I've written a small php script to retrieve all the users in a certain group and obtain two values, username and employeeid. Unfortunately, the second field is always empty. But a similar query done in Go returns the value. I've read Adldap docs several times, but cannot figure out what's wrong.
This is the code I'm using:
$ad = new \Adldap\Adldap();
$ad->addProvider($config);
$userlist = [];
try {
$provider = $ad->connect();
$group = $provider->search()->groups()->find($groupname);
foreach ($group->getMembers() as $user) {
$userlist[] = [
'AccountName' => $user->getAccountName(),
'EmployeeId' => $user->getEmployeeId(),
];
}
} catch (\Adldap\Auth\BindException $e) {
echo $e->getMessage();
}
And this is the relevant working part in Go. Here I was retrieving only a single user element:
func BindAndSearch(l *ldap.Conn, username string) (*ldap.SearchResult, error) {
l.Bind(BindUsername, BindPassword)
searchReq := ldap.NewSearchRequest(
BaseDN,
ldap.ScopeWholeSubtree,
ldap.NeverDerefAliases,
0,
0,
false,
fmt.Sprintf(Filter, ldap.EscapeFilter(username)),
[]string{"employeeID"},
nil,
)
result, err := l.Search(searchReq)
...
Found this SO answer which is exactly my issue:
I was Connecting to the AD via port 3268. It seems some attributes can be fetched only by connecting to the AD via port 389.