1 <?php 2 /** 3 * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY 4 * Version 4.0.4 5 * 6 * PHP Version 5 with SSL and LDAP support 7 * 8 * Written by Scott Barnett, Richard Hyland 9 * email: scott@wiggumworld.com, adldap@richardhyland.com 10 * http://adldap.sourceforge.net/ 11 * 12 * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland 13 * 14 * We'd appreciate any improvements or additions to be submitted back 15 * to benefit the entire community :) 16 * 17 * This library is free software; you can redistribute it and/or 18 * modify it under the terms of the GNU Lesser General Public 19 * License as published by the Free Software Foundation; either 20 * version 2.1 of the License. 21 * 22 * This library is distributed in the hope that it will be useful, 23 * but WITHOUT ANY WARRANTY; without even the implied warranty of 24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 25 * Lesser General Public License for more details. 26 * 27 * @category ToolsAndUtilities 28 * @package adLDAP 29 * @subpackage Folders 30 * @author Scott Barnett, Richard Hyland 31 * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland 32 * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 33 * @revision $Revision: 97 $ 34 * @version 4.0.4 35 * @link http://adldap.sourceforge.net/ 36 */ 37 require_once(dirname(__FILE__) . '/../adLDAP.php'); 38 39 /** 40 * FOLDER / OU MANAGEMENT FUNCTIONS 41 */ 42 class adLDAPFolders { 43 /** 44 * The current adLDAP connection via dependency injection 45 * 46 * @var adLDAP 47 */ 48 protected $adldap; 49 50 public function __construct(adLDAP $adldap) { 51 $this->adldap = $adldap; 52 } 53 54 /** 55 * Delete a distinguished name from Active Directory 56 * You should never need to call this yourself, just use the wrapper functions user_delete and contact_delete 57 * 58 * @param string $dn The distinguished name to delete 59 * @return bool 60 */ 61 public function delete($dn){ 62 $result = ldap_delete($this->adldap->getLdapConnection(), $dn); 63 if ($result != true) { 64 return false; 65 } 66 return true; 67 } 68 69 /** 70 * Returns a folder listing for a specific OU 71 * See http://adldap.sourceforge.net/wiki/doku.php?id=api_folder_functions 72 * 73 * @param array $folderName An array to the OU you wish to list. 74 * If set to NULL will list the root, strongly recommended to set 75 * $recursive to false in that instance! 76 * @param string $dnType The type of record to list. This can be ADLDAP_FOLDER or ADLDAP_CONTAINER. 77 * @param bool $recursive Recursively search sub folders 78 * @param bool $type Specify a type of object to search for 79 * @return array 80 */ 81 public function listing($folderName = NULL, $dnType = adLDAP::ADLDAP_FOLDER, $recursive = NULL, $type = NULL) 82 { 83 if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it 84 if (!$this->adldap->getLdapBind()) { return false; } 85 86 $filter = '(&'; 87 if ($type !== NULL) { 88 switch ($type) { 89 case 'contact': 90 $filter .= '(objectClass=contact)'; 91 break; 92 case 'computer': 93 $filter .= '(objectClass=computer)'; 94 break; 95 case 'group': 96 $filter .= '(objectClass=group)'; 97 break; 98 case 'folder': 99 $filter .= '(objectClass=organizationalUnit)'; 100 break; 101 case 'container': 102 $filter .= '(objectClass=container)'; 103 break; 104 case 'domain': 105 $filter .= '(objectClass=builtinDomain)'; 106 break; 107 default: 108 $filter .= '(objectClass=user)'; 109 break; 110 } 111 } 112 else { 113 $filter .= '(objectClass=*)'; 114 } 115 // If the folder name is null then we will search the root level of AD 116 // This requires us to not have an OU= part, just the base_dn 117 $searchOu = $this->adldap->getBaseDn(); 118 if (is_array($folderName)) { 119 $ou = $dnType . "=" . implode("," . $dnType . "=", $folderName); 120 $filter .= '(!(distinguishedname=' . $ou . ',' . $this->adldap->getBaseDn() . ')))'; 121 $searchOu = $ou . ',' . $this->adldap->getBaseDn(); 122 } 123 else { 124 $filter .= '(!(distinguishedname=' . $this->adldap->getBaseDn() . ')))'; 125 } 126 127 if ($recursive === true) { 128 $sr = ldap_search($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname')); 129 $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); 130 if (is_array($entries)) { 131 return $entries; 132 } 133 } 134 else { 135 $sr = ldap_list($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname')); 136 $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); 137 if (is_array($entries)) { 138 return $entries; 139 } 140 } 141 142 return false; 143 } 144 145 /** 146 * Create an organizational unit 147 * 148 * @param array $attributes Default attributes of the ou 149 * @return bool 150 */ 151 public function create($attributes) 152 { 153 if (!is_array($attributes)){ return "Attributes must be an array"; } 154 if (!is_array($attributes["container"])) { return "Container attribute must be an array."; } 155 if (!array_key_exists("ou_name",$attributes)) { return "Missing compulsory field [ou_name]"; } 156 if (!array_key_exists("container",$attributes)) { return "Missing compulsory field [container]"; } 157 158 $attributes["container"] = array_reverse($attributes["container"]); 159 160 $add=array(); 161 $add["objectClass"] = "organizationalUnit"; 162 $add["OU"] = $attributes['ou_name']; 163 $containers = ""; 164 if (count($attributes['container']) > 0) { 165 $containers = "OU=" . implode(",OU=", $attributes["container"]) . ","; 166 } 167 168 $containers = "OU=" . implode(",OU=", $attributes["container"]); 169 $result = ldap_add($this->adldap->getLdapConnection(), "OU=" . $add["OU"] . ", " . $containers . $this->adldap->getBaseDn(), $add); 170 if ($result != true) { 171 return false; 172 } 173 174 return true; 175 } 176 177 } 178 179 ?>