Public Member Functions
	__construct ($options=array())
	Constructor.

	__destruct ()
	Destructor.

	getResource ()

	getLastErrorCode ()
	Return the LDAP error number of the last LDAP command.

	getLastError (&$errorCode=null, array &$errorMessages=null)
	Return the LDAP error message of the last LDAP command.

	getBoundUser ()
	Get the currently bound user.

	setOptions ($options)
	Sets the options used in connecting, binding, etc.

	getOptions ()

	getBaseDn ()
	Gets the base DN under which objects of interest are located.

	getCanonicalAccountName ($acctname, $form=0)

	disconnect ()

	connect ($host=null, $port=null, $useSsl=null, $useStartTls=null, $networkTimeout=null)
	To connect using SSL it seems the client tries to verify the server certificate by default.

	bind ($username=null, $password=null)

	search ($filter, $basedn=null, $scope=self::SEARCH_SCOPE_SUB, array $attributes=array(), $sort=null, $collectionClass=null, $sizelimit=0, $timelimit=0)
	A global LDAP search routine for finding information.

	count ($filter, $basedn=null, $scope=self::SEARCH_SCOPE_SUB)
	Count items found by given filter.

	countChildren ($dn)
	Count children for a given DN.

	exists ($dn)
	Check if a given DN exists.

	searchEntries ($filter, $basedn=null, $scope=self::SEARCH_SCOPE_SUB, array $attributes=array(), $sort=null, $reverseSort=false, $sizelimit=0, $timelimit=0)
	Search LDAP registry for entries matching filter and optional attributes.

	getEntry ($dn, array $attributes=array(), $throwOnNotFound=false)
	Get LDAP entry by DN.

	add ($dn, array $entry)
	Add new information to the LDAP repository.

	update ($dn, array $entry)
	Update LDAP registry.

	save ($dn, array $entry)
	Save entry to LDAP registry.

	delete ($dn, $recursively=false)
	Delete an LDAP entry.

	moveToSubtree ($from, $to, $recursively=false, $alwaysEmulate=false)
	Moves a LDAP entry from one DN to another subtree.

	move ($from, $to, $recursively=false, $alwaysEmulate=false)
	Moves a LDAP entry from one DN to another DN.

	rename ($from, $to, $recursively=false, $alwaysEmulate=false)
	Renames a LDAP entry from one DN to another DN.

	copyToSubtree ($from, $to, $recursively=false)
	Copies a LDAP entry from one DN to another subtree.

	copy ($from, $to, $recursively=false)
	Copies a LDAP entry from one DN to another DN.

	getNode ($dn)
	Returns the specified DN as a Zend.

	getBaseNode ()
	Returns the base node as a Zend.

	getRootDse ()
	Returns the RootDse.

	getSchema ()
	Returns the schema.

Static Public Member Functions
static	prepareLdapEntryArray (array &$entry)
	Prepares an ldap data entry array for insert/update operation.

Public Attributes
const	SEARCH_SCOPE_SUB = 1

const	SEARCH_SCOPE_ONE = 2

const	SEARCH_SCOPE_BASE = 3

const	ACCTNAME_FORM_DN = 1

const	ACCTNAME_FORM_USERNAME = 2

const	ACCTNAME_FORM_BACKSLASH = 3

const	ACCTNAME_FORM_PRINCIPAL = 4

Protected Member Functions
	getHost ()

	getPort ()

	getUseSsl ()

	getUsername ()

	getPassword ()

	getBindRequiresDn ()

	getAccountCanonicalForm ()

	getAccountDomainName ()

	getAccountDomainNameShort ()

	getAccountFilterFormat ()

	getAllowEmptyPassword ()

	getUseStartTls ()

	getOptReferrals ()

	getTryUsernameSplit ()

	getNetworkTimeout ()

	getAccountFilter ($acctname)

	splitName ($name, &$dname, &$aname)

	getAccountDn ($acctname)

	isPossibleAuthority ($dname)

	getAccount ($acctname, array $attrs=null)

	createCollection (Collection\DefaultIterator $iterator, $collectionClass)
	Extension point for collection creation.

	getChildrenDns ($parentDn)
	Retrieve the immediate children DNs of the given $parentDn.

