Using PHP to edit LDAP

Using the PHP LDAP calls

Before you can use the LDAP calls you will need to know :
- The name or address of the directory server you will use
- The "base dn" of the server (the part of the world directly that is held on this server, which could be "o=My Company, c=US")
- Whether you need a password to access the server (many severs will provide read access for an "anonymous bind" but require a password for anything else)
-----

The typical sequence of LDAP calls you will make in an application will follow this pattern:
---
ldap_connect() // establish connection to server
|
ldap_bind() // anonymous or authenticated "login"
|
do something like search or update the directory and display the results
|
ldap_close() // "logout"
---

Using the PHP LDAP ldap_connect
---
// LDAP Variables
$ldaphost = "ldap.example.com"; // your ldap servers
$ldapport = 389; // your ldap server's port number

// Connecting to LDAP
$ldapconn = ldap_connect ($ldaphost, $ldapport)
or die("Could not connect to $ldaphost");

?>
---

Using the PHP LDAP ldap_bind
---
// Using ldap bind
$ldaprdn = "username"; //ldap rdn or dn
$ldappass = "password"; //associated password

// connect to ldap server
$ldapconn = ldap_connect("ldap.example.com")
or die("Could not connect to LDAP server.");

if ($ldapconn) {

//binding to ldap server
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);

// verify binding
if ($ldapbind) {
echo "LDAP bind successful ...";
} else {
echo "LDAP bind failed ...";
}

}
?>
---

Using The PHP LDAP ldap_modify
---
$newinfo[attribute name]="value";
ldap_modify($ldapconn,"dn name",$newinfo);
---


Problem records
---
Q1. "Fatal error: Call to undefined function ldap_connect() ..."
A1. Edit php.ini (directory = C:/windows/php.ini) and ignore ";" on this line ";extension=php_ldap". And copy these two files "libeay32.dll" & "ssleay32.dll" from php folder to "WINDOWS/SYSTEM or SYSTEM32. Remember to disable firewall. Finally restart apache service.

Q2. Error Message : "Warning: ldap_mod_add() [function.ldap-mod-add]: Modify: Object class violation in C:\AppServ\www\addattribute.php on line 32"
A2. Because when you add a new objectClass and this objectClass include some "MUST" attributes. So when you add this new objectClass, you should add its "MUST" attribute together.

Q3.
A3.
---

Related Infomation
---
1. http://www.samba.org/samba/docs/man/Samba-Developers-Guide/pwencrypt.html
2. http://www.linuxtopia.org/online_books/network_administration_guides/samba_reference_guide/18_passdb_23.html
3. http://www.php.net/manual/en/function.ldap-bind.php
4. http://php.freehostingguru.com/function.php-ldap_add.php
---