Using Adldap2

Robert AndresenUncategorized 6 Comments

I have been using Adldap v4.x at my work for a while now. After installing a test-server with PHP7, I found that the Adldap needed to be updated. I started with Adldap 5.x, but in the middle of the testing, it looked like the Adldap-project wasn’t maintained anymore. So I had to jump over to Adldap2, which wasn’t as straight forward from using Adldap v4.

Adldap2 has some great technical documentation of the basic structure and simple usage, but at this moment you have to dive into the source-code to use the most basic operations with your AD. I have collected some snippets here, for the most common needs.

 

Get user

$user = $this->provider->search()->find($username);

 

Create user

$user = $this->provider->make()->user();

$user->setCommonName($displayname);
$user->setDisplayName($displayname);
$user->setLastName($firstname);
$user->setInitials($initials);
$user->setTitle($title);
$user->setDepartment($department);
$user->setInfo($info);
$user->setPhysicalDeliveryOfficeName($office);
$user->setTelephoneNumber($phone);
$user->setCompany($company);
$user->setPassword($password);
$user->setStreetAddress($street_address);
$user->setPostalCode($zip);
$user->setAccountName($username);
$user->setUserPrincipalName($username.'@my.domain.com');
$user->setName($name);
$user->setDescription($description);
$user->setAttribute('mobile', $mobile);

$ou => array(
   'dc' => array('my','domain','com'),
   'ou' => array('START','Subfolder1','Subfolder2','Customer users','Test users')
),

// Build DN (OU-path)
$ou = array_reverse($ou['ou']); // Reverse the ou path. Depends on the your input.

$dn = $user->getDnBuilder();
$dn->addCn($user->getCommonName());

foreach ($ou as $key => $value) {
   $dn->addOu($value);
}

/*
// Depends on version. Base DN in config will be used.
foreach ($ou['dc'] as $key => $value) {
   $dn->addDc($value);
}
*/


// Print DN path (Both works the same way)
// Do this if user create fails, to check if path is correct
// echo $dn->get().'<br />';
// echo $dn.'<br />'; // The DistinguishedName object also contains the __toString() magic method

$user->setDn($dn);


// Create the user
if ($user->create()) {

   // Enable user
   $ac= new \Adldap\Objects\AccountControl();
   $ac->accountIsNormal();
   $user->setUserAccountControl($ac);
   $result = $user->save(); // Save the user-enable

   echo "User was created";
} else {
   echo "Usj, something wrong happend";
}

 

Update user

Check «Create user». Set attributes the same way. You can also wrap a if-statement around $user-save() to check if the user is saved or not.

$user = $this->provider->search()->find($username);
$user->setTelephoneNumber('12345678');
$user->setDescription('This is a new description');
$user->save();

 

Disable user

$user = $this->provider->search()->find($username);

$ac= new \Adldap\Objects\AccountControl();
$ac->accountIsDisabled();
$user->setUserAccountControl($ac);
$result = $user->save(); // Save the user-enable

if ($result) echo "User is disabled";
else echo "Usj, something wrong happend";

 

Enable user

$user = $this->provider->search()->find($username);

$ac= new \Adldap\Objects\AccountControl();
$ac->accountIsNormal();
$user->setUserAccountControl($ac);
$result = $user->save(); // Save the user-enable

if ($result) echo "User is disabled";
else echo "Usj, something wrong happend";

 

Change user password

$user = $this->provider->search()->find($username);
$user->setPassword($new_password);

if ($user->update()) {
   echo "Password was updated";
} else {
   echo "Usj, Something wrong happend";
}

 

 

Get group members

There is a function to get member names in Adldap2, but as I use usernames as the uniq key, and not CN, I needed to fetch this info and build my own array.

$users = array();

$group = $record = $this->provider->search()->groups()->find($groupname); // Get groupobject
$group_members = $group->getMembers(); // Get members

// Loop member, user-objects
foreach ($group_members as $key => $value) {
   $users[] = array(
     'cn' => $value->cn[0],
     'username' => $value->samaccountname[0]
   );
}

print_r($users);

 

Add user to group

$group = $record = $this->provider->search()->groups()->find($groupname); // Get groupobject
$user = $this->provider->search()->find($username);

$result = $group->addMember($user);

To remove member, change: $result = $group->addMember($user);   to   $result = $group->removeMember($user);

 

 

I will try to update this article along the way…