<?php$ADUserName = "BAdmin";$ADUserPassword = "badmin123";// mydap ver

1. <?php
2.  
3. $ADUserName = "BAdmin";
4. $ADUserPassword = "badmin123";
5.  
6. // mydap version 4
7. // https://samjlevy.com/mydap-v4/
8.  
9. function mydap_start($username,$password,$host,$port=389) {
10. global $mydap;
11. if(isset($mydap)) die('Error, LDAP connection already established');
12.  
13. // Connect to AD
14. $mydap = ldap_connect($host,$port) or die('Error connecting to LDAP');
15.  
16. ldap_set_option($mydap,LDAP_OPT_PROTOCOL_VERSION,3);
17. @ldap_bind($mydap,$username,$password) or die('Error binding to LDAP: '.ldap_error($mydap));
18.  
19. return true;
20. }
21.  
22. function mydap_end() {
23. global $mydap;
24. if(!isset($mydap)) die('Error, no LDAP connection established');
25.  
26. // Close existing LDAP connection
27. ldap_unbind($mydap);
28. }
29.  
30. function mydap_attributes($user_dn,$keep=false) {
31. global $mydap;
32. if(!isset($mydap)) die('Error, no LDAP connection established');
33. if(empty($user_dn)) die('Error, no LDAP user specified');
34.  
35. // Disable pagination setting, not needed for individual attribute queries
36. ldap_control_paged_result($mydap,1);
37.  
38. // Query user attributes
39. $results = (($keep) ? ldap_search($mydap,$user_dn,'cn=*',$keep) : ldap_search($mydap,$user_dn,'cn=*'))
40. or die('Error searching LDAP: '.ldap_error($mydap));
41.  
42. $attributes = ldap_get_entries($mydap,$results);
43.  
44. // Return attributes list
45. if(isset($attributes[0])) return $attributes[0];
46. else return array();
47. }
48.  
49. function mydap_members($object_dn,$object_class='g') {
50. global $mydap;
51. if(!isset($mydap)) die('Error, no LDAP connection established');
52. if(empty($object_dn)) die('Error, no LDAP object specified');
53.  
54. // Pagination to overcome 1000 LDAP SizeLimit
55. $output = array();
56. $pagesize = 1000;
57. $counter = "";
58. do {
59. // Enable pagination
60. ldap_control_paged_result($mydap,$pagesize,true,$counter);
61.  
62. // Determine class of object we are dealing with
63. if($object_class == 'g') {
64. // Query Group members
65. $results = ldap_search($mydap,$object_dn,'cn=*',array('member')) or die('Error searching LDAP: '.ldap_error($mydap));
66. $members = ldap_get_entries($mydap,$results);
67.  
68. // No group members found
69. if(!isset($members[0]['member'])) return false;
70.  
71. // Remove 'count' element from array
72. array_shift($members[0]['member']);
73.  
74. // Append to output
75. $output = array_merge($output,$members[0]['member']);
76. } elseif($object_class == 'c' || $object_class == "o") {
77. // Query Container or Organizational Unit members
78. $results = ldap_search($mydap,$object_dn,'objectClass=user',array('sn')) or die('Error searching LDAP: '.ldap_error($mydap));
79. $members = ldap_get_entries($mydap, $results);
80.  
81. // Remove 'count' element from array
82. array_shift($members);
83.  
84. // Pull the 'dn' from each result, append to output
85. foreach($members as $e) $output[] = $e['dn'];
86. } else die("Invalid mydap_member object_class, must be c, g, or o");
87.  
88. // Retrieve pagination information/position
89. ldap_control_paged_result_response($mydap,$results,$counter);
90. } while($counter !== null && $counter != "");
91.  
92. // Return alphabetized member list
93. sort($output);
94. return $output;
95. }
96.  
97. // ==================================================================================
98. // Example Usage
99. // ==================================================================================
100.  
101. // Establish connection
102. mydap_start(
103. 'BAdmin@sensify.corp', // Active Directory search user
104. 'badmin123', // Active Directory search user password
105. '192.168.1.104', // Active Directory server
106. 389 // Port (optional)
107. );
108.  
109. // Query users using mydap_members(object_dn,object_class)
110. // The object_dn parameter should be the distinguishedName of the object
111. // The object_class parameter should be 'c' for Container, 'g' for Group, or 'o' for Organizational Unit
112. // If left blank object_class will assume Group
113. // Ex: the default 'Users' object in AD is a Container
114. // The function returns an array of member distinguishedName's
115. $members = mydap_members('CN=Users,DC=sensify,DC=corp','c');
116. if(!$members) die('No members found, make sure you are specifying the correct object_class');
117.  
118. // Now collect attributes for each member pulled
119. // Specify user attributes we want to collect, to be used as the keep parameter of mydap_attributes
120. $keep = array('samaccountname','mail');
121.  
122. // Iterate each member to get attributes
123. $i = 1; // For counting our output
124. foreach($members as $m) {
125. // Query a user's attributes using mydap_attributes(member_dn,keep)
126. // The member_dn is the step $m of this foreach
127. $attr = mydap_attributes($m,$keep);
128.  
129. // Each attribute is returned as an array, the first key is [count], [0]+ will contain the actual value(s)
130. // You will want to make sure the key exists to account for situations in which the attribute is not returned (has no value)
131. $samaccountname = isset($attr['samaccountname'][0]) ? $attr['samaccountname'][0] : "[no account name]";
132. $mail = isset($attr['mail'][0]) ? $attr['mail'][0] : "[no email]";
133.  
134. // Do what you will, such as store or display member information
135. echo "$i. $samaccountname, $mail\n";
136. var_dump($attr);
137.  
138. $i++;
139. }
140.  
141. // Here you could run another mydap_members() if needed, merge with previous results, etc.
142.  
143. // Close connection
144. mydap_end();
145.  
146. // Here you can open a new connection with mydap_connect() if needed, such as to a different AD server
147. ?>