Programmatically Discover Base DN (PHP/LDAP)

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
tomprogers
Forum Commoner
Posts: 50
Joined: Fri Mar 17, 2006 5:17 pm
Location: Minnesota
Contact:

Programmatically Discover Base DN (PHP/LDAP)

Post by tomprogers »

I wrote an app that manages some integration between a website and the Active Directory. Now I discover that I'm pulling from the wrong AD (apparently we have three). I modified the server address to point to the correct directory, but now the base dn is wrong. The guy who's in charge of the directory is gone all week, so I'm trying to figure out if there's any way I can discover the base dn of this directory.

Any ideas?
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

Whats the context your searching? If it's something like: ou=classes,ou=students,o=university, the basedn would be o=university. (I'm using NDS syntax, not ActiveDirectory - so some of my wording might be off).
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
tomprogers
Forum Commoner
Posts: 50
Joined: Fri Mar 17, 2006 5:17 pm
Location: Minnesota
Contact:

Post by tomprogers »

It is a university, actually.

It's a good idea, but the problem is that the first AD I was connecting to was dc=MyU,dc=edu. This new one is something else, apparently. We publish our directory information in two formats: one that contains everyone in a deep tree (for internal use), and one that contains everyone who has not requested that their information be kept private, at a single level. I initially tried just altering the address of the ldap server (and it is binding properly), but the base dn is something else.
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

Hmm, not sure. Try dumping via LDAP, everything you know about the user you're using to bind. Maybe you can glean the base dn from that.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
tomprogers
Forum Commoner
Posts: 50
Joined: Fri Mar 17, 2006 5:17 pm
Location: Minnesota
Contact:

Post by tomprogers »

I'm actually binding anonymously. And I can't do a search for a specific user because I don't have a base dn to supply the search function. Oh, the delectable trap that is the catch-22!
Post Reply