Protected Attributes
	$options = null

	$resource = null

	$boundUser = false

	$rootDse = null

	$schema = null

Constructor & Destructor Documentation

__construct ( $options = array() )

Constructor.

Parameters

array | Traversable $options Options used in connecting, binding, etc.

Exceptions

Exception\LdapException

__destruct ( )

Destructor.

Returns: void

Member Function Documentation

add	(		$dn,
		array	$entry
	)

Add new information to the LDAP repository.

Parameters

string \| Dn	$dn
array	$entry

Returns: Ldap Provides a fluid interface

Exceptions

Exception\LdapException

bind	(	$username = `null`,
		$password = `null`
	)

Parameters

string	$username	The username for authenticating the bind
string	$password	The password for authenticating the bind

Returns: Ldap Provides a fluent interface

Exceptions

Exception\LdapException

connect	(	$host = `null`,
		$port = `null`,
		$useSsl = `null`,
		$useStartTls = `null`,
		$networkTimeout = `null`
	)

To connect using SSL it seems the client tries to verify the server certificate by default.

One way to disable this behavior is to set 'TLS_REQCERT never' in OpenLDAP's ldap.conf and restarting Apache. Or, if you really care about the server's cert you can put a cert on the web server.

Parameters

string	$host	The hostname of the LDAP server to connect to
int	$port	The port number of the LDAP server to connect to
bool	$useSsl	Use SSL
bool	$useStartTls	Use STARTTLS
int	$networkTimeout	The value for network timeout when connect to the LDAP server.

Returns: Ldap Provides a fluent interface

Exceptions

Exception\LdapException

copy	(	$from,
		$to,
		$recursively = `false`
	)

Copies a LDAP entry from one DN to another DN.

Parameters

string \| Dn	$from
string \| Dn	$to
bool	$recursively

Returns: Ldap Provides a fluid interface

Exceptions

Exception\LdapException

copyToSubtree	(	$from,
		$to,
		$recursively = `false`
	)

Copies a LDAP entry from one DN to another subtree.

Parameters

string \| Dn	$from
string \| Dn	$to
bool	$recursively

Returns: Ldap Provides a fluid interface

Exceptions

Exception\LdapException

count	(	$filter,
		$basedn = `null`,
		$scope = `self::SEARCH_SCOPE_SUB`
	)

Count items found by given filter.

Parameters

string \| Filter\AbstractFilter	$filter
string \| Dn \| null	$basedn
int	$scope

Returns: int

Exceptions

Exception\LdapException

countChildren ( $dn )

Count children for a given DN.

Parameters

string | Dn $dn

Returns: int

Exceptions

Exception\LdapException

createCollection	(	Collection\DefaultIterator	$iterator,
			$collectionClass
	)

protected

Extension point for collection creation.

Parameters

Collection\DefaultIterator	$iterator
string \| null	$collectionClass

Returns: Collection

Exceptions

Exception\LdapException

delete	(	$dn,
		$recursively = `false`
	)

Delete an LDAP entry.

Parameters

string \| Dn	$dn
bool	$recursively

Returns: Ldap Provides a fluid interface

Exceptions

Exception\LdapException

disconnect ( )

Returns: Ldap Provides a fluent interface

exists ( $dn )

Check if a given DN exists.

Parameters

string | Dn $dn

Returns: bool

Exceptions

Exception\LdapException

getAccount	(		$acctname,
		array	$attrs = `null`
	)

protected

Parameters

string	$acctname
array	$attrs	An array of names of desired attributes

Returns: array An array of the attributes representing the account

Exceptions

Exception\LdapException

getAccountCanonicalForm ( )

protected

Returns: int Either ACCTNAME_FORM_BACKSLASH, ACCTNAME_FORM_PRINCIPAL or ACCTNAME_FORM_USERNAME indicating the form usernames should be canonicalized to.

getAccountDn ( $acctname )

protected

Parameters

string $acctname The name of the account

Returns: string The DN of the specified account

Exceptions

Exception\LdapException

getAccountDomainName ( )

protected

Returns: string The account domain name

getAccountDomainNameShort ( )

protected

Returns: string The short account domain name

getAccountFilter ( $acctname )

protected

Parameters

string $acctname

Returns: string The LDAP search filter for matching directory accounts

getAccountFilterFormat ( )

protected

Returns: string A format string for building an LDAP search filter to match an account

getAllowEmptyPassword ( )

protected

Returns: bool Allow empty passwords

getBaseDn ( )

Gets the base DN under which objects of interest are located.

