well,
swinog is probably the wrong channel to discuss programming issues like php stuff ,-) but just a few words:
dont use ldap_list -> search directly (ldapsearch; you're not searching at all, you list all users with CN=*). maybe you want to have only some attributes back and not the whole entry. choose wisely ,-) and to bring the topic back to network issues: check your network ,-) it could be that you have some connectivity issues with e.g. small packet drop, which will cause this speed problems. check duplex / speed issues. check if there are MTU problems, etc...
-steven
-----Original Message----- From: swinog-bounces@lists.swinog.ch [mailto:swinog-bounces@lists.swinog.ch] On Behalf Of Silvan Gebhardt Sent: Thursday, February 21, 2008 2:24 PM To: swinog@swinog.ch Subject: [swinog] MS Ldap
Hello Mailinglist
I have a small question I could not find out how to solve yet.
I am writing a small app which is build on PHP. Goals are:
- Authentication by Kerberos, on W2k3 attached.
This part works fine 2) I will be able to select Users from a LDAP query and Put it onto a separate table on a mysql db which makes these users to Administrators 3) Be able to delete the users from that database.
this part works
the rest of the app is not important here, but if someone interested I can show some stuff
now my problem is: I want to do this following bind (partially censored)
################### CODE ##################
function getadusers() { $krbuser=explode('@',$_SERVER[REMOTE_USER]); $ds = ldap_connect("domain.local"); // must be a valid LDAP server!
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ad, LDAP_OPT_REFERRALS, 0); if ($ds) {$r=ldap_bind($ds,"CN=Administrator,CN=Users,dc=Domain,dc=local ","password");
$searchvalue=$_SERVER[REMOTE_USER]; $sr=ldap_list($ds,"OU=NormaleBenutzer,dc=Domain,dc=local","(CN=*)"); $info = ldap_get_entries($ds, $sr); //echo ("<pre>".var_dump($info)."</pre>"); //echo $entries[$i]["displayname"][0]."<br />";
ldap_close($ds); return($info); } else { echo "<h4>Unable to connect to LDAP server</h4>"; }}
################### End COde #################
This query is sometimes sooo slow i just give up and hit reload and even this does not work normally.
can someone help me by either optimizing this query, which should just give out a list of the sAMAccount names, within others? Or is it a setting on the LDAP Server? This is a standard LDAP Server from Active Directory, and the userlist is also small (10, 15 users)
Thank you if anyone has a clue
Silvan _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog