Bad search filter on LDAP when trying to get user data

Question

I am fresh out of the box here with LDAP, so let me know if I am doing this in the completely wrong fashion.

I am working with Symfony 1.4 using the bhLDAPAuthPlugin plugin

I am verifying user login with LDAP. However, there is more data in the LDAP table that I would like to query using the username. So I am writing this search function to filter results according to the username:

function user_values($username) {
if (!$username) {
    die ("Username is not there man!");
}

if (!$this->_conn) {
    die ("No Connection.");
}
if (!$this->_base_dn) {
    die ("No Base.");
}
$filter="samaccountname=".$username;

$attributes_ad = array("name");
$result = ldap_search($this->_conn, $this->_base_dn, $filter, $attributes_ad) 
or die ("Error in search query");
$entries = ldap_get_entries($this->_conn, $result);
    return($entries);
}

I am getting the error:

Warning: ldap_search(): Search: Bad search filter in /... Error in search query

when i run the query.

The first three "if's" are there just to assure I was getting the correct parameters for the search. The condition fails on the actual search.

Any suggestions?

UPDATE

The username variable is jtesting

I pulled the $username from the function, before it gets put in the search parameter. It is actually (jtesting). I am going to remove the parenthesis, and see if that remedies the problem.

Answer 1

In order to use parentheses in the assertion value of a filter the parenthese must be escaped. A search filter where the assertion value is samAccountName=(jtesting) should be encoded as samAccountName=\28jtesting\29. The entire assertion value may be enclosed in parentheses which are not escaped, in which case the filter becomes (samAccountName=\28jtesting\29).

More Information

• LDAP: Search Filters
• String Representation of Search Filters