adldap2 / adldap2-laravel Goto Github PK

When trying to authenticate a user that has thumbnail photo, authentication fails.

This might be that the thumbnailphoto field is not base64 encoded.

How can I tell Adldap2 to not create a new user in the users table when successful login, I want it to look at the users in the users table and only allow authentications of where the usernames from the users table match Active Directory, and update the records in-case of a AD communication issue using 'login_fallback' => true

Thanks for help in advance!

I'm currently writing my own middleware (just to get an idea of how it's suppose to work) and one of the features I added to mine was to have the ability to override the SSO with a manual login.

Basically I'm doing a check before the SSO stuff for a session var. It's something like login_override which is "boolean". Then I was going to use AD's GUID, but you don't have a way to turn the GUID back to binary currently, so I'm probably just going to encrypt the samAccountName (which should be safe enough to assume is unique). I might need some work in that area as far as security goes - but SHOULD be reasonably safe.

The idea is that we could use an administrator account to get extra access to features when our user accounts don't have the access.. or simulate other user accounts to make sure access is correct.

As far as the parameters go - I'm adding groups as a parameter via the route ['middleware' => 'sso_plus:ad-administrators,ad-department'] and on the middleware side I added ...$groups as the last parameter. This will require at least PHP 5.6 (or a work around I'm not positive how to implement) so something to consider. With the ... syntax the last parameter is a single dimension array so a simple foreach check is fine.

EDIT: I can gist what I have so you can see how I'm doing it - it's not pretty, but I'm trying to get a project done by the middle of this month.

How to check if the user is logged in?

Example: Auth::guest()

• Adldap2/Adldap2#135
• #18

Add a configurable option to allow fallback to the eloquent driver when a connection to the AD server is not available.

Currently I have a very basic site where everyone has the same rights.
Authentication is done through Apache mod_ntlm_winbind which checks the user against the AD at HTTP request level and returns the AD username in $_SERVER['REMOTE_USER']. So they have access or they don't. While this works, I have no control over what the user may and may not do except for doing:

if ($_SERVER['REMOTE_USER'] == "john") {
\\John can see this
}

This is not useful for a second site where users have different roles.
I've installed this package but the thing is, I have no login page and I don't want one.
So the $credentials in the Auth::attempt($credentials) example cannot be filled with data.

Can someone explain how to do SSO with this package. I see a 'use_sso' => false, setting but what does that do?

Hi All,

I'm trying to sync the memberof user attribute but in my user model it only returns one group (the first one). Is this intentional?

User model:

 #original: array:15 [▼
    "id" => "1"
    "username" => "sebtest"
    "student_id" => null
    "staff_id" => "TEST"
    "full_name" => "Seb Test"
    "firstname" => "Seb"
    "email" => "[email protected]"
    "primary_group" => null
    "groups" => "CN=Seb,OU=Email groups,OU=Groups,DC=example,DC=local"
    "manager" => null
    "password" => ""
    "old_password" => null
    "remember_token" => ""
    "created_at" => "2015-11-18 11:55:17"
    "updated_at" => "2015-11-18 11:55:17"
]

From AD:

"memberof" => array:13 [▼
        0 => "CN=Seb,OU=Email groups,OU=Groups,DC=example,DC=local"
        1 => "CN=Test,OU=Email groups,OU=Groups,DC=example,DC=local"
        2 => "CN=Services,OU=Additional,OU=StudentGroups,OU=Moodle,OU=Groups,OU=example,DC=example,DC=local"
        3 => "CN=Languages,OU=example,OU=Personnel,OU=Groups,DC=example,DC=local"
        4 => "CN=Dept 1,OU=example,OU=Personnel,OU=Groups,DC=example,DC=local"
        5 => "CN=Dept 2,OU=example,OU=Personnel,OU=Groups,DC=example,DC=local"
        6 => "CN=Dept 3,OU=example,OU=Personnel,OU=Groups,DC=example,DC=local"
        7 => "CN=Staff,OU=example,OU=Email groups,OU=Groups,DC=example,DC=local"
        8 => "CN=4,OU=Email groups,OU=Groups,DC=example,DC=local"
        9 => "CN=5,OU=Email groups,OU=Groups,DC=example,DC=local"
        10 => "CN=C,OU=Security,OU=Groups,OU=example,DC=example,DC=local"
        11 => "CN=Managers,OU=Email groups,OU=Groups,DC=example,DC=local"
        12 => "CN=Domain Users,CN=Users,DC=example,DC=local"
      ]

Also, is there some documentation on all of the methods I can call on an Adldap object?

