groupname_groups,ou=groups,ou=domain.local,dc=domain,dc=local
                    [memberCount] => 1
                    [member] => Array
                        (
                            [0] => cn=groupname_general,ou=groups,ou=domain.local,dc=domain,dc=local
                        )

                    [depth] => 0
                    [path] => 
                )

        )

    [1] => Array
        (
            [groupname_users] => Array
                (
                    [user2] => Array
                        (
                            [objectclass] => inetOrgPerson
                            [cn] => user2
                            [dn] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
                            [memberCount] => 0
                            [member] => 
                            [depth] => 1
                            [path] => 
                            [parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
                            [parentCN] => groupname_users
                            [top] => groupname_users
                        )

                    [user1] => Array
                        (
                            [objectclass] => inetOrgPerson
                            [cn] => user1
                            [dn] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
                            [memberCount] => 0
                            [member] => 
                            [depth] => 1
                            [path] => 
                            [parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
                            [parentCN] => groupname_users
                            [top] => groupname_users
                        )

                )

            [groupname_admins] => Array
                (
                    [user2] => Array
                        (
                            [objectclass] => inetOrgPerson
                            [cn] => user2
                            [dn] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
                            [memberCount] => 0
                            [member] => 
                            [depth] => 1
                            [path] => 
                            [parentDN] => cn=groupname_admins,ou=groups,ou=domain.local,dc=domain,dc=local
                            [parentCN] => groupname_admins
                            [top] => groupname_admins
                        )

                )

            [groupname_general] => Array
                (
                    [groupname_users] => Array
                        (
                            [objectclass] => groupOfNames
                            [cn] => groupname_users
                            [dn] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
                            [memberCount] => 2
                            [member] => Array
                                (
                                    [0] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
                                    [1] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
                                )

                            [depth] => 1
                            [path] => 
                            [parentDN] => cn=groupname_general,ou=groups,ou=domain.local,dc=domain,dc=local
                            [parentCN] => groupname_general
                            [top] => groupname_general
                        )

                    [user2] => Array
                        (
                            [objectclass] => inetOrgPerson
                            [cn] => user2
                            [dn] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
                            [memberCount] => 0
                            [member] => 
                            [depth] => 2
                            [path] => groupname_users => 
                            [parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
                            [parentCN] => groupname_users
                            [top] => groupname_general
                        )

                    [user1] => Array
                        (
                            [objectclass] => inetOrgPerson
                            [cn] => user1
                            [dn] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
                            [memberCount] => 0
                            [member] => 
                            [depth] => 2
                            [path] => groupname_users => 
                            [parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
                            [parentCN] => groupname_users
                            [top] => groupname_general
                        )

                )

            [groupname_groups] => Array
                (
                    [groupname_general] => Array
                        (
                            [objectclass] => groupOfNames
                            [cn] => groupname_general
                            [dn] => cn=groupname_general,ou=groups,ou=domain.local,dc=domain,dc=local
                            [memberCount] => 1
                            [member] => Array
                                (
                                    [0] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
                                )

                            [depth] => 1
                            [path] => 
                            [parentDN] => cn=groupname_groups,ou=groups,ou=domain.local,dc=domain,dc=local
                            [parentCN] => groupname_groups
                            [top] => groupname_groups
                        )

                    [groupname_users] => Array
                        (
                            [objectclass] => groupOfNames
                            [cn] => groupname_users
                            [dn] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
                            [memberCount] => 2
                            [member] => Array
                                (
                                    [0] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
                                    [1] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
                                )

                            [depth] => 2
                            [path] => groupname_general => 
                            [parentDN] => cn=groupname_general,ou=groups,ou=domain.local,dc=domain,dc=local
                            [parentCN] => groupname_general
                            [top] => groupname_groups
                        )

                    [user2] => Array
                        (
                            [objectclass] => inetOrgPerson
                            [cn] => user2
                            [dn] => cn=user2,ou=users,ou=domain.local,dc=domain,dc=local
                            [memberCount] => 0
                            [member] => 
                            [depth] => 3
                            [path] => groupname_general => groupname_users => 
                            [parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
                            [parentCN] => groupname_users
                            [top] => groupname_groups
                        )

                    [user1] => Array
                        (
                            [objectclass] => inetOrgPerson
                            [cn] => user1
                            [dn] => cn=user1,ou=users,ou=domain.local,dc=domain,dc=local
                            [memberCount] => 0
                            [member] => 
                            [depth] => 3
                            [path] => groupname_general => groupname_users => 
                            [parentDN] => cn=groupname_users,ou=groups,ou=domain.local,dc=domain,dc=local
                            [parentCN] => groupname_users
                            [top] => groupname_groups
                        )

                )

        )

)