ldap_get_option

(PHP 4 >= 4.0.4, PHP 5, PHP 7)

ldap_get_option — Get the current value for given option

Description

bool ldap_get_option ( resource $link_identifier , int $option , mixed &$retval )

Sets retval to the value of the specified option.

Parameters

link_identifier

An LDAP link identifier, returned by ldap_connect().

option

The parameter option can be one of:

Option	Type
`LDAP_OPT_DEREF`	integer
`LDAP_OPT_SIZELIMIT`	integer
`LDAP_OPT_TIMELIMIT`	integer
`LDAP_OPT_NETWORK_TIMEOUT`	integer
`LDAP_OPT_PROTOCOL_VERSION`	integer
`LDAP_OPT_ERROR_NUMBER`	integer
`LDAP_OPT_REFERRALS`	bool
`LDAP_OPT_RESTART`	bool
`LDAP_OPT_HOST_NAME`	string
`LDAP_OPT_ERROR_STRING`	string
`LDAP_OPT_MATCHED_DN`	string
`LDAP_OPT_SERVER_CONTROLS`	array
`LDAP_OPT_CLIENT_CONTROLS`	array

retval

This will be set to the option value.

Return Values

Returns TRUE on success or FALSE on failure.

Examples

Example #1 Check protocol version


<?php
// $ds is a valid link identifier for a directory server
if (ldap_get_option($ds, LDAP_OPT_PROTOCOL_VERSION, $version)) {
    echo "Using protocol version $version\n";
} else {
    echo "Unable to determine protocol version\n";
}
?>

Notes

Note:
This function is only available when using OpenLDAP 2.x.x OR Netscape Directory SDK x.x.

User Contributed Notes

Jeremy S

2 years ago


Here is how to tell if an Active Directory user account expired:

define('LDAP_OPT_DIAGNOSTIC_MESSAGE', 0x0032);

ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($conn, LDAP_OPT_REFERRALS, 0);

$bind = ldap_bind($conn, $user, $pass);

ldap_get_option($conn, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error);

if (!empty($extended_error))
{
    $errno = explode(',', $extended_error)[2];
    $errno = explode(' ', $errno)[2];
    $errno = intval($errno);

    if ($errno == 532)
        $err = 'Unable to login: Password expired.';
}