Should this should
be a DN (Distinguished Name)? We don't have to provide the username as a DN
because our settings include users_dn.
The value of this is cn=[username],dc=example,dc=org. When we bind to LDAP,
we automatically use this string, substituting [username] with the bound username.
If we don't want to use this, when we connect, we can supply the full user DN and
pass a third parameter. When this third parameter is true, no substitution based on
the users_dn setting occurs:
if (!$client->bind('cn=Manager,dc=example,dc=org', 'secret', true))
{
// bind failed, handle it!
}
Once we have successfully bound to the server we can start looking for LDAP
objects. To do this we need to use the search() method. This method searches the
base DN and all OUs (Organization Units) within it. When we perform a search we
must define one or more filters.
The filter syntax is defined by RFC 2254. For more information please
visit: http://www.ietf.org/rfc/rfc2254.txt?number=2254.
Chapter 10
[ 293 ]
We are looking specifically for Person objects.
Pages:
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402