开发者

ldap_get_entries returns array with element count=zero

In some situations ldap_get_entries returns array with element count=zero, so I have an array like array('count'=>0) without any further entries.

What are the conditions for this to happen?

PS:

  • if the OU I am searching in is empty I am getting a different error (Invalid Base DN)
  • if the user doesn't have permissions to an OU I am getting the same error as above

EDIT:

  • the PHP code is irrelevant, since I can do all kind of searches with it and the above mentioned problem happens only in some strange Active Directory configurations
  • if you still insists... $entries = ldap_get_entries($this->ldap_connection, $search_result);
  • ldap_get_entries returns in most of the cases what I expect it to return with proper errors

So, to restate my question, what are the conditions for ldap_get_entries to return an array with count=0, without any errors. By condition I mean:

  • Active Directory rights and permissions
  • user permissions
  • OU permissions (aka Security tab)
  • any PHP related information on when this can happen

Thanks

EDIT2 - as requested, here is the rest of the code:

public function connect() {

    // connect to the server
    $this->ldap_connection = ldap_connect($this->ldap_server);
    if (!$this->ldap_connection){
        $error_message= "LDAP-Connect-Error: " . ldap_error($this->ldap_connection) . ".";
        throw new RuntimeErrorException($error_message);
    }

    // set protocol version
    if (!ldap_set_option($this->ldap_connection, LDAP_OPT_PROTOCOL_VERSION, $this->ldap_protocol_version)){
        $error_message= "LDAP-SetProtocolVersion-Error: " . ldap_error($this->ldap_connection) . ".";
        throw new RuntimeErrorException($error_message);
    }

    // set with/without referrals (limit/do not limit search on current server)
    if (!ldap_set_option($this->ldap_connection, LDAP_OPT_REFERRALS, $this->ldap_protocol_referrals)){
        $error_message= "LDAP-SetReferrals-Error: " . ldap_error($this->ldap_开发者_如何学编程connection) . ".";
        throw new RuntimeErrorException($error_message);
    }

    // binding to ldap server
    if (!@ldap_bind($this->ldap_connection, $this->ldap_auth_rdn, $this->ldap_auth_pass)){
        $error_message= "LDAP-Bind-Error: " . ldap_error($this->ldap_connection) . ".";
        throw new RuntimeErrorException($error_message);
    }
}

public function search($filter,$fields){
    if (!$this->ldap_connection) {
        $this->connect();
    }

    // search the ldap
    $search_result = @ldap_search($this->ldap_connection, $this->ldap_base_distinguished_name, $filter,$fields);
    if ($search_result===false){
        $error_message= "LDAP-Error: " . ldap_error($this->ldap_connection) . ".";
        throw new RuntimeErrorException($error_message);
    }

    //Create result set
    $entries = ldap_get_entries($this->ldap_connection, $search_result);
    if ($entries === false ){
        $error_message= "LDAP-Error: " . ldap_error($this->ldap_connection) . ".";
        throw new RuntimeErrorException($error_message);
    }

    return (is_null($entries) ? array() : $entries); // http://bugs.php.net/48469
}


It seems like ldap_connect is successfully connecting to your server.

I think the problem is with the ldap_base_distinguished_name param from ldap_search, make sure that it's correct and you have that base distinguished name in you AD tree.


It means what you are searching for didn't return results either because it isn't there or you aren't searching correctly for it.


$ldap = new stdclass;
$ldap->host = 'YOUR_HOST';
$ldap->port = 'PORT'; 
$ldap->user = 'YOUR_USER';
$ldap->pass = 'YOUR_PASS';
$ldap->dn  = "CN=Users,DC=DOMAIN,DC=COM,DC=br";
$ldap->filter = '(sAMAccountName=YOUR_USER_NAME)';

try {
    $ldap->conn = ldap_connect($ldap->host,$ldap->port);
    $ldap->bind = ldap_bind($ldap->conn, $ldap->user, $ldap->pass);
    $ldap->option[] = ldap_set_option($ldap->conn, LDAP_OPT_PROTOCOL_VERSION,3);
    $ldap->option[] = ldap_set_option($ldap->conn, LDAP_OPT_REFERRALS,0);
    $ldap->seach=ldap_search($ldap->conn,  $ldap->dn, $ldap->filter);
    $ldap->info = ldap_get_entries($ldap->conn, $ldap->seach); 
    var_dump($ldap);
} catch (Exception $error_message) {
    throw new RuntimeErrorException($error_message);
}
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