/** * Return a list of all contacts * * @param bool $includeDescription Include a description of a contact * @param string $search The search parameters * @param bool $sorted Whether to sort the results * @return array|bool */ public function all($includeDescription = false, $search = "*", $sorted = true) { if (!$this->adldap->getLdapBind()) { return false; } // Perform the search and grab all their details $filter = "(&(objectClass=contact)(cn=" . $search . "))"; $fields = array("displayname", "distinguishedname"); $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); $usersArray = array(); for ($i = 0; $i < $entries["count"]; $i++) { if ($includeDescription && strlen($entries[$i]["displayname"][0]) > 0) { $usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["displayname"][0]; } elseif ($includeDescription) { $usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["distinguishedname"][0]; } else { array_push($usersArray, $entries[$i]["distinguishedname"][0]); } } if ($sorted) { asort($usersArray); } return $usersArray; }
/** * Move a user account to a different OU * * @param string $username The username to move (please be careful here!) * @param array $container The container or containers to move the user to (please be careful here!). * accepts containers in 1. parent 2. child order * @return array */ public function move($username, $container) { if (!$this->adldap->getLdapBind()) { return false; } if ($username === null) { return "Missing compulsory field [username]"; } if ($container === null) { return "Missing compulsory field [container]"; } if (!is_array($container)) { return "Container must be an array"; } $userInfo = $this->info($username, array("*")); $dn = $userInfo[0]['distinguishedname'][0]; $newRDn = "cn=" . $username; $container = array_reverse($container); $newContainer = "ou=" . implode(",ou=", $container); $newBaseDn = strtolower($newContainer) . "," . $this->adldap->getBaseDn(); $result = @ldap_rename($this->adldap->getLdapConnection(), $dn, $newRDn, $newBaseDn, true); if ($result !== true) { return false; } return true; }
/** * Get information about a specific computer. Returned in a raw array format from AD * * @param string $computerName The name of the computer * @param null $fields Attributes to return * @return array|bool */ public function info($computerName, $fields = NULL) { if ($computerName === NULL) { return false; } if (!$this->adldap->getLdapBind()) { return false; } $filter = "(&(objectClass=computer)(cn=" . $computerName . "))"; if ($fields === NULL) { $fields = array("memberof", "cn", "displayname", "dnshostname", "distinguishedname", "objectcategory", "operatingsystem", "operatingsystemservicepack", "operatingsystemversion"); } $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); return $entries; }
/** * Create an organizational unit * * @param array $attributes Default attributes of the ou * @return bool */ public function create($attributes) { if (!is_array($attributes)) { return "Attributes must be an array"; } if (!is_array($attributes["container"])) { return "Container attribute must be an array."; } if (!array_key_exists("ou_name", $attributes)) { return "Missing compulsory field [ou_name]"; } if (!array_key_exists("container", $attributes)) { return "Missing compulsory field [container]"; } $attributes["container"] = array_reverse($attributes["container"]); $add = array(); $add["objectClass"] = "organizationalUnit"; $add["OU"] = $attributes['ou_name']; $containers = ""; if (count($attributes['container']) > 0) { $containers = "OU=" . implode(",OU=", $attributes["container"]) . ","; } $containers = "OU=" . implode(",OU=", $attributes["container"]); $result = ldap_add($this->adldap->getLdapConnection(), "OU=" . $add["OU"] . ", " . $containers . $this->adldap->getBaseDn(), $add); if ($result != true) { return false; } return true; }
/** * Returns a list of Databases within any given storage group in Exchange for a given mail server * * @param string $storageGroup The full DN of an Storage Group. You can use exchange_storage_groups() to find the DN * @param array $attributes An array of the AD attributes you wish to return * @return array */ public function storageDatabases($storageGroup, $attributes = array('cn', 'distinguishedname', 'displayname')) { if (!$this->adldap->getLdapBind()) { return false; } if ($storageGroup === NULL) { return "Missing compulsory field [storageGroup]"; } $filter = '(&(objectCategory=msExchPrivateMDB))'; $sr = @ldap_search($this->adldap->getLdapConnection(), $storageGroup, $filter, $attributes); $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); return $entries; }
/** * Coping with AD not returning the primary group * http://support.microsoft.com/?kbid=321360 * * For some reason it's not possible to search on primarygrouptoken=XXX * If someone can show otherwise, I'd like to know about it :) * this way is resource intensive and generally a pain in the @#%^ * * @deprecated deprecated since version 3.1, see get get_primary_group * @param string $gid Group ID * @return bool|string */ public function cn($gid) { if ($gid === NULL) { return false; } $r = ''; $filter = "(&(objectCategory=group)(samaccounttype=" . adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP . "))"; $fields = array("primarygrouptoken", "samaccountname", "distinguishedname"); $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); for ($i = 0; $i < $entries["count"]; $i++) { if ($entries[$i]["primarygrouptoken"][0] == $gid) { $r = $entries[$i]["distinguishedname"][0]; $i = $entries["count"]; } } return $r; }
/** * Finds GUID by DN * * @param adLDAP $adLdap * @param string $dn * @return null */ protected function findManagerGUID(adLDAP $adLdap, $dn = '') { if (!empty($dn)) { $filter = '(' . '&(objectClass=user)' . '(samaccounttype=' . adLDAP::ADLDAP_NORMAL_ACCOUNT . ')' . '(objectCategory=person)(distinguishedname=' . $dn . ')' . ')'; $sr = ldap_search($adLdap->getLdapConnection(), $adLdap->getBaseDn(), $filter, ['objectGUID']); $entries = ldap_get_entries($adLdap->getLdapConnection(), $sr); if (isset($entries['count']) && $entries['count'] > 0) { return $adLdap->utilities()->decodeGuid($entries[0]['objectguid'][0]); } } return null; }