/**
* Fetch the Schema from an LDAP connection
*
* @param Net_LDAP2 $ldap LDAP connection
* @param string $dn (optional) Subschema entry dn
*
* @access public
* @return Net_LDAP2_Schema|NET_LDAP2_Error
*/
public function fetch($ldap, $dn = null)
{
if (!$ldap instanceof Net_LDAP2) {
return PEAR::raiseError("Unable to fetch Schema: Parameter \$ldap must be a Net_LDAP2 object!");
}
$schema_o = new Net_LDAP2_Schema();
if (is_null($dn)) {
// get the subschema entry via root dse
$dse = $ldap->rootDSE(array('subschemaSubentry'));
if (false == Net_LDAP2::isError($dse)) {
$base = $dse->getValue('subschemaSubentry', 'single');
if (!Net_LDAP2::isError($base)) {
$dn = $base;
}
}
}
// Support for buggy LDAP servers (e.g. Siemens DirX 6.x) that incorrectly
// call this entry subSchemaSubentry instead of subschemaSubentry.
// Note the correct case/spelling as per RFC 2251.
if (is_null($dn)) {
// get the subschema entry via root dse
$dse = $ldap->rootDSE(array('subSchemaSubentry'));
if (false == Net_LDAP2::isError($dse)) {
$base = $dse->getValue('subSchemaSubentry', 'single');
if (!Net_LDAP2::isError($base)) {
$dn = $base;
}
}
}
// Final fallback case where there is no subschemaSubentry attribute
// in the root DSE (this is a bug for an LDAP v3 server so report this
// to your LDAP vendor if you get this far).
if (is_null($dn)) {
$dn = 'cn=Subschema';
}
// fetch the subschema entry
$result = $ldap->search($dn, '(objectClass=*)', array('attributes' => array_values($schema_o->types), 'scope' => 'base'));
if (Net_LDAP2::isError($result)) {
return PEAR::raiseError('Could not fetch Subschema entry: ' . $result->getMessage());
}
$entry = $result->shiftEntry();
if (!$entry instanceof Net_LDAP2_Entry) {
if ($entry instanceof Net_LDAP2_Error) {
return PEAR::raiseError('Could not fetch Subschema entry: ' . $entry->getMessage());
} else {
return PEAR::raiseError('Could not fetch Subschema entry (search returned ' . $result->count() . ' entries. Check parameter \'basedn\')');
}
}
$schema_o->parse($entry);
return $schema_o;
}