FreeDSx LDAP is a pure PHP LDAP library. It has no requirement on the core PHP LDAP extension. This library currently implements most client functionality described in RFC 4511 and some very limited LDAP server functionality. It also implements some other client features from various RFCs:
- Paging Control Support (RFC 2696)
- VLV Control Support (draft-ietf-ldapext-ldapv3-vlv-09)
- Server Side Sort Control (RFC 2891)
- Password Modify Request (RFC 3062)
- String Representation of Search Filters (RFC 4515)
- SASL authentication / integrity layer support for certain mechanisms (RFC 4513)
It supports encryption of the LDAP connection through TLS via the OpenSSL extension if available.
Install via composer:
composer require freedsx/ldap
Use the LdapClient class and the helper classes:
use FreeDSx\Ldap\LdapClient;
use FreeDSx\Ldap\Operations;
use FreeDSx\Ldap\Search\Filters;
$ldap = new LdapClient([
# Servers are tried in order until one connects
'servers' => ['dc1', 'dc2'],
# The base_dn is used as the default for searches
'base_dn' => 'dc=example,dc=local'
]);
# Encrypt the connection prior to binding
$ldap->startTls();
# Bind to LDAP with a specific user.
$ldap->bind('[email protected]', '12345');
# Build up a LDAP filter using the helper methods
$filter = Filters::and(
Filters::equal('objectClass', 'user'),
Filters::startsWith('cn', 'S'),
# Add a filter object based off a raw string filter...
Filters::raw('(telephoneNumber=*)')
);
# Create a search operation to be used based on the above filter
$search = Operations::search($filter, 'cn');
# Create a paged search, 100 results at a time
$paging = $ldap->paging($search, 100);
while ($paging->hasEntries()) {
$entries = $paging->getEntries();
var_dump(count($entries));
foreach ($entries as $entry) {
echo "Entry: ".$entry->getDn().PHP_EOL;
}
}
use FreeDSx\Ldap\Entry\Entry;
use FreeDSx\Ldap\Exception\OperationException;
# Create a new LDAP entry object
$entry = (new Entry('cn=foo,dc=domain,dc=local'))
->set('objectClass','top', 'group')
->set('sAMAccountName', 'foo');
# Create the entry with the LDAP client
try {
$ldap->create($entry);
} catch (OperationException $e) {
echo sprintf('Error adding entry (%s): %s', $e->getCode(), $e->getMessage()).PHP_EOL;
}
# Use the read() method of the LDAP client to search for a specific entry.
# Optionally pass an array of attributes to select as the second argument.
$entry = $ldap->read('cn=foo,dc=domain,dc=local');
# Entry will be null if it doesn't exist
if ($entry) {
echo $entry.PHP_EOL;
var_dump($entry->toArray());
}
use FreeDSx\Ldap\Exception\OperationException;
# Search for an entry object to get its current attributes / values
$entry = $ldap->read('cn=foo,dc=domain,dc=local');
# Add a value to an attribute
if (!$entry->get('telephoneNumber')) {
$entry->add('telephoneNumber', '555-5555');
}
# Remove any values an attribute may have
if ($entry->has('title')) {
$entry->reset('title');
}
# Delete a specific value for an attribute
if ($entry->get('ipPhone')->has('12345')) {
$entry->delete('ipPhone', '12345');
}
# Set a value for an attribute. This replaces any value it may, or may not, have.
$entry->set('description', 'Employee');
# Send the built up changes back to LDAP to update the entry via the LDAP client update method.
try {
$ldap->update($entry);
} catch (OperationException $e) {
echo sprintf('Error modifying entry (%s): %s', $e->getCode(), $e->getMessage()).PHP_EOL;;
}
use FreeDSx\Ldap\Exception\OperationException;
# Search for the entry object to delete
$entry = $ldap->read('cn=foo,dc=domain,dc=local');
# Pass the entry object to the delete method of the LDAP client if it was found.
# You could also pass a DN object or a simple DN as a string.
if ($entry) {
try {
$ldap->delete($entry);
} catch (OperationException $e) {
echo sprintf('Error deleting entry (%s): %s', $e->getCode(), $e->getMessage()).PHP_EOL;;
}
}