PHP LDAP获取作为组成员的成员的用户详细信息

Question

我正在尝试创建一个PHP脚本，它将返回属于Active Directory中特定组的一部分的每个成员的一些详细信息。

我没有任何问题连接并显示组成员的姓名（CN），但是当涉及显示诸如电话，电子邮件和用户名等详细信息时，我被卡住了。

这是我正在尝试的代码。任何人都可以看到我做错了什么？

<?php 
$ldap_server = "AD_Server.domain.pri:389"; 
$auth_user = "user@domain.pri"; 
$auth_pass = "password"; 

$base_dn = "OU=IM Groups,OU=GLOBAL,DC=domain,DC=pri"; 
$filter = "(&(objectCategory=user)(memberOf=IM-ALL_USERS))"; 

// connect to server 
if (!($connect=@ldap_connect($ldap_server))) { 
    die("Could not connect to ldap server"); 
} 

// bind to server 
if (!($bind = ldap_bind($connect, $auth_user, $auth_pass))) { 
    die("Unable to bind to server"); 
} 

// search active directory 
if (!($search = ldap_search($connect, $base_dn, $filter))) { 
    die("Unable to search ldap server"); 
} 

$number_returned = ldap_count_entries($connect,$search); 
$info = ldap_get_entries($connect, $search); 

echo "The number of entries returned is ". $number_returned."<p>"; 

for ($i=0; $i<$info["count"]; $i++) { 
    echo "Name is: ". $info[$i]["givenname"][0]."<br>"; 
    echo "Display name is: ". $info[$i]["displayname"][0]."<br>"; 
    echo "Email is: ". $info[$i]["mail"][0]."<br>"; 
    echo "Telephone number is: ". $info[$i]["telephonenumber"][0]."<p>"; 
} 
?> 

Answer 1

工作了使用由Sam J Levy创建的优良功能。

下面是最终的工作代码。

<?php 

function explode_dn($dn, $with_attributes=0) 
{ 
    $result = ldap_explode_dn($dn, $with_attributes); 
    foreach($result as $key => $value) $result[$key] = preg_replace("/\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", $value); 
    return $result; 
} 

function get_members($group,$user,$password) { 
    $ldap_host = "LDAPSERVER"; 
    $ldap_dn = "OU=some_group,OU=some_group,DC=company,DC=com"; 
    $base_dn = "DC=company,DC=com"; 
    $ldap_usr_dom = "@company.com"; 
    $ldap = ldap_connect($ldap_host); 

    ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION,3); 
    ldap_set_option($ldap, LDAP_OPT_REFERRALS,0); 

    ldap_bind($ldap, $user . $ldap_usr_dom, $password); 
    $results = ldap_search($ldap,$ldap_dn, "cn=" . $group); 
    $member_list = ldap_get_entries($ldap, $results); 

    $dirty = 0; 
    $group_member_details = array(); 

    foreach($member_list[0]['member'] as $member) { 
     if($dirty == 0) { 
      $dirty = 1; 
     } else { 
      $member_dn = explode_dn($member); 
      $member_cn = str_replace("CN=","",$member_dn[0]); 
      $member_search = ldap_search($ldap, $base_dn, "(CN=" . $member_cn . ")"); 
      $member_details = ldap_get_entries($ldap, $member_search); 
      $group_member_details[] = array($member_details[0]['givenname'][0],$member_details[0]['sn'][0],$member_details[0]['telephonenumber'][0],$member_details[0]['othertelephone'][0]); 
     } 
    } 
    ldap_close($ldap); 
    return $group_member_details; 
} 

// Specify the group from where to get members and a username and password with rights to query it 
$result = get_members("groupname","username","password"); 

// The following will create an XML file with the details from $group_member_details 
$xml = simplexml_load_string("<?xml version='1.0'?>\n<AddressBook></AddressBook>"); 
$version = $xml->addChild('version', '1'); 

foreach($result as $e) { 
    $contact = $xml->addChild('Contact'); 
    $contact->addChild('FirstName', $e[0]); 
    $contact->addChild('LastName', $e[1]); 
    $phone = $contact->addChild('Phone'); 
    if ($e[3] == '') { 
       $phone->addChild('phonenumber', '0'); 
     } else { 
       $phone->addChild('phonenumber', $e[3]); 
     } 
    $phone->addChild('accountindex', '0'); 
    $phone = $contact->addChild('Phone'); 
    if ($e[2] == '') { 
     $phone->addChild('phonenumber', '0'); 
    } else { 
     $phone->addChild('phonenumber', $e[2]); 
    } 
    $phone->addChild('accountindex', '1'); 
    $contact->addChild('Group', '0'); 
    $contact->addChild('PhotoUrl', 'empty'); 
} 

$xml->asXML('phonebook.xml'); 

?>