3 echo "usage: ".$argv[0]. " domain user password usertocheck\n";
10 $usertocheck = $argv[4];
12 $servers = dns_get_record("_gc._tcp.$addom");
13 if(count($servers)<1) {
14 echo "AD servers cant be found, fail!\n";
17 echo count($servers)." AD servers returned, using ".$servers[0]["target"]."\n";
19 // we should check all servers, but lets just go with 0 for now
20 $cnt = ldap_connect($servers[0]["target"], $servers[0]["port"]);
21 ldap_set_option($cnt, LDAP_OPT_PROTOCOL_VERSION, 3);
23 $bind = ldap_bind($cnt, "$adlogin", "$adpass");
30 $ars = explode(".", $addom);
33 foreach($ars as $val) {
37 $basecn = preg_replace("/,$/", "", $tcn);
39 // first, find the dn for our user
40 $sr = ldap_search($cnt, "$basecn", "(&(objectclass=user)(samaccountname=$usertocheck))");
41 $info = ldap_get_entries($cnt, $sr);
43 $usercn=$info[0]["dn"];
48 $basecn = preg_replace("/,$/", "", $tcn);
49 $sr = ldap_search($cnt, "$basecn", "(&(objectCategory=group)(member:1.2.840.113556.1.4.1941:=$usercn))");
50 $fil = "(&(objectCategory=group)(member:1.2.840.113556.1.4.1941:=$usercn))";
51 $info = ldap_get_entries($cnt, $sr);
52 echo "groups for this user, $fil\n";
54 foreach($info as $kpot => $lpot) {
57 if(isset($lpot["cn"])) {
58 echo "Group: ".$lpot["cn"][0]."\n";
60 //echo "User: ".$kpot["samaaccountname"][0]."\n";
61 //echo "$kpot, $lpot\n";