CS 161 - Introduction to Programming with PHP
LDAP
- Lightweight Directory Access Protocol
- Standard methods to maintain and search a directory database
- Used locally for e-mail, UNIX accounts, staff directory, others
- Authentication not required to access the database
Specifics of our directory
- Base DN for accounts: ou=People,dc=comfsm,dc=fm
- Login is in uid
Basic search using command-line tool:
ldapsearch -x -b 'ou=People,dc=comfsm,dc=fm' '(uid=peterp)'
- -x indicates that the connection to the database shouldn't use SSL
- -b DN specifies where in the LDAP hierarchy the search should start
- the rest is the query itself (the search filter), always enclosed in parenthesis
The search can be fairly complex. A good tutorial on search filters helps.
The PHP interface
$li=ldap_connect('shark.palikir');
ldap_set_option($li, LDAP_OPT_PROTOCOL_VERSION, 3);
$okay=ldap_bind($li); // Anonymous bind
if ($okay) {
//
// Your code goes here
//
}
ldap_unbind($li);
After that, use ldap_search or ldap_list.
Results are returned through a result_identifier that is used to iterate through the matching records (with ldap_first_entry and ldap_next_entry) or to retrieve the entire set of matches (with ldap_get_entries).
Assignment #6 Due: Friday 29 October
Group Assignment
Develop the PHP code and HTML for an LDAP search that displays all members of a specific campus and department. The code should be clearly and easily configurable for department and campus.