Maison >développement back-end >tutoriel php >ldap_search() [function.ldap-search]: Search: Operatio_n_s error [

ldap_search() [function.ldap-search]: Search: Operatio_n_s error [

WBOY
WBOYoriginal
2016-06-23 14:27:461170parcourir

LDAP AD网域验证...

我采用普通的模式都可以,包括查询用户..
但是今天写一个类,报 ldap_search() [function.ldap-search]: Search: Operatio_n_s error 

类的代码如下

$ldapDN,这个是正确的...
 ldapBind() 也是可以验证用户名跟密码...
但是查询此用户的详细信息会报错, 网上都提示是因为AD域不支持匿名,但是我加上验证在search...也还报错...

不用类的时候,ldap_bind()后, 是可以的...看后面一段代码

class userldap {    private $ldapHost; //AD服务器地址    private $ldapPort; //AD服务器端口    private $ldapDomin; //AD网域    private $ldapDN = "OU=Users,OU=xxx,OU=abc,DC=adv,DC=ccc,DC=com"; //用户列表位置    private $userName;    private $passWord;    public function __construct($ldapDomin, $ldapHost, $ldapPort, $userName, $passWord) {        $this->ldapDomin = $ldapDomin;        $this->ldapHost = $ldapHost;        $this->ldapPort = $ldapPort;        $this->userName = $userName;        $this->passWord = $passWord;    }    private function ldapConnect() {        if (!$this->ldapConn = ldap_connect($this->ldapHost, $this->ldapPort)) {            $this->showerror = ldap_error($this->ldapConn);        } else {            $this->ldapConn = ldap_connect($this->ldapHost, $this->ldapPort);        }        return $this->ldapConn;    }    public function ldapBind() {        if (@ldap_bind($this->ldapConnect(), $this->ldapDomin . '\\' . $this->userName, $this->passWord)) {            ldap_bind($this->ldapConnect(), $this->ldapDomin . '\\' . $this->userName, $this->passWord);            return TRUE;        } else {            return FALSE;        }    }    public function getUserinfo() {        if ($this->ldapBind()) {            ldap_bind($this->ldapConnect(), $this->ldapDomin . '\\' . $this->userName, $this->passWord);            $this->adResult = ldap_search($this->ldapConnect(), $this->ldapDN, "(sAMAccountName=$this->userName)");            $this->userInfo = ldap_get_entries($this->ldapConnect(), $this->adResult); //获得查询结果        } else {            $this->userInfo = "NA";        }        return $this->userInfo;    }}



 if (!$ldap_conn = ldap_connect($ldap_host, $ldap_port)) {        $tip = "LADP HOST" . $ldap_host . " CANNOT CONNECT";    } else {        if (@ldap_bind($ldap_conn, $doMain . '\\' . $userName, $passWord)) {            $query = $db->select("bp_user", "userFullname", "where userNT='$userName'");            if ($row = $db->fetch_array($query)) {                $_SESSION['userName'] = $row['0'];                $_SESSION['passWord'] = $passwordDb;                $db->update("bp_user", "userPassword = '$passwordDb', userLogin=userLogin+1, userLoginip=INET_ATON('$lastip'),userUpdate='$nowtime'", "where userNT='$userName'");                ldap_unbind($ldap_conn) or die("Can't unbind from LDAP server.");                $msg = "USERNAME <font color=red>" . $row[0] . "</font> Login In OK";                unset($query);                unset($row);                Get_admin_msg($lastUrl, $msg, 'main');            } else {                $base_dn =  "OU=Users,OU=xxx,OU=abc,DC=adv,DC=ccc,DC=com";;                $filter_col = "sAMAccountName"; //定义用于查询的列                $filter_val = $userName; //定义用于匹配的值                $result = ldap_search($ldap_conn, $base_dn, "($filter_col=$filter_val)"); //执行查询                $entry = ldap_get_entries($ldap_conn, $result); //获得查询结果                $userFullname = strtoupper($entry[0]['cn'][0]);                $userEmail = $entry[0]['mail'][0];                $userDept = $entry[0]['department'][0];                $userCustomer = $entry[0]['roomnumber'][0];                $entry = NULL;                $result = NULL;                ldap_unbind($ldap_conn) or die("Can't unbind from LDAP server.");                $query = NULL;                $row = NULL;}


回复讨论(解决方案)

那你就看看用类之后,参数是不是正确传递了,就是参数对不对

参数都是一样的....
所以很奇怪...

问题解决掉咯...
还是那个认证的问题...

我不知道是不是可以说成是线程的问题...
调用ldap_search之前必须要满足链接到ldap server并且通过ldap_bind的认证...

而在function里面,ldap_bind后,再进行Ldap_search的时候,再一次链接ldap server,生成的resource ID不一样...并且这个resouce ID没有进行ldap_bind认证...

所以修改的办法就是
调用getUserinfo的这个function的时候,需要再次重新链接ldap服务器并通过认证再获取用户信息,这样就不会报错...

Déclaration:
Le contenu de cet article est volontairement contribué par les internautes et les droits d'auteur appartiennent à l'auteur original. Ce site n'assume aucune responsabilité légale correspondante. Si vous trouvez un contenu suspecté de plagiat ou de contrefaçon, veuillez contacter admin@php.cn