I'm using PHP to add users to my ldap directory. When I create a user they
can be added to 1 or more groups. When that user is deleted, I want to
remove them from all groups. The code I wrote only removes them from the
first group, then gives an error for any other group. Here is the code,
followed by the output.
function removeFromGroup($toDelete, $ds, $ldap, $baseGroupdn){
$groupList = $ldap->ldapGetGroupList();
for ($i=0; $i<$groupList["count"]; $i++){
if (sizeof($groupList[$i]["memberuid"]) != 0){
foreach ($groupList[$i]["memberuid"] as $val){
if ($val == $toDelete){
$cnGroup = "cn=" . $groupList[$i]["cn"][0] . ",$baseGroupdn";
$info["memberUid"][] = $toDelete;
echo "Deleting " . $toDelete . " from " . $cnGroup . "<br>";
$r = ldap_mod_del($ds, $cnGroup, $info);
}
}
}
}
}
// end removeFromGroup
and the output:
Deleting testuser from cn=Administrators,ou=Groups,dc=test,dc=com
Deleting testuser from cn=Users,ou=Groups,dc=test,dc=com
Warning: LDAP: modify operation could not be completed. in
/var/www/html/user/user_p.php on line 470
Deleting testuser from cn=Guests,ou=Groups,dc=test,dc=com
Warning: LDAP: modify operation could not be completed. in
/var/www/html/user/user_p.php on line 470
uid=testuser,ou=Users,dc=test,dc=com deleted...
also, here's what is in /var/log/ldap
Feb 19 10:32:58 Lunar slapd[5650]: conn=1938 op=2 MOD dn="cn=Domain
Admins,ou=Groups,dc=test,dc=com"
Feb 19 10:32:59 Lunar slapd[5650]: conn=1938 op=2 RESULT tag=103 err=0 text=
Feb 19 10:32:59 Lunar slapd[14339]: conn=1938 op=3 MOD dn="cn=Domain
Users,ou=Groups,dc=test,dc=com"
Feb 19 10:32:59 Lunar slapd[14339]: conn=1938 op=3 RESULT tag=103 err=16
text=modify: delete values failed
Feb 19 10:32:59 Lunar slapd[5648]: conn=1938 op=4 MOD dn="cn=Domain
Guests,ou=Groups,dc=test,dc=com"
Feb 19 10:32:59 Lunar slapd[5648]: conn=1938 op=4 RESULT tag=103 err=16
text=modify: delete values failed
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
