Use `ldap_bind_ext()` instead of `ldap_bind()` to retrieve LdapResult for further parsing

[stevebauman]

Discussed in https://github.com/DirectoryTree/LdapRecord/discussions/378

^{Originally posted by pafernandez-oesia December 29, 2021} Hi!

Is there any way to check if the server has returned a control? I have to check for LDAPPasswordExpiringControl presence and I can't find any reference in the API docs. What I'm trying to do is the same as described in PHP manual on LDAP controls examples.

The code I use is similar to this:

<?php

$user   = 'cn=admin,dc=example,dc=com';
$passwd = 'adminpassword';

$ds = ldap_connect('ldap://localhost');

if ($ds) {
    $r = ldap_bind_ext($ds, $user, $passwd, []);

    if (ldap_parse_result($ds, $r, $errcode, $matcheddn, $errmsg, $referrals, $ctrls)) {
        if ($errcode != 0) {
            die("Error: $errmsg ($errcode)");
        }
        if (isset($ctrls["2.16.840.1.113730.3.4.5"])) {
            $value = $ctrls["2.16.840.1.113730.3.4.5"]['value'];
            echo "Expires in: ".$value['expire']." seconds\n";
        }
    }
} else {
    die("Unable to connect to LDAP server");
}
?>

It works with vanilla PHP when the server returns the LDAPPasswordExpiringControl (OID = "2.16.840.1.113730.3.4.5"), but I can't figure how to do it the LdapRecord way. I'm currently making a double bind, one with LdapRecord and another one with a code similiar to the shown above in order to get the result.

Any help would be appreciated. Thank you.

Kind regards,