Returns: string

getBaseNode ( )

Returns the base node as a Zend.

Returns: Node

Exceptions

Exception\LdapException

getBindRequiresDn ( )

protected

Returns: bool Bind requires DN

getBoundUser ( )

Get the currently bound user.

FALSE if no user is bound to the LDAP resource NULL if there has been an anonymous bind username of the currently bound user

Returns: bool|null|string

getCanonicalAccountName	(	$acctname,
		$form = `0`
	)

Parameters

string	$acctname	The name to canonicalize
int	$form	The desired form of canonicalization

Returns: string The canonicalized name in the desired form

Exceptions

Exception\LdapException

getChildrenDns ( $parentDn )

protected

Retrieve the immediate children DNs of the given $parentDn.

This method is used in recursive methods like {

See Also: delete()} or {; copy()}

Parameters

string | Dn $parentDn

Exceptions

Exception\LdapException

Returns: array of DNs

getEntry	(		$dn,
		array	$attributes = `array()`,
			$throwOnNotFound = `false`
	)

Get LDAP entry by DN.

Parameters

string \| Dn	$dn
array	$attributes
bool	$throwOnNotFound

Returns: array

Exceptions

null|Exception\LdapException

getHost ( )

protected

Returns: string The hostname of the LDAP server being used to authenticate accounts

getLastError	(	&	$errorCode = `null`,
		array &	$errorMessages = `null`
	)

Return the LDAP error message of the last LDAP command.

Parameters

int	$errorCode
array	$errorMessages

Returns: string

getLastErrorCode ( )

Return the LDAP error number of the last LDAP command.

Returns: int

getNetworkTimeout ( )

protected

Returns: int The value for network timeout when connect to the LDAP server.

getNode ( $dn )

Returns the specified DN as a Zend.

Parameters

string | Dn $dn

Returns: Node|null

Exceptions

Exception\LdapException

getOptions ( )

Returns: array The current options.

getOptReferrals ( )

protected

Returns: bool Opt. Referrals

getPassword ( )

protected

Returns: string The default password for binding

getPort ( )

protected

Returns: int The port of the LDAP server or 0 to indicate that no port value is set

getResource ( )

Returns: resource The raw LDAP extension resource.

getRootDse ( )

Returns the RootDse.

Returns: Node

Exceptions

Exception\LdapException

getSchema ( )

Returns the schema.

Returns: Node

Exceptions

Exception\LdapException

getTryUsernameSplit ( )

protected

Returns: bool Try splitting the username into username and domain

getUsername ( )

protected

Returns: string The default acctname for binding

getUseSsl ( )

protected

Returns: bool The default SSL / TLS encrypted transport control

getUseStartTls ( )

protected

Returns: bool The default SSL / TLS encrypted transport control

isPossibleAuthority ( $dname )

protected

Parameters

string $dname The domain name to check

Returns: bool

move	(	$from,
		$to,
		$recursively = `false`,
		$alwaysEmulate = `false`
	)

Moves a LDAP entry from one DN to another DN.

This is an alias for rename()

Parameters

string \| Dn	$from
string \| Dn	$to
bool	$recursively
bool	$alwaysEmulate

Returns: Ldap Provides a fluid interface

Exceptions

Exception\LdapException

moveToSubtree	(	$from,
		$to,
		$recursively = `false`,
		$alwaysEmulate = `false`
	)

Moves a LDAP entry from one DN to another subtree.

Parameters

string \| Dn	$from
string \| Dn	$to
bool	$recursively
bool	$alwaysEmulate

Returns: Ldap Provides a fluid interface

Exceptions

Exception\LdapException

static prepareLdapEntryArray ( array & $entry )

static

Prepares an ldap data entry array for insert/update operation.

