Exemple de code PHP

function authenticate($login,$passwd) {
	$ds=ldap_connect("localhost");
	$dn="uid=".$login.",ou=users,dc=univ-lehavre,dc=fr";
	ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
	$r=@ldap_bind($ds,$dn,$passwd);
	return $r ;
}
$res = authenticate("garfield","azerty");
echo $res ;
//disconnect
function disconnectLdap($ds) {
    return ldap_unbind($ds) ;
}
//del user
function delUser($dn) {
	//authentification
        $ds=ldap_connect("localhost");
        ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
        $r=@ldap_bind($ds,"cn=admin,dc=univ-lehavre,dc=fr","azerty");
	$res=ldap_delete($ds,$dn);
	ldap_close($ds);
	return $res ;
}
function addGroup() {
        //authentification
        $ds=ldap_connect("localhost");
        ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
        $r=@ldap_bind($ds,"cn=admin,dc=univ-lehavre,dc=fr","azerty");
 
        //on indique l'endroit où ajouter l'element
	$group_path="ou=groups,dc=univ-lehavre,dc=fr";
        //on stocke les donnees dans un tableau
 
	$info["objectclass"][0] = "posixGroup" ;
        $info["cn"]="utilisateurs3" ;
        $info["gidnumber"]="2025";
 
        $dn="cn=".$info["cn"].",".$group_path ;
 
	$res = ldap_add($ds, $dn, $info);
	$res = ldap_err2str( ldap_errno($ds) );
 
        //fermeture de la connexion
	ldap_close($ds);
	return $res ;
}
function addUser() {
        //authentification
        $ds=ldap_connect("localhost");
        ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
        $r=@ldap_bind($ds,"cn=admin,dc=univ-lehavre,dc=fr","azerty");
 		var_dump($r);
        //on indique l'endroit où ajouter l'element
		$user_path="ou=users,dc=univ-lehavre,dc=fr";
        //on stocke les donnees dans un tableau
 
        $info["cn"] = "newuser" ;
        $info["objectclass"][0] = "account" ;
        $info["objectclass"][1] = "posixAccount" ;
        $info["objectclass"][2] = "top" ;
        $info["userpassword"] = "pass";
        $info["loginshell"] = "/bin/bash" ;
        $info["uidnumber"] = "123" ;
        $info["gidnumber"] = "345" ;
        $info["homedirectory"] = "/home/newuser" ;
 
        $dn="uid=newuser,".$user_path ;
 
	$res = ldap_add($ds, $dn, $info);
	$res = ldap_err2str( ldap_errno($ds) );
 
        //fermeture de la connexion
	ldap_close($ds);
	return $res ;
}
public function extractGroups($ds, $groups_dn, $filter) {
	if($ds) {
		$sr=ldap_search($ds, $groups_dn, $filter);
		$allGroups = ldap_get_entries($ds, $sr);
		}
	return $allGroups ;
}
function list_of_people($host, $path, $userDn, $userPasswd) {
        $ds=ldap_connect($host);
        ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
        $r=@ldap_bind($ds,$userDn,$userPasswd);
        if($ds) {
                $sr=ldap_search($ds, $path, "objectclass=*");
                $info = ldap_get_entries($ds, $sr);
 
		// Affiche toutes les données
		foreach($info as $k=>$v) {
			if(is_array($v)) {
				foreach($v as $k1=>$v1) {
					if(is_array($v1)) {
						foreach($v1 as $k2=>$v2) {
							echo $k1."=".$v2."<br/>";
						}
					}
				}
			}
		}
 
		//affiche une partie des données
                for ($i=0;$i<$info["count"];$i++) {
                        $res[$i]["uid"]=$info[$i]["uid"][0];
                        $res[$i]["cn"]=$info[$i]["cn"][0];
                }
                return $res ;
        }
        else {
                return "Erreur de connexion" ;
        }
}
list_of_people("monserveur.com", "ou=users,dc=univ-lehavre,dc=fr", "cn=admin,dc=univ-lehavre,dc=fr", "motdepasse")

* Donnees d'une personne

function show_a_person2($host, $uidPerson, $rootdn, $rootpasswd) {
        $ds=ldap_connect("localhost");
        ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
        $r=@ldap_bind($ds,"cn=admin,dc=univ-lehavre,dc=fr","azerty");
		$sr=ldap_search($ds, $uidPerson, "objectclass=*");
		$info = ldap_get_entries($ds, $sr);
		$i=0;
		if(count($info)>0) {
			$res["cn"] = $info[$i]["cn"][0];
			$res["gidnumber"] = $info[$i]["gidnumber"][0];
			$res["homedirectory"] = $info[$i]["homedirectory"][0];
			$res["loginshell"] = $info[$i]["loginshell"][0];
			$res["uid"] = $info[$i]["uid"][0];
			$res["uidnumber"] = $info[$i]["uidnumber"][0];
			$res["userpassword"] = $info[$i]["userpassword"][0];
		}
		return $res ;
}
 
$profil = show_a_person2("localhost", "uid=gaetan,ou=users,dc=univ-lehavre,dc=fr", "cn=admin,dc=univ-lehavre,dc=fr", "azerty") ;
 
echo "<table border=1>" ;
foreach($profil as $k=>$v) {
	echo "<tr><td>".$k."</td><td>".$v."</td></tr>" ;
}
echo "</table>";
  • Ajouter une personne dans le LDAP
/*
 * Ajouter une personne dans le LDAP
 */
function ldapAddUser($login, $clearpass, $loginshell, $gidnumber, $uidnumber, $homedirectory) {
        $host="";
        $rootdn="";
        $rootpasswd="";
        $ds = ldap_connect($host);
        if($ds) {
                $r=ldap_bind($ds,$rootdn,$rootpasswd);
                $info["uid"] = $login ;
                $info["cn"] = $login ;
                $info["objectClass"][0] = "account" ;
                $info["objectClass"][1] = "posixAccount" ;
                $info["objectClass"][2] = "top" ;
                $info["userPassword"] = "{crypt}".constructPass($clearpass);
                $info["loginShell"] = $loginshell ;
                $info["uidNumber"] = $uidnumber ;
                $info["gidNumber"] = $gidnumber ;
                $info["homeDirectory"] = $homedirectory ;
                $dn = "uid=".$login.",ou=people,ou=iut,ou=univ-lehavre,dc=fr";
                $res = ldap_add($ds, $dn, $info);
                $res = ldap_err2str( ldap_errno($ds) );
                ldap_close($ds);
                return $res ;
        }
}
 
/**
 * Genere un salt aléatoire de 8 caracteres
 */
function generateSalt($length) {
        return substr(str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length);
}
 
function constructPass($text) {
        return crypt($text,'$1$'.generateSalt('8'));
}
  • Controleur PHP
if($_SERVER['REQUEST_METHOD']=='POST') {
  if(isset($_POST['f_submit'])) {
    $res=authLdap($_POST['login'], $_POST['passwd']);
    if($res) {
    	// creation d'une session
    	session_start();
    	$_SESSION['login'] = $_POST['login'] ;
    	header('Location:index.php');
    	exit ;
    }
    else {
    	echo "identifiant ou mot de passe incorrect" ;
    }
  }
}
else {
	//code par défaut
}
dn: olcDatabase={-1}frontend,cn=config
changetype: modify
delete: olcAccess

dn: olcDatabase={1}hdb,cn=config
changetype: modify
delete: olcAccess