/**
* Return a list of all contacts
*
* @param bool $includeDescription Include a description of a contact
* @param string $search The search parameters
* @param bool $sorted Whether to sort the results
* @return array
*/
public function all($includeDescription = false, $search = "*", $sorted = true)
{
if (!$this->adldap->getLdapBind()) {
return false;
}
// Perform the search and grab all their details
$filter = "(&(objectClass=contact)(cn=" . $search . "))";
$fields = array("displayname", "distinguishedname");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
$usersArray = array();
for ($i = 0; $i < $entries["count"]; $i++) {
if ($includeDescription && strlen($entries[$i]["displayname"][0]) > 0) {
$usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["displayname"][0];
} elseif ($include_desc) {
$usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["distinguishedname"][0];
} else {
array_push($usersArray, $entries[$i]["distinguishedname"][0]);
}
}
if ($sorted) {
asort($usersArray);
}
return $usersArray;
}
/**
* Returns a complete list of the groups in AD based on a SAM Account Type
*
* @param string $sAMAaccountType The account type to return
* @param bool $includeDescription Whether to return a description
* @param string $search Search parameters
* @param bool $sorted Whether to sort the results
* @return array
*/
public function search($sAMAaccountType = adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP, $includeDescription = false, $search = "*", $sorted = true)
{
if (!$this->adldap->getLdapBind()) {
return false;
}
$filter = '(&(objectCategory=group)';
if ($sAMAaccountType !== null) {
$filter .= '(samaccounttype=' . $sAMAaccountType . ')';
}
$filter .= '(cn=' . $search . '))';
// Perform the search and grab all their details
$fields = array("samaccountname", "description");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
$groupsArray = array();
for ($i = 0; $i < $entries["count"]; $i++) {
if ($includeDescription && strlen($entries[$i]["description"][0]) > 0) {
$groupsArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["description"][0];
} else {
if ($includeDescription) {
$groupsArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["samaccountname"][0];
} else {
array_push($groupsArray, $entries[$i]["samaccountname"][0]);
}
}
}
if ($sorted) {
asort($groupsArray);
}
return $groupsArray;
}
/**
* Move a user account to a different OU
*
* @param string $username The username to move (please be careful here!)
* @param array $container The container or containers to move the user to (please be careful here!).
* accepts containers in 1. parent 2. child order
* @return array
*/
public function move($username, $container)
{
if (!$this->adldap->getLdapBind()) {
return false;
}
if ($username === null) {
return "Missing compulsory field [username]";
}
if ($container === null) {
return "Missing compulsory field [container]";
}
if (!is_array($container)) {
return "Container must be an array";
}
$userInfo = $this->info($username, array("*"));
$dn = $userInfo[0]['distinguishedname'][0];
$newRDn = "cn=" . $username;
$container = array_reverse($container);
$newContainer = "ou=" . implode(",ou=", $container);
$newBaseDn = strtolower($newContainer) . "," . $this->adldap->getBaseDn();
$result = @ldap_rename($this->adldap->getLdapConnection(), $dn, $newRDn, $newBaseDn, true);
if ($result !== true) {
return false;
}
return true;
}
/**
* Get the last logon time of any user as a Unix timestamp
*
* @param string $username
* @return long $unixTimestamp
*/
public function getLastLogon($username)
{
if (!$this->adldap->getLdapBind()) {
return false;
}
if ($username === null) {
return "Missing compulsory field [username]";
}
$userInfo = $this->info($username, array("lastLogonTimestamp"));
$lastLogon = adLDAPUtils::convertWindowsTimeToUnixTime($userInfo[0]['lastLogonTimestamp'][0]);
return $lastLogon;
}
/**
* Returns a list of Databases within any given storage group in Exchange for a given mail server
*
* @param string $storageGroup The full DN of an Storage Group. You can use exchange_storage_groups() to find the DN
* @param array $attributes An array of the AD attributes you wish to return
* @return array
*/
public function storageDatabases($storageGroup, $attributes = array('cn', 'distinguishedname', 'displayname'))
{
if (!$this->adldap->getLdapBind()) {
return false;
}
if ($storageGroup === NULL) {
return "Missing compulsory field [storageGroup]";
}
$filter = '(&(objectCategory=msExchPrivateMDB))';
$sr = @ldap_search($this->adldap->getLdapConnection(), $storageGroup, $filter, $attributes);
$entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
return $entries;
}
/**
* Get the groups a computer is in
*
* @param string $computerName The name of the computer
* @param bool $recursive Whether to check recursively
* @return array
*/
public function groups($computerName, $recursive = NULL)
{
if ($computerName === NULL) {
return false;
}
if ($recursive === NULL) {
$recursive = $this->adldap->getRecursiveGroups();
}
//use the default option if they haven't set it
if (!$this->adldap->getLdapBind()) {
return false;
}
//search the directory for their information
$info = @$this->info($computerName, array("memberof", "primarygroupid"));
$groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]);
//presuming the entry returned is our guy (unique usernames)
if ($recursive === true) {
foreach ($groups as $id => $groupName) {
$extraGroups = $this->adldap->group()->recursiveGroups($groupName);
$groups = array_merge($groups, $extraGroups);
}
}
return $groups;
}
/**
* Returns a folder listing for a specific OU
* See http://adldap.sourceforge.net/wiki/doku.php?id=api_folder_functions
*
* @param array $folderName An array to the OU you wish to list.
* If set to NULL will list the root, strongly recommended to set
* $recursive to false in that instance!
* @param string $dnType The type of record to list. This can be ADLDAP_FOLDER or ADLDAP_CONTAINER.
* @param bool $recursive Recursively search sub folders
* @param bool $type Specify a type of object to search for
* @return array
*/
public function listing($folderName = NULL, $dnType = adLDAP::ADLDAP_FOLDER, $recursive = NULL, $type = NULL)
{
if ($recursive === NULL) {
$recursive = $this->adldap->getRecursiveGroups();
}
//use the default option if they haven't set it
if (!$this->adldap->getLdapBind()) {
return false;
}
$filter = '(&';
if ($type !== NULL) {
switch ($type) {
case 'contact':
$filter .= '(objectClass=contact)';
break;
case 'computer':
$filter .= '(objectClass=computer)';
break;
case 'group':
$filter .= '(objectClass=group)';
break;
case 'folder':
$filter .= '(objectClass=organizationalUnit)';
break;
case 'container':
$filter .= '(objectClass=container)';
break;
case 'domain':
$filter .= '(objectClass=builtinDomain)';
break;
default:
$filter .= '(objectClass=user)';
break;
}
} else {
$filter .= '(objectClass=*)';
}
// If the folder name is null then we will search the root level of AD
// This requires us to not have an OU= part, just the base_dn
$searchOu = $this->adldap->getBaseDn();
if (is_array($folderName)) {
$ou = $dnType . "=" . implode("," . $dnType . "=", $folderName);
$filter .= '(!(distinguishedname=' . $ou . ',' . $this->adldap->getBaseDn() . ')))';
$searchOu = $ou . ',' . $this->adldap->getBaseDn();
} else {
$filter .= '(!(distinguishedname=' . $this->adldap->getBaseDn() . ')))';
}
if ($recursive === true) {
$sr = ldap_search($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname'));
$entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
if (is_array($entries)) {
return $entries;
}
} else {
$sr = ldap_list($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname'));
$entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
if (is_array($entries)) {
return $entries;
}
}
return false;
}
