所以我有以下代码来检索LDAP记录
$filter = "(&(givenName=myfirstname)(sn=mylastname)";
$ldapconnectionid = @ldap_connect("my-host-here");
$ldapbindid = @ldap_bind($ldapconnectionid, "my-bind-dn", "my-password");
$ldapsearch = @ldap_search($ldapconnectionid, $basedn, $filter));
$ldapgetentries = @ldap_get_entries($ldapconnectionid, $ldapsearch));
echo "<pre>";print_r($ldapgetentries);echo "</pre>";
var_dump($ldapgetentries);
结果显示在底部。
我尝试了这两个命令
$ldapadd = @ldap_add($ldapconnectionid, "my-dn", array( "personRole" => array( "count" => 1, 0 => "ProspectiveClient")));
$ldapmodify = @ldap_modify($ldapconnectionid, "my-dn", array( "personDOB" => array( "count" => 1, 0 => "1990-01-01")));
两者都返回false(即操作不成功)。我已经与我们的LDAP服务器负责人核实了,她说我用来绑定的帐户肯定有写访问权。
任何想法我可能做错了什么?我感觉我传递给LDAP函数的数组值是错误的。
非常感谢!
PS。由于我无法共享公司信息,因此我用假邮件替换了主机,用户名,密码等。
var_dump的结果
array(2) { ["count"]=> int(1) [0]=> array(44) { ["formusermove"]=> array(2) { ["count"]=> int(1) [0]=> string(4) "true" } [0]=> string(12) "formusermove" ["pwdset"]=> array(2) { ["count"]=> int(1) [0]=> string(5) "false" } [1]=> string(6) "pwdset" ["ATTpersondirectoryid"]=> array(2) { ["count"]=> int(1) [0]=> string(6) "370356" } [2]=> string(25) "ATTpersondirectoryid" ["ATTpersondob"]=> array(2) { ["count"]=> int(1) [0]=> string(10) "1990-01-01" } [3]=> string(17) "ATTpersondob" ["ATTpersonclientnumber"]=> array(2) { ["count"]=> int(1) [0]=> string(7) "1234567" } [4]=> string(27) "ATTpersonclientnumber" ["dirxml-passwordsyncstatus"]=> array(2) { ["count"]=> int(1) [0]=> string(100) "CFDD2797F6FCCF4DE3A9CFDD2797F6FC20160715032057530000000000001Code(-8032) Operation vetoed by policy." } [5]=> string(25) "dirxml-passwordsyncstatus" ["dirxml-associations"]=> array(3) { ["count"]=> int(2) [0]=> string(56) "cn=UAT-GEN-LOOPBACK,cn=Driver Set,o=RESOURCES#1#myusername" [1]=> string(53) "cn=UAT-SA-TEXT-IN,cn=Driver Set,o=RESOURCES#1#1234567" } [6]=> string(19) "dirxml-associations" ["uid"]=> array(2) { ["count"]=> int(1) [0]=> string(8) "myusername" } [7]=> string(3) "uid" ["givenname"]=> array(2) { ["count"]=> int(1) [0]=> string(4) "John" } [8]=> string(9) "givenname" ["fullname"]=> array(2) { ["count"]=> int(1) [0]=> string(10) "John Smith" } [9]=> string(8) "fullname" ["title"]=> array(2) { ["count"]=> int(1) [0]=> string(2) "Ms" } [10]=> string(5) "title" ["sn"]=> array(2) { ["count"]=> int(1) [0]=> string(5) "Smith" } [11]=> string(2) "sn" ["passworduniquerequired"]=> array(2) { ["count"]=> int(1) [0]=> string(5) "FALSE" } [12]=> string(22) "passworduniquerequired" ["passwordrequired"]=> array(2) { ["count"]=> int(1) [0]=> string(4) "TRUE" } [13]=> string(16) "passwordrequired" ["passwordminimumlength"]=> array(2) { ["count"]=> int(1) [0]=> string(1) "6" } [14]=> string(21) "passwordminimumlength" ["passwordallowchange"]=> array(2) { ["count"]=> int(1) [0]=> string(4) "TRUE" } [15]=> string(19) "passwordallowchange" ["objectclass"]=> array(9) { ["count"]=> int(8) [0]=> string(13) "inetOrgPerson" [1]=> string(13) "srvprvUserAux" [2]=> string(14) "ATTPerson" [3]=> string(20) "organizationalPerson" [4]=> string(6) "Person" [5]=> string(18) "ndsLoginProperties" [6]=> string(3) "Top" [7]=> string(29) "DirXML-PasswordSyncStatusUser" } [16]=> string(11) "objectclass" ["loginexpirationtime"]=> array(2) { ["count"]=> int(1) [0]=> string(15) "20161231000000Z" } [17]=> string(19) "loginexpirationtime" ["logindisabled"]=> array(2) { ["count"]=> int(1) [0]=> string(4) "TRUE" } [18]=> string(13) "logindisabled" ["cn"]=> array(2) { ["count"]=> int(1) [0]=> string(8) "myusername" } [19]=> string(2) "cn" ["acl"]=> array(7) { ["count"]=> int(6) [0]=> string(74) "2#subtree#cn=myusername,ou=INACTIVE,ou=PEOPLE,o=DATA#[All