略微加速

PHP官方手册 - 互联网笔记

PHP - Manual: ldap_mod_replace

2024-04-27

ldap_mod_replace

(PHP 4, PHP 5, PHP 7, PHP 8)

ldap_mod_replaceReplace attribute values with new ones

说明

ldap_mod_replace(
    LDAP\Connection $ldap,
    string $dn,
    array $entry,
    ?array $controls = null
): bool

Replaces one or more attributes from the specified dn. It may also add or remove attributes.

参数

ldap

通过 ldap_connect() 返回的 LDAP\Connection 实例。

dn

The distinguished name of an LDAP entity.

entry

An associative array listing the attributes to replace. Sending an empty array as value will remove the attribute, while sending an attribute not existing yet on this entry will add it.

controls

Array of LDAP Controls to send with the request.

返回值

成功时返回 true, 或者在失败时返回 false

更新日志

版本 说明
8.1.0 现在 ldap 参数接受 LDAP\Connection 实例,之前接受 资源(resource)
8.0.0 controls is nullable now; previously, it defaulted to [].
7.3 Support for controls added

注释

注意: 此函数可安全用于二进制对象。

参见

add a noteadd a note

User Contributed Notes 14 notes

up
9
chris at mr2madness dot com
14 years ago
You can use arrays for multiple attributes example:

<?php
$entry[mail] = array("example@example.com","example2@example.com");
$results = ldap_mod_add($ldapConnID,$dn, $entry);
?>
or as i did for creating anew user:
<?php
$adduserAD["objectClass"] = array("top","person","organizationalPerson","user");
?>
up
2
mike dot rosile at interzonegames dot com
14 years ago
Here is some great information from the OpenLDAP FAQs regarding changing a userPassword attribute with PHP:

http://www.openldap.org/faq/data/cache/347.html

$userpassword = "{SHA}" . base64_encode( pack( "H*", sha1( $pass ) ) );
up
1
Anonymous
10 years ago
this can not be used to change a password on an AD server that requires you to send the old and new password.

in order to do this use on shuts an sever make an admin-account that allows to change other ppl pw without suppling the old password first.
up
1
JoshuaStarr at aelana dot com
20 years ago
To modify an attribute with a single value:
  $entry[mail] = "newmail@aelana.com";
  $results = ldap_mod_add($ldapConnID,$dn, $entry);

To modify an attribute with multiple values:
  $entry[mail][] = "newmail@aelana.com";
  $entry[mail][] = "altnewmail@aelana.com";
  $results = ldap_mod_add($ldapConnID,$dn, $entry);

To modify multiple attributes
  $entry[mail][] = "newmail@aelana.com";
  $entry[mail][] = "altnewmail@aelana.com";
  $entry[c]      = "US";
  $results = ldap_mod_add($ldapConnID,$dn, $entry);
up
1
ondrej at sury dot cz
20 years ago
in openldap 2.0.x you can use method with mod_del/mod_add only if the attribute have defined EQUALITY rule.
up
1
oyvindmo at initio dot no
21 years ago
ldap_mod_replace() and ldap_modify() are _exactly_ the same.  So, the comment that ldap_mod_replace() "performs the modification at the attribute level as opposed to the object level", has no root in reality.
up
0
dynamik
9 years ago
Using this function to 'replace' an Active Directory password requires the "Reset Password" security permission as opposed to the "Change Password" permission (which is assigned by default to SELF)
up
0
frederic dot jacquot at insa-lyon dot fr
18 years ago
Changing a user password in Active Directory.
Securely connect (using ldaps) to the Active Directory and bind using an administrator account.

In this example, $userDn contains the dn of the user I want to modify, and $ad is the Active Directory ldaps connection)

$newPassword = "MyPassword";
$newPassword = "\"" . $newPassword . "\"";
$len = strlen($newPassword);
for ($i = 0; $i < $len; $i++)
        $newPassw .= "{$newPassword{$i}}\000";
$newPassword = $newPassw;
$userdata["unicodepwd"] = $newPassword;
$result = ldap_mod_replace($ad, $userDn, $userdata);
if ($result) echo "User modified!" ;
else echo "There was a problem!";

I found it hard to get a proper encoding for the unicodepwd attribute so this piece of code might help you ;-)
up
0
yife at myrice-ltd dot com
21 years ago
if i want to replace the special attribute but i don't replace other attribute ,i just use "ldap_mod_del" and "ldap_mod_add" ,the function seems to that
up
-1
aaronfulton at softhome dot net
15 years ago
Before you modify values in your ldap directory, first make sure that you have permission to do so.  In openldap adding the following acl in slap.conf will allow the user to modify their own userpassword.

