I'm trying to retrieve a list of all users that exists on ldap, in order to create an autocomplete box in jquery. However, I do not manage to get it. I can connect and bind to the ldap server, then I try and use ldap_list(). I leave a blank in the filter not to filter anything and get the entire list. However ldap_list() sets a warning (Search: Can't contact LDAP server) and returns FALSE, which makes everything go wrong since it's a boolean and it's not what's expected (Warning: ldap_get_entries() expects parameter 2 to be resource, boolean given). Here's a sample of my code:
$identifier = ldap_connect(sfConfig::get('sf_ldap_host'));
if (!ldap_bind($identifier,
sfConfig::get('sf_ldap_generic_user').sfConfig::get('sf_ldap_usr_domain'),
sfConfig::get('sf_ldap_generic_password')))
{
throw new sfException('could not bind to the Active Directory');
}
$list = ldap_list($identifier, sfConfig::get('sf_ldap_dn'), '', array('mail'));
$list_user = ldap_get_entries($identifier, $list);
namingContextsfrom the Root DSEsub, a filter of(&)or(objectClass=*), articulate a list of the attributes desired. For just users, use a filter(objectClass=<object class in each user object>), for example,(objectClass=person)The authorization state set by the BIND must permit access, and be allowed to return as many objects as requested. Servers are permitted to restrict the number of entries returned to a client, and also to restrict the number of seconds spent in evaluating an LDAP operation, in this case, a search.
Note that a properly configured server may not permit trawling of the directory due to the load this places on the server (which will affect other clients). Consider informing the directory server administrators that your client plans to list all users.