Large company had many remote offices with a decent number of users. All offices are connected to the same network with a common domain, each office was defined in Active Directory (hereinafter referred to as AD) as Organization Unit (OU), in which users were already established

It was necessary to give users the opportunity to quickly and without much effort get the contact details of the necessary employee from AD, and system administrators to free from the routine of editing a text file that played the role of an address book.

There were no ready-made suitable options for solving the task, so I had to do everything with my own hands and head.

To begin with, first you need to decide what to use, it’s simple – the final guide should be accessible to all users of the domain through a browser. The first thing that comes to mind is PHP in conjunction with ldap, and we will use them. The biggest advantage of using PHP, I consider its relative simplicity, is that anyone who understands the system administrator at least a little can make the necessary changes to the code, if necessary, without particularly straining.

So, let’s begin. First, let’s set domain connection parameters:

The next point is to determine in which OU we will search for users. We will do this by intercepting the values from $ _GET [‘place’]. For example, if the user navigates to server / index.php? Place = first, then the $ place variable will be assigned the value first.

The $ doscript variable is needed in order to store the value – whether we determined the OU in which we will search for users or not. If there are no matches listed in the “switch-case”, then $ doscript = false, the main part of the script will not be executed, and the start page “main_table.html” will be displayed (I’ll tell you about it at the very end).

If we defined OU, then we proceed with further actions: we begin to make the user’s manual page:

We include styles for a more pleasant appearance (yes, they could be connected as a css file, however, some versions of IE do not want to perceive the styles set in this way, so you have to write directly to the script):

The styles are over, now we’ll write the tab title and draw a convenient link to return to the main page:

We determine the search filters by AD, and get data about the OU:

Next, we get and process user data in a cycle, in order to hide some (for example, service) accounts, we simply write “hide” in the “room” field in the user’s details in AD, such users will not be displayed in the directory:

By the way, if you need to get the value of another attribute, then remember (this is important):

in the request we pass the attribute name in lower case, otherwise it will not work.

And we paste the received data into the table:

Next, we close the connection via ldap, or display a message about the impossibility of connecting to the server:

The file “main_table.html” internally represents a simple html page with links, and looks like this:

 

If my code helps someone – I will be glad!

You can also freely edit it as you wish (improve / degrade) and distribute it by any methods.

Thanks for attention!