It may be possible that restricted characters (",", "+", """, "\", "<", ">", ";", "#", "=", space or a hexpair) are used in attributes or values inside the DN. You should have a look to the APIdoc of Net_LDAP2_Util::escape_dn_value(), Net_LDAP2_Util::unescape_dn_value(), Net_LDAP2_Util::ldap_explode_dn() and Net_LDAP2_Util::canonical_dn(). These functions can be used to safely handle DNs.
After connecting to the server, you can use Net_LDAP's search() method to search the directory. The method takes three parameters:
$base is the base search DN. If kept null, the default base DN configured when connecting is used.
$filter is the query filter that determines which results are returned. It is either a string (experts use only) or better a Net_LDAP_Filter-object. Net_LDAP_Filter automatically deals with LDAP-Filter escaping issues. LDAP filters are extensively explained at the chapter LDAP filters.
$params is an array of configuration options for the current query.
Table 54-1. Possible configuration parameters
The scope used for searching:
|sizelimit||Number of entries returned at maximum||0 (no limit)|
|timelimit||Seconds to spent for searching||0 (no limit)|
|attrsonly||If true, only attribute names are returned||false|
|attributes||Array of attribute names, which the entry should contain. It is good practice to limit this to just the ones you need.||array() (all attributes)|
Example 54-1. Making a search query