Page 2 of 2

Posted: Thu Jun 15, 2006 2:49 pm
by labmixz
pickle wrote:It may be case sensitive. You said you were checking memberOf, and in the example it's memberof. May be significant.
This is true, but just tried it all lower case, still receiving nothing back.

Posted: Thu Jun 15, 2006 2:55 pm
by labmixz
Well, I got some new results...

Filter set to:

Code: Select all

$filter = "(cn=*)";
With the search set to:

Code: Select all

$sr=ldap_search($ds,"cn=sAdministrative,ou=Administrative,ou=Employees,dc=domain,dc=com",$filter);
It returns all the attributes of the group, including the members, but I can't get it it to just display the members, yet...

Posted: Thu Jun 15, 2006 2:56 pm
by pickle
This sounds kind of ridicluous (but it's Microsoft so who knows), change your filter to not look for memberof=sAdministrative, but rather the whole string: memberof=CN=sAdministrative,OU=Administrative,OU=Employees,DC=domain,DC=com

I gotta admit, I'm running out of ideas.

Posted: Thu Jun 15, 2006 3:00 pm
by labmixz
See my post above you last on, here is in short what it returns:

Code: Select all

Array
(
    [count] => 1
    [0] => Array
        (
            [objectclass] => Array
                (
                    [count] => 2
                    [0] => top
                    [1] => group
                )

            [0] => objectclass
            [cn] => Array
                (
                    [count] => 1
                    [0] => sAdministrative
                )

            [1] => cn
            [member] => Array
                (
                    [count] => 21
                    [0] => CN=User1,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [1] => CN=User2,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [2] => CN=User3,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [3] => CN=User4,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [4] => CN=User5,OU=Disabled User Accounts,DC=domain,DC=com
                    [5] => CN=User6,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [6] => CN=User7,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [7] => CN=User8,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [8] => CN=User9,OU=Disabled User Accounts,DC=domain,DC=com
                    [9] => CN=User10,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [10] => CN=User11,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [11] => CN=User12,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [12] => CN=User13,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [13] => CN=User14,OU=Disabled User Accounts,DC=domain,DC=com
                    [14] => CN=User15,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [15] => CN=User16,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [16] => CN=User17,OU=Reception,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [17] => CN=User18,OU=Reception,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [18] => CN=User19,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [19] => CN=User20,OU=Administrative,OU=Employees,DC=domain,DC=com
                    [20] => CN=User21,OU=Executive,OU=Employees,DC=domain,DC=com
                )

            [2] => member
            [distinguishedname] => Array
                (
                    [count] => 1
                    [0] => CN=sAdministrative,OU=Administrative,OU=Employees,DC=domain,DC=com
                )

            [3] => distinguishedname
            [instancetype] => Array
                (
                    [count] => 1
                    [0] => 4
                )

Posted: Thu Jun 15, 2006 3:05 pm
by pickle
Perfect, just iterate through $info[0]['member'] then right? If you don't want that other stuff returned, just send along an array of attributes you want as your 4th argument.

Posted: Thu Jun 15, 2006 3:09 pm
by labmixz
pickle wrote:Perfect, just iterate through $info[0]['member'] then right? If you don't want that other stuff returned, just send along an array of attributes you want as your 4th argument.
Exactly what I was trying... I got it down to the array, just can't get it to show the CN only, I'm still playing with it.

Posted: Thu Jun 15, 2006 3:16 pm
by pickle
I really don't think you can do that. I've never been able to do get just that. It's pretty simple to run each member through a regex though:

Code: Select all

$info = $ldap_results[0]['member'];
$info = array_shift($info);
$pattern = '/CN=(\w*?),.*/i'
foreach($info as $full_name)
{
  preg_match($pattern,$full_name,$matches);
  $member_cns[] = $matches[1];
}