PHP LDAP search

I have a test environment that includes two windows 2003 servers, one is running IIS6.0 and php 5.2 and the other one is a domain controller. I am trying to get a php script to use LDAP to find all of the users on the server.

The domain is openDesk.local and the users and in the default OU users.

I am so far able to connect and bind to the domain controller I am just unable to search it, I have about 1 hours experience with LDAP so I'm fairly sure its a simple syntax error to do with the search, when I run this code I get "search failed".

<?php

$host = "192.168.1.98"; 
$user = "username"; 
$pswd = "password";

$ad = ldap_connect($host)
  or die( "Could not connect!" );

ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3)
 or die ("Could not set ldap protocol");

$bd = ldap_bind($ad, $user, $pswd)
  or die ("Could not bind");

$dn = "OU=users,DC=openDesk,DC=local";

$filter = "cn=*";


$search = ldap_search($ad, $dn, $filter)
    or die ("Search failed");

$entries = ldap_get_en开发者_Go百科tries($ad, $search);

echo $entries["count"];


?>

---

LDAP queries should be enclosed in parenthesis. You might also want to search on an attribute without using a wildcard. Something like "(objectClass=user)" would work as a filter.

You can read more about AD search syntax here: http://msdn.microsoft.com/en-us/library/aa746475(v=vs.85).aspx

---

Although this doesn't directly answer your question, when I did LDAP work in another lifetime, I found that having an LDAP browser was absolutely invaluable when it came to query syntax. I used Softerra's LDAP Browser. Once you can see the paths, the syntax is no longer an issue.