Attributes Rights]" [1]=> string(60) "6#entry#cn=myusername,ou=INACTIVE,ou=PEOPLE,o=DATA#loginScript" [2]=> string(30) "2#entry#[Public]#messageServer" [3]=> string(30) "2#entry#[Root]#groupMembership" [4]=> string(70) "6#entry#cn=myusername,ou=INACTIVE,ou=PEOPLE,o=DATA#printJobConfiguration" [5]=> string(29) "2#entry#[Root]#networkAddress" } [20]=> string(3) "acl" ["count"]=> int(21) ["dn"]=> string(40) "cn=myusername,ou=INACTIVE,ou=PEOPLE,o=DATA" } }
print_r的结果
Array
(
[count] => 1
[0] => Array
(
[formusermove] => Array
(
[count] => 1
[0] => true
)
[0] => formusermove
[pwdset] => Array
(
[count] => 1
[0] => false
)
[1] => pwdset
[ATTpersondirectoryid] => Array
(
[count] => 1
[0] => 370356
)
[2] => ATTpersondirectoryid
[ATTpersondob] => Array
(
[count] => 1
[0] => 1990-01-01
)
[3] => ATTpersondob
[ATTpersonclientnumber] => Array
(
[count] => 1
[0] => 1234567
)
[4] => ATTpersonclientnumber
[dirxml-passwordsyncstatus] => Array
(
[count] => 1
[0] => CFDD2797F6FCCF4DE3A9CFDD2797F6FC20160715032057530000000000001Code(-8032) Operation vetoed by policy.
)
[5] => dirxml-passwordsyncstatus
[dirxml-associations] => Array
(
[count] => 2
[0] => cn=UAT-GEN-LOOPBACK,cn=Driver Set,o=RESOURCES#1#myusername
[1] => cn=UAT-SA-TEXT-IN,cn=Driver Set,o=RESOURCES#1#1234567
)
[6] => dirxml-associations
[uid] => Array
(
[count] => 1
[0] => myusername
)
[7] => uid
[givenname] => Array
(
[count] => 1
[0] => John
)
[8] => givenname
[fullname] => Array
(
[count] => 1
[0] => John Smith
)
[9] => fullname
[title] => Array
(
[count] => 1
[0] => Ms
)
[10] => title
[sn] => Array
(
[count] => 1
[0] => Smith
)
[11] => sn
[passworduniquerequired] => Array
(
[count] => 1
[0] => FALSE
)
[12] => passworduniquerequired
[passwordrequired] => Array
(
[count] => 1
[0] => TRUE
)
[13] => passwordrequired
[passwordminimumlength] => Array
(
[count] => 1
[0] => 6
)
[14] => passwordminimumlength
[passwordallowchange] => Array
(
[count] => 1
[0] => TRUE
)
[15] => passwordallowchange
[objectclass] => Array
(
[count] => 8
[0] => inetOrgPerson
[1] => srvprvUserAux
[2] => ATTPerson
[3] => organizationalPerson
[4] => Person
[5] => ndsLoginProperties
[6] => Top
[7] => DirXML-PasswordSyncStatusUser
)
[16] => objectclass
[loginexpirationtime] => Array
(
[count] => 1
[0] => 20161231000000Z
)
[17] => loginexpirationtime
[logindisabled] => Array
(
[count] => 1
[0] => TRUE
)
[18] => logindisabled
[cn] => Array
(
[count] => 1
[0] => myusername
)
[19] => cn
[acl] => Array
(
[count] => 6
[0] => 2#subtree#cn=myusername,ou=INACTIVE,ou=PEOPLE,o=DATA#[All Attributes Rights]
[1] => 6#entry#cn=myusername,ou=INACTIVE,ou=PEOPLE,o=DATA#loginScript
[2] => 2#entry#[Public]#messageServer
[3] => 2#entry#[Root]#groupMembership
[4] => 6#entry#cn=myusername,ou=INACTIVE,ou=PEOPLE,o=DATA#printJobConfiguration
[5] => 2#entry#[Root]#networkAddress
)
[20] => acl
[count] => 21
[dn] => cn=myusername,ou=INACTIVE,ou=PEOPLE,o=DATA
)
)