[英]Trouble with PHP LDAP code to check memberOf a certain group
我遇到以下代碼,該代碼應檢查$ user是否位於AD的AlumniDBusers或AlumniDBmanagers組中
entrys [0]數組始終返回空白
誰能看到哪里出了問題?
謝謝
// Active Directory server
define('LDAP_HOST','dc1.college.school.edu');
// Active Directory DN
define('LDAP_DN','OU=Alumni Relations,OU=Departments,DC=college,DC=school,DC=edu');
// Active Directory user group
define('LDAP_USER_GROUP','AlumniDBusers');
// Active Directory manager group
define('LDAP_MANAGER_GROUP','AlumniDBmanagers');
$ldap = ldap_connect(LDAP_HOST);
echo "LDAP CONNECTED<br />";
if($bind = ldap_bind($ldap, $user, $password)) {
echo "PASS BIND<br />";
$filter = "(samAccountName=" . $user . ")";
$attrs = array("memberOf");
$result = ldap_search($ldap, LDAP_DN, $filter, $attrs);
$entries = ldap_get_entries($ldap, $result);
echo "ENTRY RESULTS: ";
print_r($entries[0]['memberOf']);
echo "<br />";
// see if member is in user or manager group
if (in_array(LDAP_USER_GROUP,$entries[0]['memberOf']) || in_array(LDAP_MANAGER_GROUP,$entries[0]['memberOf']))
{
echo "IN GROUP";
ldap_unbind($ldap);
} else {
echo "NOT IN GROUP";
ldap_unbind($ldap);
}
} else {
echo "FAIL BIND";
ldap_unbind($ldap);
}
正常工作,我的DN錯誤代碼正確
鏈接文字 PHP手冊
“在為用戶添加/編輯屬性時,請記住'memberof'屬性是一種特殊情況。memberOf屬性不是用戶架構的可訪問屬性。”
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.