I have users in multiple domains.
For example:
DC=domain,DC=local; - (main domain) DC=department1,DC=domain,DC=local; - (subdomain1) DC=department2,DC=domain,DC=local; - (subdomain2)
There is a group in the main domain called group1 and some users in the subdomain are in this group.
If I want to get a list of users in group 1 via php, only users in the main domain will be visible. Users in the subdomain will not be visible.
How can I get a list of all users in group1.
This is my code in php:
header('Content-Type: application/json; charset=utf-8');
set_time_limit(30);
error_reporting(E_ALL);
ini_set('error_reporting', E_ALL);
ini_set('display_errors',1);
$ldaphost = "ldap://domain.local";
//Порт
$ldapport = "389";
$ldap = ldap_connect($ldaphost,$ldapport) or die('Cannot connect to LDAP Server.');
//Включаем LDAP протокол версии 3
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3) or die('Unable to set LDAP protocol version');
//Отключаем обработку рефералов для ldap v3
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0) or die('Unable to set LDAP OPT REFERRALS');
if ($ldap) /* Получаем данные из AD */
{
$ldapuser = 'ldap_system';
$ldappass = '123456';
$bind = ldap_bind($ldap,$ldapuser,$ldappass);
if ($bind) //Привязка LDAP прошла успешно!
{
$query = ldap_search($ldap,"DC=domain,DC=local","(&(memberOf=CN=group1,OU=PQ185,OU=testGroups,DC=domain,DC=local)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))");
// Read all results from search
$data = ldap_get_entries($ldap, $query);
// Loop over
$userdata = array();
for ($i=0; $i < $data['count']; $i++) {
array_push(
$userdata, array(
'i' => $i,
'displayname' => $data[$i]['displayname'][0],
'samaccountname' => $data[$i]['samaccountname'][0],
'description' => $data[$i]['description'][0]
)
);
}
$json = json_encode($userdata);
echo $json;
}
}