I am currently working on a PHP script that will be polling Active Directory

Question

0

Asked: June 2, 20262026-06-02T01:34:13+00:00 2026-06-02T01:34:13+00:00

I am currently working on a PHP script that will be polling Active Directory

0

I am currently working on a PHP script that will be polling Active Directory to pick out modified objects (people/users), via LDAP.

I’m able to filter on uSNChanged when I have the value, like so:

$previousUsn = '1234';
$ldapCon = ldap_connect('ldap-host');
$ldapBind = ldap_bind($ldapCon, 'ldap-user', 'ldap-password');
$sr = ldap_search($ldapCon, "ou=Users,dc=foo", "uSNChanged >= $previousUsn");

According to this, I should be able to retrieve a highestCommittedUSN attribute that could be used for the initial run of the script. I’ve been looking around to find out how this can be done using PHP & LDAP, but to no avail.

Alternatively, feel free to suggest completely different methods of retrieving changes in AD.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-02T01:34:14+00:00

Editorial Team

2026-06-02T01:34:14+00:00Added an answer on June 2, 2026 at 1:34 am

ldap_read(...) seems to do the trick:

function getHighestCommittedUsn() {
    ldap_bind(...);
    $sr = ldap_read($ldapCon, null, "(highestcommittedusn=*)", array("highestcommittedusn"));
    $rs = ldap_get_entries($ldapCon, $sr);

    return $rs[0]["highestcommittedusn"][0];
}

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am currently working on a PHP script that will be polling Active Directory

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply