Home > Enterprise >  adldap2: unable to retrieve custom user attribute
adldap2: unable to retrieve custom user attribute

Time:05-09

I've written a small php script to retrieve all the users in a certain group and obtain two values, username and employeeid. Unfortunately, the second field is always empty. But a similar query done in Go returns the value. I've read Adldap docs several times, but cannot figure out what's wrong.

This is the code I'm using:

        $ad = new \Adldap\Adldap();
        $ad->addProvider($config);
        $userlist = [];
        try {
            $provider = $ad->connect();
            $group = $provider->search()->groups()->find($groupname);
            foreach ($group->getMembers() as $user) {
                $userlist[] = [
                    'AccountName' => $user->getAccountName(),
                    'EmployeeId' => $user->getEmployeeId(),
                ];
            }
        } catch (\Adldap\Auth\BindException $e) {
            echo $e->getMessage();
        }

And this is the relevant working part in Go. Here I was retrieving only a single user element:

func BindAndSearch(l *ldap.Conn, username string) (*ldap.SearchResult, error) {
    l.Bind(BindUsername, BindPassword)

    searchReq := ldap.NewSearchRequest(
        BaseDN,
        ldap.ScopeWholeSubtree,
        ldap.NeverDerefAliases,
        0,
        0,
        false,
        fmt.Sprintf(Filter, ldap.EscapeFilter(username)),
        []string{"employeeID"},
        nil,
    )
    result, err := l.Search(searchReq)
...

CodePudding user response:

Found this SO answer which is exactly my issue:

I was Connecting to the AD via port 3268. It seems some attributes can be fetched only by connecting to the AD via port 389.

  • Related