ldap_get_option

(PHP 4 >= 4.0.4, PHP 5)

ldap_get_optionGet the current value for given option

Опис

bool ldap_get_option ( resource $link_identifier , int $option , mixed &$retval )

Sets retval to the value of the specified option.

Параметри

link_identifier

An LDAP link identifier, returned by ldap_connect().

option

The parameter option can be one of:

Option Type
LDAP_OPT_DEREF integer
LDAP_OPT_SIZELIMIT integer
LDAP_OPT_TIMELIMIT integer
LDAP_OPT_NETWORK_TIMEOUT integer
LDAP_OPT_PROTOCOL_VERSION integer
LDAP_OPT_ERROR_NUMBER integer
LDAP_OPT_REFERRALS bool
LDAP_OPT_RESTART bool
LDAP_OPT_HOST_NAME string
LDAP_OPT_ERROR_STRING string
LDAP_OPT_MATCHED_DN string
LDAP_OPT_SERVER_CONTROLS array
LDAP_OPT_CLIENT_CONTROLS array

retval

This will be set to the option value.

Значення, що повертаються

Повертає TRUE в успішному випадку або FALSE в разі помилки.

Приклади

Приклад #1 Check protocol version

<?php
// $ds is a valid link identifier for a directory server
if (ldap_get_option($dsLDAP_OPT_PROTOCOL_VERSION$version)) {
    echo 
"Using protocol version $version\n";
} else {
    echo 
"Unable to determine protocol version\n";
}
?>

Примітки

Зауваження:

This function is only available when using OpenLDAP 2.x.x OR Netscape Directory SDK x.x.

Прогляньте Також

add a note add a note

User Contributed Notes 3 notes

up
8
Anonymous
7 years ago
Following on from Jeremy S's example.
Instead of defining LDAP_OPT_DIAGNOSTIC_MESSAGE as 0x32 then using it, you can just use the option already defined as that value :)

LDAP_OPT_ERROR_STRING
up
6
Jeremy S
10 years ago
Here is how to tell if an Active Directory user account expired:

define('LDAP_OPT_DIAGNOSTIC_MESSAGE', 0x0032);

ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($conn, LDAP_OPT_REFERRALS, 0);

$bind = ldap_bind($conn, $user, $pass);

ldap_get_option($conn, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error);

if (!empty($extended_error))
{
    $errno = explode(',', $extended_error)[2];
    $errno = explode(' ', $errno)[2];
    $errno = intval($errno);

    if ($errno == 532)
        $err = 'Unable to login: Password expired.';
}
up
1
Maarten
4 years ago
PHP 7.1 added support for configuring the LDAP CA/Cert environment directly, rather than relying on the environment variables. I noticed that a lot of people are having trouble getting this to work.

The correct way is:
$ds=ldap_connect("ldap.google.com"); 
ldap_set_option(NULL, LDAP_OPT_X_TLS_CERTFILE, "/path/file.crt");
ldap_set_option(NULL, LDAP_OPT_X_TLS_KEYFILE, "/path/file.key");
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
ldap_start_tls($ds);
...
ldap_close($ds);
To Top