LDAP
Use of ADODB_FETCH_NUM is strongly discouraged because AD records returned in queries may not all contain the same number of fields
Description
From ADOdb Versions 5.22.8 and 5.23.0, the LDAP driver can be used in the same way as all the other drivers. Simply replace the SQL statement with a valid AD Query String
Usage
You must use standard LDAP filter terms rather than SQL statements when executing a query. Any value provided in the $bindvars parameter is ignored,
DEFINE('ADODB_ASSOC_CASE',ADODB_ASSOC_CASE_UPPER); $db = ADOnewConnection('ldap'); $db->setFetchMode(ADODB_FETCH_ASSOC); $baseDN = 'dc=example,dc=com'; $adServer = 'example.com'; $user = 'adodb@example.com'; $password = 'adodb!'; $db->connect($adServer,$user,$password,$baseDN); /* * Find the first 2 records where the given name is adodb */ $result = $db->selectLimit('(givenname=adodb)',2); while ($r = $result->fetchRow()) { print_r($r); }
Returns the following data. Note that some elements may contain array or binary data. In this example, the 1st record contains 29 columns, and the second 30.
Array
(
[CN] => ADODb Tester
[SN] => Tester
[GIVENNAME] => ADODb
[DISTINGUISHEDNAME] => CN=ADODb Tester,CN=Users,DC=test,DC=loc
[INSTANCETYPE] => 4
[WHENCREATED] => 20231116231826.0Z
[WHENCHANGED] => 20231116231828.0Z
[DISPLAYNAME] => ADODb Tester
[USNCREATED] => 12794
[USNCHANGED] => 12801
[NAME] => ADODb Tester
[OBJECTGUID] =>
[USERACCOUNTCONTROL] => 66048
[BADPWDCOUNT] => 0
[CODEPAGE] => 0
[COUNTRYCODE] => 0
[BADPASSWORDTIME] => 0
[LASTLOGOFF] => 0
[LASTLOGON] => 0
[PWDLASTSET] => 133446503074682533
[PRIMARYGROUPID] => 513
[OBJECTSID] =>
[ACCOUNTEXPIRES] => 9223372036854775807
[LOGONCOUNT] => 0
[SAMACCOUNTNAME] => adodb
[SAMACCOUNTTYPE] => 805306368
[USERPRINCIPALNAME] => adodb@test.loc
[OBJECTCATEGORY] => CN=Person,CN=Schema,CN=Configuration,DC=test,DC=loc
[DSCOREPROPAGATIONDATA] => Array
(
[0] => 20231116231827.0Z
[1] => 16010101000000.0Z
)
[OBJECTCLASS] => Array
(
[0] => top
[1] => person
[2] => organizationalPerson
[3] => user
)
)
Array
(
[CN] => ADOdb N. Tester
[SN] => Tester
[GIVENNAME] => ADOdb
[INITIALS] => N
[DISTINGUISHEDNAME] => CN=ADOdb N. Tester,CN=Users,DC=test,DC=loc
[INSTANCETYPE] => 4
[WHENCREATED] => 20231118172808.0Z
[WHENCHANGED] => 20231118172809.0Z
[DISPLAYNAME] => ADOdb N. Tester
[USNCREATED] => 16413
[USNCHANGED] => 16420
[NAME] => ADOdb N. Tester
[OBJECTGUID] =>
[USERACCOUNTCONTROL] => 66048
[BADPWDCOUNT] => 0
[CODEPAGE] => 0
[COUNTRYCODE] => 0
[BADPASSWORDTIME] => 0
[LASTLOGOFF] => 0
[LASTLOGON] => 0
[PWDLASTSET] => 133448020890659722
[PRIMARYGROUPID] => 513
[OBJECTSID] =>
[ACCOUNTEXPIRES] => 9223372036854775807
[LOGONCOUNT] => 0
[SAMACCOUNTNAME] => adodb2
[SAMACCOUNTTYPE] => 805306368
[USERPRINCIPALNAME] => adodb2@test.loc
[OBJECTCATEGORY] => CN=Person,CN=Schema,CN=Configuration,DC=test,DC=loc
[DSCOREPROPAGATIONDATA] => Array
(
[0] => 20231118172809.0Z
[1] => 16010101000000.0Z
)
[OBJECTCLASS] => Array
(
[0] => top
[1] => person
[2] => organizationalPerson
[3] => user
)
)
URI Connections
The Server definition can be set in the form ldap://server-name. You must use this if you want to:
- Use an alternate connection port
ldap:⁄⁄server-name:3389 - Use ldap over SSL -
ldaps:⁄⁄server-name
Connection Parameters
The following values may be injected into the connection via the use of setConnectionParameter()
| OPTION_NAME | Type |
|---|---|
LDAP_OPT_DEREF | integer |
LDAP_OPT_SIZELIMIT | integer |
LDAP_OPT_TIMELIMIT | integer |
LDAP_OPT_PROTOCOL_VERSION | integer |
LDAP_OPT_ERROR_NUMBER | integer |
LDAP_OPT_REFERRALS | boolean |
LDAP_OPT_RESTART | boolean |
LDAP_OPT_HOST_NAME | string |
LDAP_OPT_ERROR_STRING | string |
LDAP_OPT_MATCHED_DN | string |
LDAP_OPT_SERVER_CONTROLS | array |
LDAP_OPT_CLIENT_CONTROLS | array |
From ADOdb 5.22.8 and 5.23.0, default values set are as follows
| Parameter | Value |
|---|---|
| LDAP_OPT_PROTOCOL_VERSION | 3 |
| LDAP_OPT_REFERRALS | 0 |
These values can be changed with setConnectionParameter()
The following usage method is deprecated in PHP8.2 and will not work with PHP 8.3. Use setConnectionParameter() instead.
$LDAP_CONNECT_OPTIONS = Array( Array ( "OPTION_NAME"=>LDAP_OPT_DEREF, "OPTION_VALUE"=>2 ), Array ( "OPTION_NAME"=>LDAP_OPT_SIZELIMIT, "OPTION_VALUE"=>100 ), Array ( "OPTION_NAME"=>LDAP_OPT_TIMELIMIT, "OPTION_VALUE"=>30 ), Array ( "OPTION_NAME"=>, "OPTION_VALUE"=>3 ), Array ( "OPTION_NAME"=>LDAP_OPT_ERROR_NUMBER, "OPTION_VALUE"=>13 ), Array ( "OPTION_NAME"=>LDAP_OPT_REFERRALS, "OPTION_VALUE"=>FALSE ), Array ( "OPTION_NAME"=>LDAP_OPT_RESTART, "OPTION_VALUE"=>FALSE ) );