Parameters

array $entry

Exceptions

Exception\InvalidArgumentException

Returns: void

rename	(	$from,
		$to,
		$recursively = `false`,
		$alwaysEmulate = `false`
	)

Renames a LDAP entry from one DN to another DN.

This method implicitly moves the entry to another location within the tree.

Parameters

string \| Dn	$from
string \| Dn	$to
bool	$recursively
bool	$alwaysEmulate

Returns: Ldap Provides a fluid interface

Exceptions

Exception\LdapException

save	(		$dn,
		array	$entry
	)

Save entry to LDAP registry.

Internally decides if entry will be updated to added by calling exists().

Parameters

string \| Dn	$dn
array	$entry

Returns: Ldap Provides a fluid interface

Exceptions

Exception\LdapException

search	(		$filter,
			$basedn = `null`,
			$scope = `self::SEARCH_SCOPE_SUB`,
		array	$attributes = `array()`,
			$sort = `null`,
			$collectionClass = `null`,
			$sizelimit = `0`,
			$timelimit = `0`
	)

A global LDAP search routine for finding information.

Options can be either passed as single parameters according to the method signature or as an array with one or more of the following keys

filter
baseDn
scope
attributes
sort
collectionClass
sizelimit
timelimit

Parameters

string \| Filter\AbstractFilter \| array	$filter
string \| Dn \| null	$basedn
int	$scope
array	$attributes
string \| null	$sort
string \| null	$collectionClass
int	$sizelimit
int	$timelimit

Returns: Collection

Exceptions

Exception\LdapException

searchEntries	(		$filter,
			$basedn = `null`,
			$scope = `self::SEARCH_SCOPE_SUB`,
		array	$attributes = `array()`,
			$sort = `null`,
			$reverseSort = `false`,
			$sizelimit = `0`,
			$timelimit = `0`
	)

Search LDAP registry for entries matching filter and optional attributes.

Options can be either passed as single parameters according to the method signature or as an array with one or more of the following keys

filter
baseDn
scope
attributes
sort
reverseSort
sizelimit
timelimit

Parameters

string \| Filter\AbstractFilter \| array	$filter
string \| Dn \| null	$basedn
int	$scope
array	$attributes
string \| null	$sort
bool	$reverseSort
int	$sizelimit
int	$timelimit

Returns: array

Exceptions

Exception\LdapException

setOptions ( $options )

Sets the options used in connecting, binding, etc.

Valid option keys: host port useSsl username password bindRequiresDn baseDn accountCanonicalForm accountDomainName accountDomainNameShort accountFilterFormat allowEmptyPassword useStartTls optReferrals tryUsernameSplit networkTimeout

Parameters

array | Traversable $options Options used in connecting, binding, etc.

Returns: Ldap Provides a fluent interface

Exceptions

Exception\LdapException

splitName	(		$name,
		&	$dname,
		&	$aname
	)

protected

Parameters

string	$name	The name to split
string	$dname	The resulting domain name (this is an out parameter)
string	$aname	The resulting account name (this is an out parameter)

Returns: void

update	(		$dn,
		array	$entry
	)

Update LDAP registry.

Parameters

string \| Dn	$dn
array	$entry

Returns: Ldap Provides a fluid interface

Exceptions

Exception\LdapException

Member Data Documentation

$boundUser = false

protected

$options = null

protected

$resource = null

protected

$rootDse = null

protected

$schema = null

protected

const ACCTNAME_FORM_BACKSLASH = 3

const ACCTNAME_FORM_DN = 1

const ACCTNAME_FORM_PRINCIPAL = 4

const ACCTNAME_FORM_USERNAME = 2

const SEARCH_SCOPE_BASE = 3

const SEARCH_SCOPE_ONE = 2

const SEARCH_SCOPE_SUB = 1

Public Member Functions

Static Public Member Functions

Public Attributes

Protected Member Functions

Protected Attributes

Constructor & Destructor Documentation

Member Function Documentation

Member Data Documentation