« PHP: Remove special chars and punctuation from strings
How to write a random quote on a page »

PHP and LDAP - how to connect php to a ldap directory server

LDAP - Lightweight Directory Access Protocol - is an application protocol for querying and modifying directory services running over TCP/IP.


A directory is a set of objects with similar attributes organized in a logical and hierarchical manner. The most common example is the telephone directory, which consists of a series of names (either of persons or organizations) organized alphabetically, with each name having an address and phone number attached. Due to this basic design (among other factors) LDAP is often used by other services for authentication, despite the security problems this causes.

An LDAP directory tree often reflects various political, geographic, and/or organizational boundaries, depending on the model chosen. LDAP deployments today tend to use Domain name system (DNS) names for structuring the topmost levels of the hierarchy. Deeper inside the directory might appear entries representing people, organizational units, printers, documents, groups of people or anything else which represents a given tree entry (or multiple entries).

Its current version is LDAPv3, which is specified in a series of Internet Engineering Task Force (IETF) Standard Track Requests for comments (RFCs) as detailed in RFC 4510.

Here is a sample php code that connects php to a ldap directory and retrieves the ‘name’ entry value:

< ?php
$ldap = ldap_connect('ldap.lettucecode.com');
 
if(!$ldap) {
  die('Could not connect to LDAP server.');
}
 
if(!ldap_bind($ldap, $ldap_user, $password)) {
  die('Could not bind to LDAP server.');
}
 
$base_dn = 'o=lettucecode.com,o=com';
$search = ldap_search($ldap, $base_dn, 'uid='.$username);
if(ldap_count_entries($ldap, $search) < 1) {
  die('Username not found');
}
 
$info = ldap_get_entries($ldap, $search);
 
if(isset($info[0]['name'])) {
  echo 'Username '.$username.' has name '.$info[0]['name'];
} else {
  echo 'Entry -name- not found in username '.$username;
}
 
ldap_close($ldap);
?>

Notes about this code:
The vars $ldap_user and $password do not have a value but they are self explanatory.
This code is just a sample and I keeped focus just in the connection and retrieving an entry value so:
- Don’t forget to close ldap connection before every die() (after the connection has been made)
- Wrap the code into a function so you can use it
- Code a better flow by using more ‘else’ in ‘if’

Read more about LDAP

References
http://en.wikipedia.org/wiki/Ldap

by LSimpson

Entry posted on Thursday, March 27th, 2008 at 8:17 pm and filed under LDAP, PHP, Source-code.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.

One Response to “PHP and LDAP - how to connect php to a ldap directory server”

  1. […] PHP and LDAP - how to connect php to a ldap directory server By admin LDAP - Lightweight Directory Access Protocol - is an application protocol for querying and modifying directory services running over TCP/IP. Lettuce Code - http://www.lettucecode.com […]

Leave a Reply

You must be logged in to post a comment.