Let's discuss about ways to connect to LDAP and handle entries from PHP.
I see that the trend is to write classes based on core PHP ldap_* functions. The obvious problem is that each module does in its own way.
Now, I think that the right way will be to manage all the "low level" stuff inside the ldap module, and then use its exposed APIs to do all the stuff higher-level.
I had a quick read at that module code, and I see you are writing brand new LDAP management classes.
What about, instead, using something already written?
[this is not a critique, I'm asking pros and cons for which you decided to write this from scratch]
I used Net_LDAP2 from PEAR many times when writing LDAP-related stuff, and it seems to be working fine, although I heard of strange misbehavior of that package, probably derived from some php-ldap functions issue (I see that it is not really easy to handle the LDAP protocol and communicate with a directory server..). Another problem related to Net_LDAP2 is the PEAR license, that is not GPL-compatible. So we'd need to ask users to download the PEAR framework in order to use LDAP modules. This can be done quickly under Linux, I don't know if it is the same for Windows and Mac.
But it has many many pros too (such as quick schema reading, to give an example) that would require lots of coding if done by scratch.
Are there other nice high-level classes to handle LDAP? Or lots of enthusiastic people that would help writing the coolest one?
Let me know.