我正在尝试创建一个PHP脚本,该脚本将返回属于Active Directory中特定组的每个成员的一些详细信息。
连接和显示群组成员的姓名(CN)没有问题,但是当涉及到显示电话,电子邮件和用户名等详细信息时,我被卡住了。
这是我正在尝试的代码。谁能看到我做错了什么?
<?php
$ldap_server = "AD_Server.domain.pri:389";
$auth_user = "user@domain.pri";
$auth_pass = "password";
$base_dn = "OU=IM Groups,OU=GLOBAL,DC=domain,DC=pri";
$filter = "(&(objectCategory=user)(memberOf=IM-ALL_USERS))";
// connect to server
if (!($connect=@ldap_connect($ldap_server))) {
die("Could not connect to ldap server");
}
// bind to server
if (!($bind = ldap_bind($connect, $auth_user, $auth_pass))) {
die("Unable to bind to server");
}
// search active directory
if (!($search = ldap_search($connect, $base_dn, $filter))) {
die("Unable to search ldap server");
}
$number_returned = ldap_count_entries($connect,$search);
$info = ldap_get_entries($connect, $search);
echo "The number of entries returned is ". $number_returned."<p>";
for ($i=0; $i<$info["count"]; $i++) {
echo "Name is: ". $info[$i]["givenname"][0]."<br>";
echo "Display name is: ". $info[$i]["displayname"][0]."<br>";
echo "Email is: ". $info[$i]["mail"][0]."<br>";
echo "Telephone number is: ". $info[$i]["telephonenumber"][0]."<p>";
}
?>
答案 0 :(得分:7)
使用Sam J Levy创建的优秀功能完成了工作。
这是最终的代码。
<?php
function explode_dn($dn, $with_attributes=0)
{
$result = ldap_explode_dn($dn, $with_attributes);
foreach($result as $key => $value) $result[$key] = preg_replace("/\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", $value);
return $result;
}
function get_members($group,$user,$password) {
$ldap_host = "LDAPSERVER";
$ldap_dn = "OU=some_group,OU=some_group,DC=company,DC=com";
$base_dn = "DC=company,DC=com";
$ldap_usr_dom = "@company.com";
$ldap = ldap_connect($ldap_host);
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION,3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS,0);
ldap_bind($ldap, $user . $ldap_usr_dom, $password);
$results = ldap_search($ldap,$ldap_dn, "cn=" . $group);
$member_list = ldap_get_entries($ldap, $results);
$dirty = 0;
$group_member_details = array();
foreach($member_list[0]['member'] as $member) {
if($dirty == 0) {
$dirty = 1;
} else {
$member_dn = explode_dn($member);
$member_cn = str_replace("CN=","",$member_dn[0]);
$member_search = ldap_search($ldap, $base_dn, "(CN=" . $member_cn . ")");
$member_details = ldap_get_entries($ldap, $member_search);
$group_member_details[] = array($member_details[0]['givenname'][0],$member_details[0]['sn'][0],$member_details[0]['telephonenumber'][0],$member_details[0]['othertelephone'][0]);
}
}
ldap_close($ldap);
return $group_member_details;
}
// Specify the group from where to get members and a username and password with rights to query it
$result = get_members("groupname","username","password");
// The following will create an XML file with the details from $group_member_details
$xml = simplexml_load_string("<?xml version='1.0'?>\n<AddressBook></AddressBook>");
$version = $xml->addChild('version', '1');
foreach($result as $e) {
$contact = $xml->addChild('Contact');
$contact->addChild('FirstName', $e[0]);
$contact->addChild('LastName', $e[1]);
$phone = $contact->addChild('Phone');
if ($e[3] == '') {
$phone->addChild('phonenumber', '0');
} else {
$phone->addChild('phonenumber', $e[3]);
}
$phone->addChild('accountindex', '0');
$phone = $contact->addChild('Phone');
if ($e[2] == '') {
$phone->addChild('phonenumber', '0');
} else {
$phone->addChild('phonenumber', $e[2]);
}
$phone->addChild('accountindex', '1');
$contact->addChild('Group', '0');
$contact->addChild('PhotoUrl', 'empty');
}
$xml->asXML('phonebook.xml');
?>