I ran into a rather annoying issue when trying to add a user to a usergroup in Active Directory.
Active Directory tends to not be particularly happy when you try modifying the "memberOf" attribute (through ldap_mod_add/ldap_mod_replace), and will output a warning/error somewhere along the lines of:
Warning: ldap_mod_add(): Modify: Server is unwilling to perform in ...
If you want to add a user to a usergroup, you need to add the user as a member of the group, rather than adding to the memberOf attribute of the group:
<?php
 function ldap_addToGroup($username, $group) {
 $dn = "CN=$group,OU=Accounts,DC=DC1,DC=DC2"; // distinguished name/DN of the group you want to add to
 $info["member"] = "CN=$username,OU=Accounts,DC=DC1,DC=DC2"; // DN of the user you want to add
 return ldap_modify($ldapconn, $dn, $info);
 }
?>

Hope this helps someone.