One of those frustrations is case sensitivity when you try use ldap queries from php code.
Consider the following example:
<?php $ldapuser = "user"; $ldappass = "pass"; $basedn = "OU=People,DC=staff,DC=company,DC=com"; $domain = "staff.company.com"; $ldaphost = "ldap.staff.company.com"; $filter="(&(objectclass=person)(sAMAccountName=$ldapuser))"; $LDAPFieldsToFind = array("cn", "mail", "sAMAccountName"); // connect to ldap server $ldapconn = ldap_connect($ldaphost); // Setting Active Directory ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0); // binding to ldap server $ldapbind = @ldap_bind($ldapconn, "{$ldapuser}@{$domain}", $ldappass); echo "\nSearching in base_dn $basedn - filter: $filter\n"; $userdetails = ldap_search($ldapconn, $basedn, $filter, $LDAPFieldsToFind); $info = ldap_get_entries($ldapconn, $userdetails); for ($x=0; $x<$info["count"]; $x++) { $email=$info[$x]['mail'][0]; $nam=$info[$x]['cn'][0]; $samaccountname=$info[$x]["sAMAccountName"][0]; print "\nCN is: $nam \n"; print "Mail is: $email\n"; print "Uid: $samaccountname\n"; } ?>
Although the above piece of code is perfectly right, you won't get any results!
You will also get a message similar to:
PHP Notice: Undefined index: sAMAccountName in xxx.php on line xxx
Why?? Because for some strange reason, the attributes should be in lower case.
Therefore if you change sAMAccountName to samaccountname everything will work as expected...
The lines that should modified are:
$filter="(&(objectclass=person)(samaccountname=$ldapuser))"; $LDAPFieldsToFind = array("cn", "mail", "samaccountname"); $samaccountname=$info[$x]["samaccountname"][0];Try it for yourself, and post your comments in case you experience something different...