46c76bcc |
1 | <?php |
2 | /** |
3 | * LDAP connection test script |
4 | * |
5 | * Script is extended version of LDAP test script from PHP LDAP extension |
6 | * manual. It does not suppress LDAP function errors. If some LDAP function |
7 | * fails, you should see PHP error messages. If function is missing, you should |
8 | * see errors too. If LDAP server returns unexpected output, you should see |
9 | * errors. |
10 | * |
11 | * Change file extension from .phps to .php, if you want to use it. Don't store |
12 | * important information (like your luggage password) on this file. |
13 | * Copyright (c) 2006 The SquirrelMail Project |
14 | * License: script is licensed under GPL. |
15 | * See http://www.opensource.org/licenses/gpl-license.php |
16 | */ |
17 | |
18 | /** Configuration variables */ |
19 | |
20 | /** |
21 | * URL of LDAP server |
22 | * |
23 | * You can use IP address, hostname or any other type of URL |
24 | * supported by your LDAP libraries. For example: you can add ldaps:// prefix |
25 | * for LDAP over SSL connection (636 port) or ldapi:// for LDAP socket |
26 | * connection. |
27 | */ |
28 | $ldap_host='localhost'; |
29 | /** |
30 | * LDAP BaseDN |
31 | * |
32 | * If you don't know it, script will try to show first available basedn when |
33 | * it reads LDAP server's base. |
34 | */ |
35 | $ldap_basedn='dc=example,dc=org'; |
36 | /** |
37 | * Controls use of LDAP v3 bind protocol |
38 | * |
39 | * PHP scripts default to v2 protocol and some LDAP servers (for example: newer |
40 | * OpenLDAP versions and ADS) don't support it. |
41 | */ |
42 | $ldap_v3bind=false; |
43 | /** |
44 | * Controls use of LDAP STARTTLS |
45 | * |
46 | * Allows to enable TLS encryption on plain text LDAP connection. |
47 | * Requires PHP 4.2.0 or newer. |
48 | */ |
49 | $ldap_starttls=false; |
50 | /** |
51 | * ADS limit scope option |
52 | * http://msdn.microsoft.com/library/en-us/ldap/ldap/ldap_server_domain_scope_oid.asp |
53 | * Might be required for some Win2k3 ADS setups. Don't enable on other servers. |
54 | * Warning: LDAP base search will fail, if option is enabled. |
55 | */ |
56 | $ldap_limit_scope=false; |
57 | /** |
58 | * BindDN used for authentication |
59 | */ |
60 | $ldap_binddn=''; |
61 | /** |
62 | * Password used for authentication |
63 | */ |
64 | $ldap_bindpw=''; |
65 | |
66 | /* end of configuration variables */ |
67 | |
68 | // modifications stop here. |
69 | |
70 | /* set error reporting options */ |
71 | ini_set('html_errors','off'); |
72 | ini_set('display_errors','on'); |
73 | error_reporting(E_ALL); |
74 | |
75 | /* set plain text header */ |
76 | header('Content-Type: text/plain'); |
77 | |
78 | /* start testing*/ |
79 | echo "LDAP query test\n\n"; |
80 | echo "Connecting ...\n"; |
81 | $ds=ldap_connect($ldap_host); // must be a valid LDAP server! |
82 | echo " connect result - "; |
83 | var_dump($ds); |
84 | echo "\n"; |
85 | |
86 | if ($ds) { |
87 | echo "\nSetting LDAP options:\n"; |
88 | if ($ldap_v3bind) { |
89 | if (ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3)) { |
90 | echo " Using LDAPv3\n"; |
