The textbook on PHP 4

[To download textbooks on PHP]

(!!! is unnecessary to extort this site Teleportom!!!)
Examples: fopen, msql_num_fields, socket_write...

RNR textbook
Back Forward

XLIX. LDAP functions

Introduction in LDAP

LDAP is Lightweight Directory Access Protocol - the protocol used for access to "Directory Servers". Directory is a special type of a database which contains information as treelike structure.

The concept is similar to structure of directories of a hard disk, but in this context of root/root the directory is "The world/globe", and the first level of subdirectories is "countries/country". There are levels of structure of the directories, containing occurrences for companies/companies even below, organizations/organizations or places, and there are occurrences of directories for people/people and, probably, the equipment or documents even below.

To address to the file in a subdirectory on a hard disk, you enter something it seems

/ usr/local/myapp/docs

The slash separates each division of the reference, and the sequence is read from left to right.

Equivalent for the full qualified link to file in LDAP is "distinguished name/distinctive a name", "dn" called simply. An example of dn can be:

     cn=John Smith, ou=Accounts, o=My Company, c=US

The comma works as a slash, and the sequence is read from right to left. You can read this dn as...

    country = US
    organization =  My Company
    organizationalUnit = Accounts
    commonName =  John Smith

In the same way, as there are no firm rules of the organization of structure of directories on a hard disk, directory server manager (a menezhder of the server of directories) can adjust any structure necessary for implementation of objectives. However there are some agreements which are thus used: you cannot write down a code for access to the server of directories if do not know its structure though can use a DB without knowledge of that is available.

Full example of a code

We request information for all occurrences where the surname begins with "S", from the server of directories and we display them with a name and an email address.

Example 1. Example of search of LDAP
// базовая последовательность в LDAP это: соединиться, связать, найти, интерпретировать
// результат поиска, закрыть соединение

echo "<h3>LDAP query test</h3>";
echo "Connecting ...";
$ds=ldap_connect("localhost");  // обязан быть правильный LDAP-сервер!
echo "connect result is ".$ds."<p>";

if ($ds) { 
    echo "Binding ..."; 
    $r=ldap_bind($ds);     // это "anonymous" связка, обычно с доступом read-only

    echo "Bind result is ".$r."<p>";

    echo "Searching for (sn=S*) ...";
    // Search surname entry
    $sr=ldap_search($ds,"o=My Company, c=US", "sn=S*");  
    echo "Search result is ".$sr."<p>";

    echo "Number of entires returned is ".ldap_count_entries($ds,$sr)."<p>";

    echo "Getting entries ...<p>";
    $info = ldap_get_entries($ds, $sr);
    echo "Data for ".$info["count"]." items returned:<p>";

    for ($i=0; $i<$info["count"]; $i++) {
        echo "dn is: ". $info[$i]["dn"] ."<br>";
        echo "first cn entry is: ". $info[$i]["cn"][0] ."<br>";
        echo "first email entry is: ". $info[$i]["mail"][0] ."<p>";

    echo "Closing connection";

} else {
    echo "<h4>Unable to connect to LDAP-сервер</h4>";

Use of calls of PHP LDAP

You need to receive and compile client libraries LDAP from a ldap-3.3 University of Michigan or Netscape Directory SDK 3.0 package. It is necessary for you also перекомпилировать PHP with the included support of LDAP before PHP calls to LDAP will earn.

Before beginning use of calls of LDAP, it is necessary for you to know:

  • Name or the address of the server of directories which you will use

  • server "base dn" (a part of a world-directory which contains on this server which can be "o=My Company, c=US")

  • Whether the password for access to this server (many servers provide access for reading for "anonymous bind", but demand the password for other actions) is necessary to you

The typical sequence of a call of LDAP in your appendix will correspond such патэрну:

to ldap_connect ()    // to establish connection with the server
ldap_bind ()       // anonymous/anonymous or authenticated "login"
to make something such as search or directory updating
  and to deduce results
ldap_close ()      // "logout"

Additional information

A large number of information on LDAP can be found on:

Netscape SDK contains good Programmer's Guide in the.html format.

ldap_8859_to_t61 - broadcasts 8859-symbols in t61-symbols
ldap_add - adds entries into a LDAP directory
ldap_bind - connects with a LDAP directory
ldap_close - closes the reference to the LDAP server
ldap_compare - compares value of the attribute found in occurrence, specified by means of DN
ldap_connect - connects to the LDAP server
ldap_count_entries - counts up number of occurrences by search
ldap_delete - deletes occurrence of their directory
ldap_dn2ufn - converts DN in the User Friendly Naming format
ldap_err2str - converts number of an error of LDAP in a line of an error message
ldap_errno - returns number of an error of LDAP of the last LDAP team
ldap_error - returns an error message of LDAP of the last LDAP team
ldap_explode_dn - divides DN into parts components
ldap_first_attribute - returns the first attribute
ldap_first_entry - returns id first by a resultant
ldap_first_reference - returns the first reference
ldap_free_result - releases memory of result
ldap_get_attributes - receives attributes from search result occurrence
ldap_get_dn - receives DN of rezultiruyushchy occurrence
ldap_get_entries - receives all resultants of occurrence
ldap_get_option - receives the current value of this option
ldap_get_values_len - receives all binary values from rezultiruyushchy occurrence
ldap_get_values - receives all values from rezultiruyushchy occurrence
ldap_list - single-level search
ldap_mod_add - adds values of attributes to the current attributes
ldap_mod_del - deletes values of attributes from the current attributes
ldap_mod_replace - replaces values of attributes new
ldap_modify - modifies LDAP occurrence
ldap_next_attribute - receives the following attribute as a result
ldap_next_entry - receives the following resultants occurrence
ldap_next_reference - receives the following reference
ldap_parse_reference - takes information from reference occurrence
ldap_parse_result - takes information from result
ldap_read - reads occurrence
ldap_rename - modifies an occurrence name
ldap_search - looks for LDAP tree
ldap_set_option - establishes value of this option
ldap_set_rebind_proc - establishes callback-function for performance of repeated sheaves at referral chasing
ldap_sort - sorts resultants of occurrence of LDAP
ldap_start_tls - starts TLS
ldap_t61_to_8859 - broadcasts t61-symbols in 8859-symbols
ldap_unbind - unties from a LDAP directory

Back Table of contents Forward
java_last_exception_get Upldap_8859_to_t61
textbook php

It is indexed: 3106 pages.

Other our projects: to in total web designer | forum of web designers