Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
T
T
Timofey Yatsenko2013-05-07 17:19:25
PHP
Timofey Yatsenko, 2013-05-07 17:19:25

Active Directory LDAP understand how directory searches work?

In general, I encountered the following problem (misunderstanding):
When I need to select all users from AD, I write something like this:

$ldap = Yii::app()->ldap->getLdapConnection();
        $base_dn = 'DC=example,DC=org';
       
        $sr = ldap_search($ldap, $base_dn, '(&(objectClass=user))', array("samaccountname","displayname"));
        $info = ldap_get_entries($ldap, $sr);

And I'm getting results. Please note that the AD root is located in $base_dn, although the users themselves do not lie at the root, but are located in CN=Users
Now I have to select all Subnets from AD and if I specify the root as BaseDn (DC=example,DC=org ), I get 0 results. If you specify the path in full (CN=Subnets,CN=Sites,CN=Configuration,DC=example,DC=org), then it starts working.
$ldap = Yii::app()->ldap->getLdapConnection();
        $base_dn = 'CN=Subnets,CN=Sites,CN=Configuration,DC=example,DC=org';
       
        $sr = ldap_search($ldap, $base_dn, '(&(objectClass=subnet))', array('siteObject', 'cn'));
        $info = ldap_get_entries($ldap, $sr);

Tell me, maybe I missed something? Why, in the case of users, does it select all of them when specifying the root, and for subnets, you have to specify the full path?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
S
Slipeer, 2013-05-08
@thekip

First : in the search parameters, you omit one parameter - the search area (scope). The default search scope is usually a subtree (SubTree) for a given basedn.
Secondly : it should be understood that in your AD directory there are initially (in a typical configuration) 5 partitions . And so search works only within one section.
In this case, "DC=example,DC=org" is the root of the domain section, and "CN=Configuration,DC=example,DC=org" is the root of the configuration section. Therefore, when searching with basedn = "DC=example,DC=org" and scope = SubTree, you will not get objects from the CN=Configuration,DC=example,DC=org" branch - they are located in a different section of the directory.
PS In your particular case, you should use the fact that "CN=Subnets,CN=Sites,CN=Configuration" is a constant component of the path and just add it to the basedn of the domain when searching for subnets.

Report
R
Ruslan Banochkin, 2013-05-08
@Sk8er

I'm sorry, but the eye hurts terribly. There is no word " Generally ".

Similar questions
B
bio2015-03-31 04:08:43
How to make a soap xml parser? 2Reply
S
sinout2017-04-05 02:08:24
Does it make sense to use Immutable along with React? 4Reply
I
ITpie2021-03-25 20:16:06
How to make docker to test python code with certain libraries? 3Reply
E
Evgeny Yakushov2019-10-09 19:41:27
How to download a dynamically generated file and make the location of this page? 3Reply
L
leviathan2017-05-10 17:06:01
How to display a specific widget in wordpress? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question