/** * Query the LDAP directory with the given filter. * * @param string $filter The string to filter by, e.g. (objectClass=user) * @param null|string $baseDn The DN to search from. Default is the baseDn option in the connection if not given * @param int $scope The scope to perform the search. Zend_Ldap::SEARCH_SCOPE_ONE, Zend_LDAP::SEARCH_SCOPE_BASE. Default is Zend_Ldap::SEARCH_SCOPE_SUB * @param array $attributes Restrict to specific AD attributes. An empty array will return all attributes * @param string $sort Sort results by this attribute if given * @return array */ protected function search($filter, $baseDn = null, $scope = Zend\Ldap\Ldap::SEARCH_SCOPE_SUB, $attributes = array(), $sort = '') { $records = $this->ldap->search($filter, $baseDn, $scope, $attributes, $sort); $results = array(); foreach ($records as $record) { foreach ($record as $attribute => $value) { // if the value is an array with a single value, e.g. 'samaccountname' => array(0 => 'myusername') // then make sure it's just set in the results as 'samaccountname' => 'myusername' so that it // can be used directly by ArrayData if (is_array($value) && count($value) == 1) { $value = $value[0]; } // ObjectGUID and ObjectSID attributes are in binary, we need to convert those to strings if ($attribute == 'objectguid') { $value = LDAPUtil::bin_to_str_guid($value); } if ($attribute == 'objectsid') { $value = LDAPUtil::bin_to_str_sid($value); } $record[$attribute] = $value; } $results[] = $record; } return $results; }
public function __construct($config = []) { if (empty($config)) { // Get arguments $argManager = new ArgumentManager(); $argManager->parse(); } $config = $argManager->asArray(); $this->server = $config['server']; $this->port = $config['port']; $this->username = $config['username']; $this->password = $config['password']; $this->accountDomainName = $config['domain']; $this->baseDn = $config['basedn']; // optionals $this->filter = isset($config['filter']) && $config['filter'] ? $config['filter'] : '(objectClass=*)'; $this->attributes = isset($config['attributes']) && $config['attributes'] ? $config['attributes'] : []; $this->keyAttribute = strtolower(isset($config['keyattr']) && $config['keyattr'] ? $config['keyattr'] : 'sAMAccountName'); $this->isSSL = isset($config['ssl']) && $config['ssl'] ? true : null; $this->output = isset($config['output']) && $config['output'] ? $config['output'] : self::STDIO; // check if output needs to be verified if ($this->output != self::STDIO) { // Get base directory $dir = dirname($this->output); if (!file_exists($dir) && !is_dir($this->output)) { mkdir($this->output, 0777, true); } if (file_exists($this->output) && is_file($this->output)) { unlink($this->output); } } // Create LDAP connection $ldap = new \Zend\Ldap\Ldap(['accountDomainName' => $this->accountDomainName, 'baseDn' => $this->baseDn]); $ldap->connect($this->server, $this->port, $this->isSSL); $ldap->bind($this->username . '@' . $this->accountDomainName, $this->password); // Apply filter $result = $ldap->search($this->filter); // Prepare output container $output = []; foreach ($result as $index => $entry) { $newrow = []; foreach ($entry as $key => $value) { if ($this->attributeIncluded($key)) { if (is_array($value) && sizeof($value) == 1) { $value = $value[0]; } $newrow[$key] = $value; } } // Push attribute if (isset($newrow[$this->keyAttribute])) { $output[$newrow[$this->keyAttribute]] = $newrow; } else { $output[] = $newrow; } } $ymlOutput = \Spyc::YAMLDump($output, true); $this->_queryoutput = $ymlOutput; if ($this->output != self::STDIO) { $writeSuccess = file_put_contents($this->output, $this->_queryoutput); echo ($writeSuccess !== false ? PHP_EOL . sprintf("Output has been successfully exported to \"%s\"", realpath($this->output)) : sprintf("Unable to write output to file \"%s\"")) . PHP_EOL . PHP_EOL; } }