/**
* Query the LDAP directory with the given filter.
*
* @param string $filter The string to filter by, e.g. (objectClass=user)
* @param null|string $baseDn The DN to search from. Default is the baseDn option in the connection if not given
* @param int $scope The scope to perform the search. Zend_Ldap::SEARCH_SCOPE_ONE, Zend_LDAP::SEARCH_SCOPE_BASE. Default is Zend_Ldap::SEARCH_SCOPE_SUB
* @param array $attributes Restrict to specific AD attributes. An empty array will return all attributes
* @param string $sort Sort results by this attribute if given
* @return array
*/
protected function search($filter, $baseDn = null, $scope = Zend\Ldap\Ldap::SEARCH_SCOPE_SUB, $attributes = array(), $sort = '')
{
$records = $this->ldap->search($filter, $baseDn, $scope, $attributes, $sort);
$results = array();
foreach ($records as $record) {
foreach ($record as $attribute => $value) {
// if the value is an array with a single value, e.g. 'samaccountname' => array(0 => 'myusername')
// then make sure it's just set in the results as 'samaccountname' => 'myusername' so that it
// can be used directly by ArrayData
if (is_array($value) && count($value) == 1) {
$value = $value[0];
}
// ObjectGUID and ObjectSID attributes are in binary, we need to convert those to strings
if ($attribute == 'objectguid') {
$value = LDAPUtil::bin_to_str_guid($value);
}
if ($attribute == 'objectsid') {
$value = LDAPUtil::bin_to_str_sid($value);
}
$record[$attribute] = $value;
}
$results[] = $record;
}
return $results;
}
public function __construct($config = [])
{
if (empty($config)) {
// Get arguments
$argManager = new ArgumentManager();
$argManager->parse();
}
$config = $argManager->asArray();
$this->server = $config['server'];
$this->port = $config['port'];
$this->username = $config['username'];
$this->password = $config['password'];
$this->accountDomainName = $config['domain'];
$this->baseDn = $config['basedn'];
// optionals
$this->filter = isset($config['filter']) && $config['filter'] ? $config['filter'] : '(objectClass=*)';
$this->attributes = isset($config['attributes']) && $config['attributes'] ? $config['attributes'] : [];
$this->keyAttribute = strtolower(isset($config['keyattr']) && $config['keyattr'] ? $config['keyattr'] : 'sAMAccountName');
$this->isSSL = isset($config['ssl']) && $config['ssl'] ? true : null;
$this->output = isset($config['output']) && $config['output'] ? $config['output'] : self::STDIO;
// check if output needs to be verified
if ($this->output != self::STDIO) {
// Get base directory
$dir = dirname($this->output);
if (!file_exists($dir) && !is_dir($this->output)) {
mkdir($this->output, 0777, true);
}
if (file_exists($this->output) && is_file($this->output)) {
unlink($this->output);
}
}
// Create LDAP connection
$ldap = new \Zend\Ldap\Ldap(['accountDomainName' => $this->accountDomainName, 'baseDn' => $this->baseDn]);
$ldap->connect($this->server, $this->port, $this->isSSL);
$ldap->bind($this->username . '@' . $this->accountDomainName, $this->password);
// Apply filter
$result = $ldap->search($this->filter);
// Prepare output container
$output = [];
foreach ($result as $index => $entry) {
$newrow = [];
foreach ($entry as $key => $value) {
if ($this->attributeIncluded($key)) {
if (is_array($value) && sizeof($value) == 1) {
$value = $value[0];
}
$newrow[$key] = $value;
}
}
// Push attribute
if (isset($newrow[$this->keyAttribute])) {
$output[$newrow[$this->keyAttribute]] = $newrow;
} else {
$output[] = $newrow;
}
}
$ymlOutput = \Spyc::YAMLDump($output, true);
$this->_queryoutput = $ymlOutput;
if ($this->output != self::STDIO) {
$writeSuccess = file_put_contents($this->output, $this->_queryoutput);
echo ($writeSuccess !== false ? PHP_EOL . sprintf("Output has been successfully exported to \"%s\"", realpath($this->output)) : sprintf("Unable to write output to file \"%s\"")) . PHP_EOL . PHP_EOL;
}
}