91 | } else { |
92 | echo " Failed to set protocol version to 3\n"; |
93 | } |
94 | } else { |
95 | echo " Using LDAPv2 (php default)\n"; |
96 | } |
97 | |
98 | if ($ldap_starttls) { |
99 | if ($ldap_v3bind) { |
100 | if (ldap_start_tls($ds)) { |
101 | echo " Turned on TLS\n"; |
102 | } else { |
103 | echo " Unable to turn on TLS\n"; |
104 | } |
105 | } else { |
106 | echo " You must use LDAPv3 protocol with STARTTLS.\n"; |
107 | } |
108 | } else { |
109 | echo " Not using LDAP STARTTLS.\n"; |
110 | } |
111 | |
112 | if ($ldap_limit_scope) { |
113 | if ($ldap_v3bind) { |
114 | $ctrl = array ( "oid" => "1.2.840.113556.1.4.1339", "iscritical" => TRUE ); |
115 | if (ldap_set_option($ds, LDAP_OPT_SERVER_CONTROLS, array($ctrl))) { |
116 | echo " Turned on limit_scope\n"; |
117 | } else { |
118 | echo " Unable to turn on limit_scope\n"; |
119 | } |
120 | } else { |
121 | echo " You must use LDAPv3 protocol with limit_scope option.\n"; |
122 | } |
123 | } else { |
124 | echo " Not using limit_scope option.\n"; |
125 | } |
126 | |
127 | echo "\nReading LDAP base:\n"; |
128 | if ($sr = ldap_read($ds,'',"(objectclass=*)")) { |
129 | $info = ldap_get_entries($ds, $sr); |
130 | echo " namingContexts:\n"; |
131 | if (isset($info[0]['namingcontexts'])) { |
132 | for ($i=0; $i<$info[0]['namingcontexts']['count']; $i++) { |
133 | echo ' ' . $i .': ' . $info[0]['namingcontexts'][$i] . "\n"; |
134 | } |
135 | } else { |
136 | echo " unavailable\n"; |
137 | } |
138 | } else { |
139 | echo " Unable to read LDAP base.\n"; |
140 | } |
141 | echo "\n"; |
142 | |
143 | echo "Authentication:\n"; |
144 | echo " Binding"; |
145 | if ($ldap_binddn!='') { |
146 | echo " with authenticated bind ...\n"; |
147 | $r = ldap_bind($ds,$ldap_binddn,$ldap_bindpw); |
148 | } else { |
149 | echo " with anonymous bind ...\n"; |
150 | $r=ldap_bind($ds); |
151 | } |
152 | echo " Bind result - "; |
153 | var_dump($r); |
154 | echo "\n"; |
155 | |
156 | echo "\n"; |
157 | echo "Search:\n"; |
158 | echo " Searching for (mail=*) ...\n"; |
159 | // Search for mail entries |
160 | if ($sr=ldap_search($ds, $ldap_basedn, "(mail=*)")) { |
161 | |
162 | echo " Search result - "; |
163 | var_dump($sr); |
164 | echo "\n"; |
165 | |
166 | echo " Number of entries: " . ldap_count_entries($ds, $sr) . "\n"; |
167 | |
168 | echo " Getting entries ...\n"; |
169 | $info = ldap_get_entries($ds, $sr); |
170 | |
171 | echo " Data for " . $info["count"] . " items returned:\n"; |
172 | |
173 | for ($i=0; $i<$info["count"]; $i++) { |
174 | echo " dn is: " . $info[$i]["dn"] . "\n"; |
175 | if (isset($info[$i]["cn"][0])) { |
176 | echo " first cn entry is: " . $info[$i]["cn"][0] . "\n"; |
177 | } else { |
178 | echo " cn attribute is not available."; |
179 | } |
180 | echo " first email entry is: " . $info[$i]["mail"][0] . "\n------\n"; |
181 | } |
182 | } else { |
183 | echo " LDAP search failed.\n"; |
184 | } |
185 | echo "\n"; |
186 | echo "Closing connection\n"; |
187 | ldap_close($ds); |
188 | |
189 | } else { |
190 | echo "Unable to connect to LDAP server\n"; |
191 | } |
192 | ?> |