/** * Query the LDAP directory with the given filter. * * @param string $filter The string to filter by, e.g. (objectClass=user) * @param null|string $baseDn The DN to search from. Default is the baseDn option in the connection if not given * @param int $scope The scope to perform the search. Zend_Ldap::SEARCH_SCOPE_ONE, Zend_LDAP::SEARCH_SCOPE_BASE. Default is Zend_Ldap::SEARCH_SCOPE_SUB * @param array $attributes Restrict to specific AD attributes. An empty array will return all attributes * @param string $sort Sort results by this attribute if given * @return array */ protected function search($filter, $baseDn = null, $scope = Zend\Ldap\Ldap::SEARCH_SCOPE_SUB, $attributes = array(), $sort = '') { $records = $this->ldap->search($filter, $baseDn, $scope, $attributes, $sort); $results = array(); foreach ($records as $record) { foreach ($record as $attribute => $value) { // if the value is an array with a single value, e.g. 'samaccountname' => array(0 => 'myusername') // then make sure it's just set in the results as 'samaccountname' => 'myusername' so that it // can be used directly by ArrayData if (is_array($value) && count($value) == 1) { $value = $value[0]; } // ObjectGUID and ObjectSID attributes are in binary, we need to convert those to strings if ($attribute == 'objectguid') { $value = LDAPUtil::bin_to_str_guid($value); } if ($attribute == 'objectsid') { $value = LDAPUtil::bin_to_str_sid($value); } $record[$attribute] = $value; } $results[] = $record; } return $results; }