I am successfully querying our Active Directory for a user with the following code:
$filter = (&(objectCategory=person)(samaccountname=someusername));
$fields = array("samaccountname","mail","manager","department","displayname","objectGUID");
$user = ldap_search($ldapconnection, $baseDn, $filter, $fields);
The resulting array gives this value for the manager
attribute:
CN=McBossy\, Boss,OU=Users,OU=CentralOffice,DC=ds,DC=example,DC=com
This looks like a distinguishedName to me. But when I try to query for the manager's record,
$filter = (&(objectCategory=person)(dn='CN=McBossy\, Boss,OU=Users,OU=CentralOffice,DC=ds,DC=example,DC=com'));
$manager = ldap_search($ldapconnection, $baseDn, $filter, $fields);
the query fails with PHP Warning: ldap_search(): Search: Bad search filter
I've tried a number of possibilities including different quotation, more parentheses, using distinguishedName
rather than dn
, etc.
What am I doing wrong and what is the right way to get the manager's record?