Overview

A class for finding records in an Active Directory/LDAP server

This class allows you to bind to an Active Directory or LDAP server and then find records based on search criteria. At the moment, you cannot bind to the server anonymously. That may be added in the future.

Installation is easiest via composer:

composer require vespula/ldap

But you can also clone the repository and include the files as you would other libraries.

Some examples are listed below. See the full documentation for more information.

<?php

use Vespula\Ldap\LdapWrapper;
use Vespula\Ldap\LdapSearch;

$wrapper = new LdapWrapper();

// See later in the documentation for the parameters
$ldap = new LdapSearch($wrapper, $uri, $bindOptions, $ldapOptions, $port);

// Find all entries by one attribute
$entries = $ldap->findAllByLastname('Foo');

// Find one entry by attribute
$entry = $ldap->findOneByUserid('juser');

// Find all users by multiple attributes - boolean AND
$entries = $ldap->findAllByLastnameAndFirstname('User', 'J*');

// Find all users by multiple attributes - boolean OR
$entries = $ldap->findAllByLocalityOrPostalcode('City', 'T6H*');

// Find one user by multiple attributes - boolean AND
$entries = $ldap->findOneByLastnameAndFirstname('User', 'Joe');

// Find one user by multiple attributes - boolean OR
$entries = $ldap->findOneByLocalityOrPostalcode('City', 'T6H*');

// Note that fineOne() menthods return a single entry via `ldap_first_entry()`

// Find all entries using a custom search filter
$entries = $ldap->findAll('(&(x=y)(foo=bar))');

// Find one entry using a custom search filter
$entries = $ldap->find('(&(x=y)(foo=bar))');

// Find all entries by one attribute and sort on another
$ldap->setSortBy('cn');
$entries = $ldap->findAllByLastname('Foo');

There are two classes:

  1. LdapSearch is the main class that is used to search the directory.

  2. LdapWrapper is a utility class used by LdapSearch to perform native PHP ldap functions. Native PHP functions are wrapped in methods in this class so that the class can be mocked and used in testing, without relying on real directory connections etc.