Thanks,

NS

Hi,

First up thank you for this brilliant project!
I have built it into what i am developing and find it very useful.

I do have a few questions to see if things are possible in the current repo and if not maybe feature requests.

Currently when i authenticate a use with the default settings it is returning all attributes the user has in AD. Is there a way to select only certain attributes for the user?

Same when i select the users groups with the following method, it returns all attributes for the groups from AD when i only really want 2 of them. The reason i am asking about this is in our AD we have groups with 3 or 4 thousand users so if the tools returns all attributes it may take more time.

Along with this i would like to be able to pull groups recursively for the user so that i can see what groups they are nested it

// Retrieving the authenticated LDAP users groups
$groups = $user->adldapUser->getGroups();

Thanks in advance.

I'm getting this issue when I try to post the login form:

Call to undefined method Adldap\Laravel\Facades\Adldap::users()

I've went through and installed all of the LDAP extensions on my LEMP server, but I keep getting this. Any ideas?

Hi,
I have found the example to update user uo to another uo.
Is there any Example for uo move.
At first, I try to update the dn, and do it like this :

$uo->dn = new dn;

It not work.
Than i do it with move function:

Adldap::getConnection()->showErrors();
$uo= Adldap::ous()->find('Test Uo');
$uo->move('OU=Test Uo',  'OU= New Uo,OU=ad,DC=test,DC=com')

It return false without error msg.
Could you help me?
Thanks.

It looks like you may have missed the publish command on version 1.4. The auth config file is not publishing for me.

I followed the instructions for Laravel 5.2 but im getting the following error:

ReflectionException in Container.php line 738: Class adldap does not exist

I already change provider for web and add the provider in config\auth.php as instructed but getting the error.

ErrorException in CreatesUserProviders.php line 40:
Authentication user provider [adldap] is not defined. (View: C:\laravel5\blog\resources\views\layouts\app.blade.php) (View: C:\laravel5\blog\resources\views\layouts\app.blade.php)

Please advise.
i already add Adldap\Laravel\AdldapServiceProvider::class and the facade to the app.php

If I change the password of an user after he is the database, I can't login again.

My Test Scenario:

1. Login with 'testuser', 'oldPassword' -> works
2. Logout
3. Change password via Active Directory of user 'testuser' to 'newPassword'
4. Login with 'testuser', 'newPassword' <-- fails
5. Login with 'testuser', 'oldPassword' <-- fails

Did I miss something?

i will have some users authing against the db and some authing against the active directory.
i've accomplished this with the standard laravel auth controller and the Adldap::authenticate() method and some duct tape.

just wondering if there is an easier/more seamless way

thanks, i love this

Hi,

Is it possible to update user's password or other attributes on AD via Facade methods?

Thanks.

How can I synchronize AD email at Model User ?

My User Model

protected $fillable = [
        'name', 'username', 'email', 'password',
    ];

but, dont sync at model database on login.

@stevebauman I've followed all of the documentation but can't seem to get Auth::user()->adldapUser to return anything but null.

I have added the trait to my user model, turned on bind_user_to_model and confirmed that authentication is working properly using the standard Auth controller with the $username attribute overridden to be samaccountname.

When doing dd(Auth::user()) I am also getting a null value on $adldapUser. Any help would be greatly appreciated.

Hi,

I wonder how get thumbnailphoto from AD ? I tried many ways more could not.

help please. 👍

Thought I had the install done, perhaps not..
I am getting this error at startup (laravel 5.1 just updated today)
InvalidArgumentException in Manager.php line 90: Driver [adldap] not supported.
If I change the line in auth.php back to
'driver' => 'eloquent',
the site comes to life..
Any ideas what I have done wrong?

