alilou
Forum Replies Created
Viewing 2 replies - 1 through 2 (of 2 total)
-
Forum: Plugins
In reply to: [Active Directory Integration] ldap search exceed limityes $sr !! sorry !! I have php 5.3.14 and i can’t simply change the version.
I think the best solution solution is to add the two solutions
if(function_exists(ldap_control_paged_result)) …….Forum: Plugins
In reply to: [Active Directory Integration] ldap search exceed limitHi,
you can change/adapt adLDAP function on active-directory-integration/ad_ldap/adLDAP.php line 748change 1000 by limit of server
/** * Get group members by primaryGroupID * Use this to get all users of for example "Domain Users" * @param integer $pgid * @param array $fields */ public function group_members_by_primarygroupid($pgid= NULL, $fields = NULL) { if (!$this->_bind){ return (false); } if ($pgid===NULL){ return (false); } // enable pagination with a page size of 1000. $pageSize = 1000; $user_array=array(); $users=array(); $filter="(&(objectCategory=user)(primarygroupid=".$pgid."))"; $v=0; $sr=@ldap_search($this->_conn,$this->_base_dn,$filter,array('dn')); $countResult = ldap_count_entries($this->_conn,$sr); IF($countResult == 1000 OR $countResult == 1500) { // loop trough the number 97-122 (ASCII number for the characters a-z) For($a=97;$a<=122;$a++) { // translate the number to a character $character = chr($a); // the new search filter withs returns all users with a last name starting with $character $filter = "(&(sn=$character*)(objectCategory=user)(primarygroupid=".$pgid."))"; $results = ldap_search($this->_conn, $this->_base_dn, $filter); $countResult2 = ldap_count_entries($this->_conn,$results); // See if the search for all users starting with a specific character still hits the search limit // if so than do a new search to find all the users where the last name starts with "aa" and // than with "ab", "ac" etc. etc // In the best case we can now find 675.324 users per group when the search limit is 1000 // ((26 * 999 for the fist character) * 26 for the second character) // and 1.013.324 when the search limit is 1500 If($countResult2 == 1000 or $countResult2 == 1500) { For($b=97;$b<=122;$b++) { $character2 = chr($b); $filter2 = "(&(sn=$character$character2*)(objectCategory=user)(primarygroupid=".$pgid."))"; $results2 = ldap_search($this->_conn, $this->_base_dn, $filter2); $count2 = ldap_count_entries($this->_conn,$results2); $users2 = ldap_get_entries($this->_conn,$results2); $users = array_merge($users, $users2); } } Else { $users1 = ldap_get_entries($this->_conn,$results); $users = array_merge($users, $users1); } } } else { $users1 = ldap_get_entries($this->_conn,$startResults); $users = array_merge($users, $users1); } if (!is_array($users)) { return (false); } for ($i=0; $i<count($users); $i++){ $filter="(&(objectCategory=person)(distinguishedName=".$this->ldap_slashes($users[$i]['dn'])."))"; $fields = array("samaccountname", "distinguishedname", "objectClass"); $sr=ldap_search($this->_conn,$this->_base_dn,$filter,$fields); $entries = ldap_get_entries($this->_conn, $sr); // not a person, look for a group if ($entries['count'] == 0 && $recursive == true) { $filter="(&(objectCategory=group)(distinguishedName=".$this->ldap_slashes($users[$i]['dn'])."))"; $fields = array("samaccountname"); $sr=ldap_search($this->_conn,$this->_base_dn,$filter,$fields); $entries = ldap_get_entries($this->_conn, $sr); if (!isset($entries[0]['samaccountname'][0])) { continue; } $sub_users = $this->group_members($entries[0]['samaccountname'][0], $recursive); if (is_array($sub_users)) { $user_array = array_merge($user_array, $sub_users); $user_array = array_unique($user_array); } continue; } if ($entries[0]['samaccountname'][0] === NULL && $entries[0]['distinguishedname'][0] !== NULL) { $user_array[] = $entries[0]['distinguishedname'][0]; } elseif ($entries[0]['samaccountname'][0] !== NULL) { $user_array[] = $entries[0]['samaccountname'][0]; } } return ($user_array); }
Viewing 2 replies - 1 through 2 (of 2 total)