access to attr=userPassword
        by self write
        by anonymous auth
        by * none
up
-1
erwann at zeflip dot com
15 years ago
If you do not wish to set up SSL on your active directory, and you are running on Windows, you can use COM and ADSI to set the new password for a user, or to active a user:

<?PHP
// to set a user password
  // server is the ldap server
  // newuser_dn is the full dn of the user you want to modify
  // newuser_password is the password you wish to set for the user

    $ADSI = new COM("LDAP:");
    $user = $ADSI->OpenDSObject("LDAP://".$server."/".$newuser_dn, $adminuser, $adminpassword, 1);
    $user->SetPassword($newuser_password);
    $user->SetInfo();

// to activate a user
    $ADSI = new COM("LDAP:");
    $user = $ADSI->OpenDSObject("LDAP://".$server."/".$newuser_dn, $adminuser, $adminpassword, 1);
    $user->AccountDisabled = false;
    $user->SetInfo();

?>
up
-1
plex909
13 years ago
Here's an easy way to encode AD "unicodepwd" values from linux...

Download and install recode...
http://www.gnu.org/software/recode/recode.html

Then write something like this...
<?php
function ADUnicodePwdValue($plain_txt_value)
{
    return str_replace("\n", "", shell_exec("echo -n '\"" . $plain_txt_value . "\"' | recode latin1..utf-16le/base64"));
}

$user["unicodepwd"] = ADUnicodePwdValue("my_password");

?>

[EDITOR thiago NOTE: The following text was sent by boyvanderlaak at gmail dot com as an important complement]

if you do not have access to your linux box but have Multibyte String enabled you could try the following for AD 2008:

<?php
$info["unicodePwd"] = mb_convert_encoding('"' . $newPassword . '"', 'utf-16le');
?>
up
-1
giodev at panozzo dot it
2 years ago
An bettter method to create the unicodePwd Active Directory LDAP field from PHP is:

$unicodePwd = iconv("UTF-8", "UTF-16LE", "\"".$password."\"");

It works when $password is coming from a UTF-8 page. If your $password is not utf-8, change the 1st parameter of iconv.
up
-2
Anonymous
19 years ago
Sometime,we cannot replace ldap_mod_replace  function  with ldap_mod_del function and ldap_mod_add fuction .We  don't have permission to delete an attribute but  we can replace it.
add a noteadd a note

官方地址:https://www.php.net/manual/en/function.ldap-mod-replace.php

有任何技术问题请点击这里 网站运营推广招聘
IT PHP 编程语言 Linux 科技 开发编程 Elasticsearch HTML/CSS/XML 网络 JAVA NoSQL C/C++ 面试 Golang 数据库 Git 算法 正则表达式 操作系统 Redis 互联网 MySql JavaScript 运维 软件 架构设计 Mac OS TCP/IP 国际 Excel Vim Windows Socket Oracle VR MongoDB 运营 Python MemCache 商业 硬件 电子 设计 nginx 娱乐 摄影 游戏 WordPress HTTP 团建 数码电器
冷却塔厂家 广告
中文GPT4.0无需注册 广告
php7 安装fileinfo扩展 preg_split — 通过一个正则表达式分隔字符串 [PHP] inet_pton/inet_ntop IP地址转换函数 php位值,解决 PHP 中 usort 在值相同时改变原始位置的问题 PHPMailer设置utf8 PHPMailer字符集CharSet 如何在Composer中为GitLab实例设置访问令牌 array_multisort() 多字段排序 laravel框架查看sql语句方式 [原创]诡异的php-fpm超时问题 PHP获取指定函数定义在哪个文件中及行号 利用php soap实现web service php设置cookie为httponly防止xss攻击 PHP5 扩展SOAP 调用 webservice PHP-FPM进程数的设定 PHP7添加redis扩展 利用PHP SOAP实现WEB SERVICE PHPstorm 里面Terminal 不能使用 esc键吗退出编辑模式吗 纯php实现DES以及TripleDES加密算法 adodb手册 ADOConnection 公用函数
联系我们 半月雨文化 可降解耗材网 蓝云环保 生活百科 台州治疗白癜风医院 工程造价 78免费小説 上海网站seo优化 DDnovel 96小説 seo查询
北京半月雨文化科技有限公司.版权所有 京ICP备12026184号-3