Search – Searching entries

A short note on DNs

It may be possible that restricted characters (",", "+", """, "\", "<", ">", ";", "#", "=", space or a hexpair) are used in attributes or values inside the DN. You should have a look to the APIdoc of Net_LDAP2_Util::escape_dn_value(), Net_LDAP2_Util::unescape_dn_value(), Net_LDAP2_Util::ldap_explode_dn() and Net_LDAP2_Util::canonical_dn(). These functions can be used to safely handle DNs.

Searching some entries

After connecting to the server, you can use Net_LDAP's search() method to search the directory. The method takes three parameters:

  • $base is the base search DN. If kept null, the default base DN configured when connecting is used.

  • $filter is the query filter that determines which results are returned. It is either a string (experts use only) or better a Net_LDAP_Filter-object. Net_LDAP_Filter automatically deals with LDAP-Filter escaping issues. LDAP filters are extensively explained at the chapter LDAP filters.

  • $params is an array of configuration options for the current query.

    Possible configuration parameters
    Name Description Default
    scope The scope used for searching:
    • base - Just one entry

    • sub - The whole tree

    • one - Immediately below $base

    sizelimit Number of entries returned at maximum 0 (no limit)
    timelimit Seconds to spent for searching 0 (no limit)
    attrsonly If true, only attribute names are returned false
    attributes Array of attribute names, which the entry should contain. It is good practice to limit this to just the ones you need. array() (all attributes)

The search() method will return either a Net_LDAP_Search object or a Net_LDAP_Error. You can use the Net_LDAP_Search-object to trigger further actions like counting how many entries where found or to retrieve the found entries.

Making a search query

// Building a very basic filter
// we want to find all Entries whose surnames start with "Joe":
$filter Net_LDAP_Filter::create('sn''begins',  'Joe');

// We define a custom searchbase here. If you pass NULL, the basedn provided
// in the Net_LDAP configuration will be used. This is often not what you want.
$searchbase 'ou=addressbook,dc=example,dc=org';

// Some options:
// We search all subtrees beneath 'ou=addressbook,dc=example,dc=org'
// and we select the attribute 'sn'. It is a good practice to limit the
// requested attributes to only those you actually want to use later.
// However, note that it is faster to select unneeded attributes than
// refetching an entry later to just get those attributes.
$options = array(
'scope' => 'sub',
'attributes' => array('sn')

// Perform the search!
$search $ldap->search($searchbase$filter$options);

// Test for search errors:
if (PEAR::isError($search)) {
$search->getMessage() . "\n");

// Say how many entries we have found:
echo "Found " $search->count() . " entries!";
How to configure Net_LDAP and connect to an LDAP server (Previous) Retrieving entries directly or from a searchresult (Next)
Last updated: Thu, 26 May 2016 — Download Documentation
Do you think that something on this page is wrong? Please file a bug report or add a note.
View this page in:
  • English

User Notes:

There are no user contributed notes for this page.