Page 1 of 1

Active Directory and PHP problem

Posted: Wed May 31, 2006 5:07 am
by israel
Hello,
I've got problem with adding user in Active Directory domain on Windows 2k3 server.
I've found in php.net some examples and on other sites but I cant still add new user - I've got LDAP_OPERATIONS_ERROR.
Everything is ok if i try to search or remove user.

Code: Select all

//connecting
  $ad = ldap_connect("ldap://192.168.1.1")
        or die("Couldn't connect to AD!");

  if (ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3)) {
         echo "Using LDAPv3<br>";
      } else {
              echo "Failed to set protocol version to 3<br>";
      }
      if (ldap_set_option($ad, LDAP_OPT_REFERRALS,0)) {
         echo "Set REFERRALS 0<br>";
      } else {
              echo "Failed to set REFERRALS 0<br>";
      }

  //binding
  if($bd = ldap_bind($ad,"Administrator@projekt.isri","hasloadministratora")
        or die("Couldn't bind to AD!")){
              echo "Bind domain<br>";
        } else {
              echo "Bind domain failed<br>";
        }

/*
below is the part of code that I use to add user.

Here is the result
Warning: ldap_add() [function.ldap-add]: Add: Operations error in
.../ldaptest.php on line ...
There is a problem to create the account
Please contact your administrator !
LDAP-Errno: 1
LDAP-Error: Operations error

and the code:
*/

  $adduserAD["cn"][0] = "test";
      $adduserAD["instancetype"][0] = "4";
      $adduserAD["samaccountname"][0] = "test";
      $adduserAD["objectclass"][0] = "top";
      $adduserAD["objectclass"][1] = "person";
      $adduserAD["objectclass"][2] = "organizationalPerson";
      $adduserAD["objectclass"][3] = "user";
      $adduserAD["displayname"][0] = "test";
      $adduserAD["name"][0] = "Test";
      $adduserAD["givenname"][0] = "Test";
      $adduserAD["sn"][0] = "Test";
      $adduserAD["company"][0] = "Test";
      $adduserAD["department"][0] = "Test";
      $adduserAD["title"][0] = "Test";
      $adduserAD["description"][0] = "bka";
      $adduserAD["mail"][0] = "bla@test.com";
      $adduserAD["initials"][0] = "T";
      $adduserAD["userprincipalname"][0] = "test";

      if (!(ldap_add($ad,"CN=test,OU=Users,DC=domain",$adduserAD))){
          echo "There is a problem to create the account<br>";
          echo "Please contact your administrator !<br>";
          echo "LDAP-Errno: " . ldap_errno($ad) . "<br />";
          echo "LDAP-Error: " . ldap_error($ad) . "<br />";
          exit;
      }

/*
here is the part of the code that I use to remove user and its works
  $dn = "CN=test,CN=Users,DC=domain";
  $result = ldap_delete($ad, $dn);
  if ($result) {echo "User deleted!";}
      else {echo "There was a problem!";}
*/
Thanks