I'm having some issues with getting a response for a failed login. If providing the correct credentials it works just fine. I have login_fallback enabled and it seems to work as intended.
When attempting to login with a valid AD username and incorrect password I receive the following error

ldap_bind(): Unable to bind to server: Invalid credentials in ..\vendor\adldap2\adldap2\src\Connections\Ldap.php line 501.

After shifting through the code I believe I should be getting another error exception with a different message. Thanks for the assistance.

Laravel 4 is not supporting

I know you're actively developing this so this is more of a question than an issue. You previously had retrieveByCredentials authenticating against LDAP first and then returning a Laravel User Model. In your recent changes you're searching LDAP before authenticating. I'm wondering your reasoning behind this.

Also if you were to take this approach it would be beneficial to map an input name to a searchable LDAP attribute i.e. my login form has username as the field and it needs to be mapped to the samaccountname attribute to find an account. As it stands currently, you're just looping through the credentials and querying with the key and value. Since username isn't a searchable key, this is currently failing for me. Just noticed the documentation has been updated to reflect this

I'm not nearly as skilled at development but I'd be happy to assist in any way possible with this package. I don't know how advanced you were wanting to get with this either but in my particular implementation I'm wanting to redirect to a "welcome to the company" registration page if it's their first time logging on. That may be out of your planned scope but it's a thought.

This is an excellent package so far though. Much better approach then others I've seen.

Many thanks for your work on this project, and I am especially looking forward to the SSO features. I want to share a specific use case that might not be factored into the current SSO implementation (I may be wrong).

I have an internal WAN in which SSO will be a perfect application, as we use Apache for web application serving and AD for authentication. However, we also have a VPN where remote users, although authenticated to the VPN, may not be authenticated on the domain (eg. when $_SERVER['REMOTE_USER'] is empty). While the code allows for a fallback for database authentication, it does not appear to allow a cascading fallback from SSO->AD->Database. Moreover, we have some users who will be "database-only", who don't have AD credentials at all, so such a fallback would be useful in that case as well. If sso_enabled => true then it would appear that the user MUST be authenticated on the domain or else the login will fail. (See https://github.com/Adldap2/Adldap2/blob/v5.2/src/Adldap.php#L262)

I may not be understanding the code correctly, or the intent here, but I would imagine that having a 'fallback' would be very useful and would appreciate your thoughts.

Not an 'issue' per-se but wondered if you had a fully functioning set of example files, including routes, controllers and views for a simple login form using Adldap2-laravel? I have installed and configured as per your documentation.

I am relatively new to Laravel and am trying to fit everything together! For example I have customised login.blade.php as follows, but on submission I just get returned to the login page again regardless of what credentials I enter: http://pastebin.com/7xrCDJzS

Any help/ guidance would be most welcome!

I saw that the remember me feature works with your driver, that's very nice.
But I think there is a security issue. If a user is logged in and checked the remember me box, he will remain logged in forever even if the password changes or the user gets deactivated.

That happens without the flag too, but at least it's not forever.

What do you guys think?

Hey @stevebauman, I started playing with the package, great work! 👍

While playing around, I found an error.
If you have a User Model without an email address, you can't login.

I think following lines need to be more generalized: https://github.com/Adldap2/Adldap2-laravel/blob/master/src/AdldapAuthUserProvider.php#L83-L103

The login fails, because it tries to insert an email address to the database which doesn't exist there.

Need help! You are showing an error message on my application.

I've done all necessary configuration, but not yet worked.

ErrorException in CreatesUserProviders.php line 40:
Authentication user provider [] is not defined. (View: E:\Projetos\PHP\scac\resources\views\layouts\app.blade.php) (View: E:\Projetos\PHP\scac\resources\views\layouts\app.blade.php)

Here is the page where the error occurs. app.blade.php

`@if (auth()->check())

                        <ul class="dropdown-menu" role="menu">
                            <li><a href="{{ url('/logout') }}"><i class="fa fa-btn fa-sign-out"></i>Logout</a></li>
                        </ul>
                    </li>
                @endif`

Hi folks,

When I try to login, there is always a These credentials do not match our records. error.

