Blog
Sep 22

Connect to an LDAP server with PHP

This is just a small function that I wrote to connect to an LDAP server.  It will connect to one server but will take multiple domains within that server as arguments.  It parses the results and outputs three very common fields (firstname, lastname, and email address).  The code is pretty well documented, so I’ll just leave it at that.

<?php
/**
 * Merge data from an LDAP search from multiple domains into a single array
 *
 * Connect to a single LDAP server and supply one or multiple domains to search and
 * this function will loop through each domain adding a new entry to the array for each
 * new element provided in LDAP.  Currently it only provides the firstname, lastname,
 * and email as outputs.
 *
 * @access	public
 *
 * @param	string	$ldapserver e.g. 10.12.12.234
 * @param	string	$user e.g. uid=username
 * @param	string	$pass e.g. 0sIF38!@jf
 * @param	array 	$ldapdn e.g. array( "dc=example,dc=com" )
 * @param	string	$search e.g sn=*\
 *
 * @return	array	$details = array ( 0 => array ( "firstname" => "joe",
 *					"lastname" => "sands", "email" => "[email protected]" ) )
 *
 */

function mergeLdapDn( $ldapserver = "", $user = "", $pass = "", $ldapdn = array(), $search = "" ) {

	// basic sequence with LDAP is connect, bind, search, interpret search result, close connection	

	// connect to ldap server
	$ldapconn = ldap_connect($ldapserver)
	or die("Could not connect to LDAP server.");

	// Set some ldap options for talking to
	ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
	ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);

	if ($ldapconn) :
		ldap_bind($ldapconn, $user, $pass);
		// Loop through each of the dn-s supplied in the function
		foreach ( $ldapdn as $dn ) :
			// Search surname entry
			$sr=ldap_search($ldapconn, $dn, $search);
			$entries = ldap_get_entries($ldapconn, $sr);
			// Loop through the result set keeping only the necessary info
			foreach ( $entries as $entry ) :
				// Throw out the entry if there is no first name listed
				if(isset($entry["givenname"])) :
					$details[] = array(
							"firstname" => $entry["givenname"][0],
							"lastname" => $entry["sn"][0],
							"email" => $entry["mail"][0]
							);
				endif;
			endforeach;
		endforeach;
		ldap_close($ldapconn);
		return $details;
	else :
		return false;
	endif;
}
?>

About The Author

Jon Wadsworth is the lead developer for JRWDevelopment LLC. He has more than 11 years of experience working in web development with specialties in PHP, WordPress, Laravel, and Django. Hire Me

Leave a Reply