PHP 查詢 Windows AD objectGUID objectSid (string fromat)

 <?php
function objectSid($binary_sid) {
    if(strlen(decbin(~0)) == 64)  //64bit PHP
    {
        // Get revision, indentifier, authority
        $parts = unpack('Crev/x/nidhigh/Nidlow', $binary_sid);
        // Set revision, indentifier, authority
        $sid = sprintf('S-%u-%d',  $parts['rev'], ($parts['idhigh']<<32) + $parts['idlow']);
        // Translate domain
        $parts = unpack('x8/V*', $binary_sid);
        // Append if parts exists
        if ($parts) $sid .= '-';
        // Join all
        return $sid.= join('-', $parts);
    }
     //32bit PHP
    $sid = 'S-';
    $sidinhex = str_split(bin2hex($binary_sid), 2);
    // Byte 0 = Revision Level
    $sid = $sid.hexdec($sidinhex[0]).'-';
    // Byte 1-7 = 48 Bit Authority
    $sid = $sid.hexdec($sidinhex[6].$sidinhex[5].$sidinhex[4].$sidinhex[3].$sidinhex[2].$sidinhex[1]);
    // Byte 8 count of sub authorities - Get number of sub-authorities
    $subauths = hexdec($sidinhex[7]);
    //Loop through Sub Authorities
    for($i = 0; $i < $subauths; $i++) {
        $start = 8 + (4 * $i);
        // X amount of 32Bit (4 Byte) Sub Authorities
        $sid = $sid.'-'.hexdec($sidinhex[$start+3].$sidinhex[$start+2].$sidinhex[$start+1].$sidinhex[$start]);
    }
    return $sid;
}

function objectGUID($binaryGuid) {
    $hexGuid = bin2hex($binaryGuid);
    // Reorder and format according to standard GUID representation
    $hex1 = substr($hexGuid, 6, 2) . substr($hexGuid, 4, 2) . substr($hexGuid, 2, 2) . substr($hexGuid, 0, 2);
    $hex2 = substr($hexGuid, 10, 2) . substr($hexGuid, 8, 2);
    $hex3 = substr($hexGuid, 14, 2) . substr($hexGuid, 12, 2);
    $hex4 = substr($hexGuid, 16, 4);
    $hex5 = substr($hexGuid, 20, 12);
    return sprintf('%s-%s-%s-%s-%s', $hex1, $hex2, $hex3, $hex4, $hex5);
}

$user = 'user1';         //設定欲認證的帳號名稱
$ldappass = 'p@ssw0rd';  //設定欲認證的帳號密碼
$domain = 'test.loc';   //設定網域名稱

putenv('LDAPTLS_REQCERT=allow');
$ldapconn = @ldap_connect("ldaps://" . $domain) or die("無法連接至 $domain");
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);

if ($ldapconn) { // binding to ldap server
    $ldapbind = @ldap_bind($ldapconn, $user . '@' . $domain, $ldappass);
    if ($ldapbind) {  // verify binding
        $result = @ldap_search($ldapconn, sprintf("dc=%s", (str_replace(".", ",dc=", $domain))), "(sAMAccountName=$user)");

        if($result==false) echo "認證失敗";
        else {
          $entries = ldap_get_entries($ldapconn, $result);
          $results2 = ldap_search($ldapconn, sprintf("dc=%s", (str_replace(".", ",dc=", $domain))),"(&(objectclass=group)(objectsid=*))", array("cn", "objectguid"));
          $entries2 = ldap_get_entries($ldapconn, $results2);

          for ($i=1; $i<$entries2['count']; $i++)
            echo $entries2[$i]['cn'][0] . "\n" . objectGUID($entries2[$i]['objectguid'][0]) . "\n" . objectSid($entries2[$i]['objectsid'][0]) . "\n\n";
        }
    } else echo "認證失敗...";
}
?>