Because, in my app\User.php file, I've a password mutator to bcrypt a password parameter.

//...
class User extends Model
{
    //...
    /**
     * Hash the password given
     *
     * @param string $password
     */
    public function setPasswordAttribute($password)
    {
        $this->attributes['password'] = bcrypt($password);
    }
}

So I can do:

$u = App\User::create(['name' => 'Foo', 'email' => '[email protected]', 'password' => 'secret']);
$u->password; // returns a Bcrypt hash
=> "$2y$10$.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a"

But Adldap2-laravel always insert the password attribute value, into the User model, as a bcrypt hash.
Here the code, where bcrypt function is used:
https://github.com/Adldap2/Adldap2-laravel/blob/c7b12085b309928a827d17f2d5a9a7967fa03dbc/src/AdldapAuthUserProvider.php#L109

So maybe, we can extract this line in an update() method, to be able to override or aliasing it?
Then my password mutator would be happy 😼

Cheers,
Tortue Torche

Hi

Is it possible to add feature for syncing AD attributes only for empty field in laravel model?

Something like this in config:

'sync_attributes_on_empty' => [
    'mail' => 'email',
],

Hi,

I have problems using this against a pure LDAP (no ActiveDirectory) Server.
I figured out, that you're querying for 'objectCategory' which is not present in my schema.
Is it possible to work around this, or do I have to look for another AuthProvider?

I have followed the procedure as mentioned in the document. And When I try to authenticate the user I am getting the Invalid DN Syntax error.

I will post the "adldap.php" file data here. Please help me with this. I am new to Ldap. And I am using Laravel 5.1 with Mongo package. But after received this I checked with normal SQL, still I am getting the same error. Normal authentication working as expected.

"adldap.php"

'auto_connect' => true,
'connection' => Adldap\Connections\Ldap::class,
'connection_settings' => [
'account_suffix' => '@example.com',
'domain_controllers' => ['192.168.1.XXX'], // This my local IP, where the LDAP is.
'port' => 10389,
'base_dn' => 'uid=admin,ou=system',
'admin_account_suffix' => '@example.com',
'admin_username' => 'admin',
'admin_password' => 'admin_password',
'follow_referrals' => false,
'use_ssl' => false,
'use_tls' => false,
'use_sso' => false,
],

I haven't done any significant changes to the adldap_auth.php file. But the only changes I can see in that file are

1. 'windows_auth_attribute' => ['samaccountname' => 'AUTH_USER'],

2. 'sync_attributes' => [

    'name' => 'cn',
   

   ],

Which I didn't touched. What I am doing wrong in this? Please help. Just tell me whether I need something to fix it or you need any more information regarding the same. And also if it doesn't make any sense, please let me know.

I will also publish my AD data here.

DN: cn=Kiran+sn=G+displayName=KiranG+departmentNumber=DEV+uid=T001,ou=users,ou=system

Find the attached image for the same.

Hi Steve -- First off, thanks for all your hard work on this package!

I've been trying for the last few days to get everything working correctly, but I'm hitting a snag. I spun a nice, clean "test" project with Laravel just to make sure I know how to get everything running properly. I was trying to use Auth methods, but kept getting errors, so I dropped back to the simplest case modifed from your readme documentation like so:

// Authenticating.
if (Adldap::authenticate($username, $password)) {
   echo "Passed!<br>";
} else {
   echo "Failed!<br>";
}

It works fine is the username and password are correct. If the password is incorrect, though, I the "Whoops, looks like something went wrong." with:

ErrorException in Ldap.php line 502
ldap_bind(): Unable to bind to server: Invalid credentials

That's not what I expected. Is this correct behavior that I need to catch and code for, or should it actually have echoed out "Failed!" as I intended?

Thanks,
Kevin

https://github.com/Adldap2/Adldap2-laravel/blob/master/src/AdldapAuthUserProvider.php#L57

$user is not instanceof Adldap\Models\User so it always return false
because $user is Adldap\Models\Entry

Please advise.

