I created a form that asks you to log in, then verifies the user/pass against the ldap server/active-directory, if successful, it creates a session, which will be checked on every page.

Now I want to check the session, which is the username of the person who is logged in, and do a search for them using ldap_search, so I can check what group they belong to and pass that group thru a function to verify that they can view that page.

Each page will accessible to a certain group or groups of users, which those groups are defined within Active Directory.

I am unsure on how I can do that using ldap_search, or maybe that is just one piece of the puzzle I am trying to solve.

Any help is appreciated - thank you!

In the example code below, it is seeing if the user belongs to the student active-directory group (I do not know if this code works, but it should give you an idea of what I want to accomplish).

$filter = "CN=StudentCN=Users,dc=domain,dc=control";

$result = ldap_search($ldapconn,$filter,$valid_session_username);

if($result == TRUE) {
 print $valid_session_username.' does have access to this page';
} else {
 print $valid_session_username.' does NOT have access to this page';
}