list groups from user with ldap

Question

I'm really new to LDAP and just got a connection between my php server and my ad server. I've succefully been able to authenticate users. Now I want to list all groups the users are in to see if he's an admin or not (or there might be another way?).

I have this so far:

    $ldap = ldap_connect("192.168.1.108");
    if ($ldap && $bind = @ldap_bind($ldap, $name."@redward.org", $pw)) {
        // ldap_search and ldap_get_entries here i guess, but how?
    }

I've tried with ldap_search by reading the manual at php.net but I couldn't get it to work at all. Can somebody show me how to get it to work?

Answer 1

You may want to check out the ldap_get_entries function. Below is maybe some code that can help you out that I used to scan memberships. member may be something different on your config so I suggest printing the entire $data array if you get errors. Hopefully a starting point for you.

// Users
$query = ldap_search($ldap, "cn=Users, dc=test, dc=local", "cn=*");
// Read all results from search
$data = ldap_get_entries($ldap, $query);

// Loop over 
for ($i=0; $i < $data['count']; $i++) {
    print_r($data[$i]['member']);
    echo "\n\n";    
}

Answer 2

I got it working with this post: http://www.php.net/manual/en/ref.ldap.php#99347 Thanks anyway Aaron.