Home/ Questions/Q 7700699
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T22:46:11+00:00

for a application I need to grab all DN’s in a OU and show

  • 0

for a application I need to grab all DN’s in a OU and show them in a list box. the second part I Know how to do. but what I know is how to get the DN’s from the OU. I looked on internet but didn’t find what I was looking for. (Allot of how to get attributes from a DN. but not how to get de DN from a OU).

buildup DN:

CN=cn,OU=ou2,OU=group,OU=ou1,DC=dc2,DC=dc1

I suspect that I need to use ldap_search but not know how (what filter to use)

html:

<form class="frm_groep" action="index.php?pid=21" method="post">
  <div class="input">
    Naam:
    <input type="text" name="naamRecht" />
    <br />
    <br />
    Path LDAP:
    <input type="text" id="LDAP" name="LDAPgroep" />
    <br />
    <br />
    <select multiple="multiple" class="double" id="LDAPselection">
       here is where the DN's wil end up
    </select>
  </div>
  <div style="clear:both"></div>
  <div class="controles">
    <input type="reset" value="Legen" />
    <input type="submit" name="recht" value="Aanmaken" />
  </div>
</form>

the application will be written in PHP.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    To retrieve all entries (which are distinguished names) subordinate to an entry (an ou
    in your example), an application must transmit a search request to the server and then
    interpret the response from the server. Search requests must contain at a minimum:

    • base object
    • scope of search (base, one, or sub)
    • filter
    • list of attributes to return with each matching entry

    The filter should be a filter that “filters” or “restricts” the entries returned from the
    server. For example, a filter of (objectClass=*) (a presence filter) will match all entries at
    or below the base object (depending on the scope) that have the objectClass attribute
    populated with data (which is all entries, since all entries must have at least one
    objectClass attribute. A filter of (objectClass=inetOrgPerson) will match all entries that
    have an objectClass attribute populated with the value inetOrgPerson. A filter of
    (cn=xyzzy) will match all entries that have a cn attribute with the specified value (an
    equality filter). Therefore, your filter should be chosen to return the entries that match the
    specified criteria. If you desire all entries subordinate to an entry (ou=whatever in your
    case), then you should us a filter of ‘(&)‘ or ‘(objectClass=*)‘.

    Your directory administrator may not permit retrieval of large numbers of entries, so the
    application coder should consult with the server administrators before attempting to retrieve
    large numbers of entries.

    see also

    • 0