Zend_Ldap_Ext proposal updated

August 11, 2008 at 11:18 2 comments

Yesterday I updated the proposal wiki page for my Zend_Ldap_Ext proposal to be compliant with the current source. Currently there seems to be not that much interest in an extended Zend_Ldap component but in my opinion the framework should include such a component to allow for simple data exchange with LDAP servers the same way it provides means to talk to databases and webservices.

The proposals originates from my need for a unified data access layer to an LDAP server in my current project. The proposal features:

  • querying the LDAP server
  • retrieving LDAP entries
  • creating LDAP entries
  • updating LDAP entries
  • deleting LDAP entries
  • LDAP filter string creation
  • tree traversal methods
  • other stuff like attribute en- and decoding

Some parts of the proposal are inspired by the brilliant PEAR:Net_LDAP2 package.

I think LDAP usage should be as easy as querying a database and the current ext/ldap with its three different resource types is predestined for beeing wrapped up in an object oriented interface. Just take the following examples:


$sr=ldap_search($ds, "o=My Company, c=US", "sn=S*");
$info=ldap_get_entries($ds, $sr); // result is buffered on the machine
for ($i=0; $i<$info["count"]; $i++) {
    echo "dn is: " . $info[$i]["dn"] . "<br />";
    echo "first cn entry is: " . $info[$i]["cn"][0] . "<br />";
    echo "first email entry is: " . $info[$i]["mail"][0] . "<br /><hr />";

Zend_Ldap with ext/ldap

$ldap=new Zend_Ldap(array(/* options */));
$sr=ldap_search($ldap->getResource(), "o=My Company, c=US", "sn=S*");
$info=ldap_get_entries($ldap->getResource(), $sr); // result is buffered on the machine
for ($i=0; $i<$info["count"]; $i++) {
    echo "dn is: " . $info[$i]["dn"] . "<br />";
    echo "first cn entry is: " . $info[$i]["cn"][0] . "<br />";
    echo "first email entry is: " . $info[$i]["mail"][0] . "<br /><hr />";


$ldap=new Zend_Ldap_Ext(array(/* options */));
foreach ($ldap->search("sn=S*") as $item) { // items will be fetched from the LDAP when needed
    echo "dn is: " . $item["dn"] . "<br />";
    echo "first cn entry is: " . $item["cn"][0] . "<br />";
    echo "first email entry is: " . $item["mail"][0] . "<br /><hr />";

This is just a simple example… But think of moving or copying complete subtrees, renaming entries, traversing the tree recursively and so on. Furthermore there are some common pitfalls with escaping values in filter strings and escaping DN values. My aim is to develop Zend_Ldap_Ext so that it addresses the most common workflows when dealing with LDAP servers.


Entry filed under: Zend Framework. Tags: , .

Hello world! Bug in Zend_Cache – already fixed

2 Comments Add your own

  • 1. brad lackey  |  May 22, 2009 at 00:54

    I am currently attempting to use the ldap->add() method and i am providing all of the required options, now i am receiving a “Message: 0x32 (Insufficient access; no write access to parent): adding: cn=slackey,ou=People,dc=nodomain ” error message, has anyone experienced this, fixed this?

  • 2. Amir  |  November 7, 2013 at 07:38

    Mate I saw your work, you are a hero, I saw your profile at Stackoverflow and I must say you are a genius. I would be very happy if you could leave your thoughts on: http://stackoverflow.com/questions/19826775/ and http://stackoverflow.com/questions/19824782/

    Looking forward to hear from you.
    Thank you for your kind attention and help.

    Best Regards



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed




%d bloggers like this: