This is true, but just tried it all lower case, still receiving nothing back.pickle wrote:It may be case sensitive. You said you were checking memberOf, and in the example it's memberof. May be significant.
Reading members of Security Group w/in LDAP - HELP
Moderator: General Moderators
Well, I got some new results...
Filter set to:
With the search set to:
It returns all the attributes of the group, including the members, but I can't get it it to just display the members, yet...
Filter set to:
Code: Select all
$filter = "(cn=*)";Code: Select all
$sr=ldap_search($ds,"cn=sAdministrative,ou=Administrative,ou=Employees,dc=domain,dc=com",$filter);This sounds kind of ridicluous (but it's Microsoft so who knows), change your filter to not look for memberof=sAdministrative, but rather the whole string: memberof=CN=sAdministrative,OU=Administrative,OU=Employees,DC=domain,DC=com
I gotta admit, I'm running out of ideas.
I gotta admit, I'm running out of ideas.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
See my post above you last on, here is in short what it returns:
Code: Select all
Array
(
[count] => 1
[0] => Array
(
[objectclass] => Array
(
[count] => 2
[0] => top
[1] => group
)
[0] => objectclass
[cn] => Array
(
[count] => 1
[0] => sAdministrative
)
[1] => cn
[member] => Array
(
[count] => 21
[0] => CN=User1,OU=Administrative,OU=Employees,DC=domain,DC=com
[1] => CN=User2,OU=Administrative,OU=Employees,DC=domain,DC=com
[2] => CN=User3,OU=Administrative,OU=Employees,DC=domain,DC=com
[3] => CN=User4,OU=Administrative,OU=Employees,DC=domain,DC=com
[4] => CN=User5,OU=Disabled User Accounts,DC=domain,DC=com
[5] => CN=User6,OU=Administrative,OU=Employees,DC=domain,DC=com
[6] => CN=User7,OU=Administrative,OU=Employees,DC=domain,DC=com
[7] => CN=User8,OU=Administrative,OU=Employees,DC=domain,DC=com
[8] => CN=User9,OU=Disabled User Accounts,DC=domain,DC=com
[9] => CN=User10,OU=Administrative,OU=Employees,DC=domain,DC=com
[10] => CN=User11,OU=Administrative,OU=Employees,DC=domain,DC=com
[11] => CN=User12,OU=Administrative,OU=Employees,DC=domain,DC=com
[12] => CN=User13,OU=Administrative,OU=Employees,DC=domain,DC=com
[13] => CN=User14,OU=Disabled User Accounts,DC=domain,DC=com
[14] => CN=User15,OU=Administrative,OU=Employees,DC=domain,DC=com
[15] => CN=User16,OU=Administrative,OU=Employees,DC=domain,DC=com
[16] => CN=User17,OU=Reception,OU=Administrative,OU=Employees,DC=domain,DC=com
[17] => CN=User18,OU=Reception,OU=Administrative,OU=Employees,DC=domain,DC=com
[18] => CN=User19,OU=Administrative,OU=Employees,DC=domain,DC=com
[19] => CN=User20,OU=Administrative,OU=Employees,DC=domain,DC=com
[20] => CN=User21,OU=Executive,OU=Employees,DC=domain,DC=com
)
[2] => member
[distinguishedname] => Array
(
[count] => 1
[0] => CN=sAdministrative,OU=Administrative,OU=Employees,DC=domain,DC=com
)
[3] => distinguishedname
[instancetype] => Array
(
[count] => 1
[0] => 4
)Exactly what I was trying... I got it down to the array, just can't get it to show the CN only, I'm still playing with it.pickle wrote:Perfect, just iterate through $info[0]['member'] then right? If you don't want that other stuff returned, just send along an array of attributes you want as your 4th argument.
I really don't think you can do that. I've never been able to do get just that. It's pretty simple to run each member through a regex though:
Code: Select all
$info = $ldap_results[0]['member'];
$info = array_shift($info);
$pattern = '/CN=(\w*?),.*/i'
foreach($info as $full_name)
{
preg_match($pattern,$full_name,$matches);
$member_cns[] = $matches[1];
}
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.