Updating LDAP Boolean Attributes with PHP

Changing the value of an attribute in an LDAP directory via php generally uses the ldap_mod_replace function. Something like:

$newvals = array('attribute' => 'value);
ldap_mod_replace($ldap_connection, $dn, $newvals);

The problem I ran into was when the attribute was a boolean type. I kept getting:

 ldap_mod_replace(): Modify: Invalid syntax

The problem was that I was trying to set it to 'true', 'false', 1, or 0, or the php constants 'true' and 'false' that get read as 1 and 0. None of those is an acceptable boolean value to my OpenLDAP server. I had to set it to 'TRUE' or 'FALSE'. Note the capitalization.

So, something like this:

$newvals = array('attribute' => 'TRUE', 'attribute2' => 'FALSE');
ldap_mod_replace($ldap_connection, $dn, $newvals);

Works. But something like:

 

$newvals = array('attribute' => 'true', 'attribute2' => FALSE, 'attribute3' => 1);
ldap_mod_replace($ldap_connection, $dn, $newvals);

 

Would not work.

Note, I tested this against OpenLDAP on Ubuntu 12.04. If you use a different LDAP directory, you might have different results. I haven't tried. 

Submitted by david.reagan on