CODEWITHSUNDEEP
phpwindowsactive-directoryldap
Beauvais
Beauvais

Reputation: 2279

How to get paged LDAP queries in PHP 8 and read more than 1000 entries?

I need to get more than the 1000 entries returned by my current LDAP search. Currently I am running on a Windows server with IIS and PHP 7.4 but will soon upgrade to 8.0.

What I have tried so far is this:

# Connect to the LDAP server
$ldap = ldap_connect("ldaps://my.ldap.server:636");
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
$ldapBind = ldap_bind($ldap, "UserName", "Password");

# Do a search
$searchResult = ldap_search($ldap, "DC=something1,DC=something2", "LDAP query);
$countEntries += ldap_count_entries($ldap, $searchResult);
$info = ldap_get_entries($ldap, $searchResult);

# Process each found LDAP data row - this will be a maximum of 1000 rows
for($i=0; $i < $info["count"]; $i++) {
    # do something ...
}

This will only give me the first 1000 rows but I need to read at least 30000 rows. Using "named queries" like mail=a* and mail=b* is not a viable solution as there could be more than 1000 entries in there, so I need some kind of trusted paged approach - one page by another.

I can see that I most likely should use LDAP controls as ldap_control_paged_result is no longer an option after PHP 7.4 but I really don't get that - how to use this?

Would anyone have a few hints on what to do here? :-)

Upvotes: 4

Views: 4310

Answers (1)

derhansen
derhansen

Reputation: 6133

There is an example in the PHP documentation (see example #5) on how to fetch and paginate data from LDAP in PHP 7.4+.

The following code snippet from the official documentation has been adjusted to a page size of 750 items per page.

// $link is an LDAP connection

$cookie = '';

do {
    $result = ldap_search(
        $link, 'dc=example,dc=base', '(cn=*)', ['cn'], 0, 0, 0, LDAP_DEREF_NEVER,
        [['oid' => LDAP_CONTROL_PAGEDRESULTS, 'value' => ['size' => 750, 'cookie' => $cookie]]]
    );
    ldap_parse_result($link, $result, $errcode , $matcheddn , $errmsg , $referrals, $controls);
    // To keep the example short errors are not tested
    $entries = ldap_get_entries($link, $result);
    foreach ($entries as $entry) {
        echo "cn: ".$entry['cn'][0]."\n";
    }
    if (isset($controls[LDAP_CONTROL_PAGEDRESULTS]['value']['cookie'])) {
        // You need to pass the cookie from the last call to the next one
        $cookie = $controls[LDAP_CONTROL_PAGEDRESULTS]['value']['cookie'];
    } else {
        $cookie = '';
    }
    // Empty cookie means last page
} while (!empty($cookie));

Upvotes: 9

Related Questions