Hey,
I've set up successfully the adldap authentication combined with Laravel Auth system. I can log in , log out users, get users data well, etc. But, my app randomly quits to login screen, an I can't find any logic how and why does it.
For pseudo example, I press edit article link, I add some modification, save it. But next time when I press the edit link, app quits to login screen. Nothing changed meantime..
No error in the logs, I use Laravel 5.1.x latest.
One thing, it happens only on my production server, on local no such happens. Code base is 100% the same.
Any idea?
Thanks

I have integrated Adldap2/Adldap2-Laravel version 1.3 in my Laravel 5.1 application.
I have inserted my settings in config/adldap.php and changed the authentication driver in config/adldap_auth.php to 'adldap'. Loggging in seems to work but when an AD user tries to log with wrong password then gets an exception in ldap_bind(): Unable to bind to server: Invalid credentials. I would like the Auth::attempt method returns false in case of wrong password posted.
This are options in my config/adldap.pcp:

return [
    'auto_connect' => true,
    'connection' => Adldap\Connections\Ldap::class,
    'connection_settings' => [
        'account_suffix' => '',
        'domain_controllers' => ['serv1.dom.root.local', 'serv2.dom.root.local'],
        'port' => 389,
        'base_dn' => 'dc=dom,dc=root,dc=local',
        'admin_username' => "****",
        'admin_password' => '*****',
        'follow_referrals' => false,
        'use_ssl' => false,
        'use_tls' => false,
        'use_sso' => false,
    ],
];

Hi,

I'm a complete new comer to laravel and I've decided after much googling to use Adldap as my auth driver.

I'm using username rather than email and have reflected the changes in the adldap_auth.php, login form and in the User model. I have also overriden the protected username in the AuthController.

I am using the default methods auth methods (I have no getLogin / postLogin) overridden in my AuthController.

In my login.blade.php, I can {{dd(\Adlap::authenticate('username','password')}} substituting username and password for real values. and this returns 'true'.

When I go to log on though I always get the error message:

Whoops! Something went wrong!

These credentials do not match our records.

Is there some way I can debug what's going on?

AuthController.php:

<?php

namespace App\Http\Controllers\Auth;

use App\User;
use Validator;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
use Socialite;
use Auth;
use Adldap\Adldap;

class AuthController extends Controller
{

    /*
    |--------------------------------------------------------------------------
    | Registration & Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles the registration of new users, as well as the
    | authentication of existing users. By default, this controller uses
    | a simple trait to add these behaviors. Why don't you explore it?
    |
    */

    use AuthenticatesAndRegistersUsers, ThrottlesLogins;

    protected $redirectPath = '/apps';
    protected $loginPath = '/auth/login';
    protected $username = 'username';

    /**
     * Create a new authentication controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('guest', ['except' => 'getLogout']);
    }

    /**
     * Get a validator for an incoming registration request.
     *
     * @param  array  $data
     * @return \Illuminate\Contracts\Validation\Validator
     */
    protected function validator(array $data)
    {
        return Validator::make($data, [
            'username' => 'required|max:255|unique:users',
            'password' => 'required|min:6',
        ]);
    }

    /**
     * Create a new user instance after a valid registration.
     *
     * @param  array  $data
     * @return User
     */
    protected function create(array $data)
    {
        return User::create([
            'username' => $data['username'],
            'password' => bcrypt($data['password']),
        ]);
    }

  }

login.blade.php

@extends('master')

@section('content')

<h1>Log in to Launchpad:</h1>

{!! Form::open(['url' => '/auth/login']) !!}

<div class="form-group">
 {!! Form::text('username', null, ['class' => 'form-control', 'placeholder' => 'Username']) !!}
</div>

<div class="form-group">
 {!! Form::password('password', ['class' => 'form-control', 'placeholder' => 'Password']) !!}
</div>

<div class="form-group">
 {!! Form::label('remember', 'Remember me?') !!}
 {!! Form::checkbox('remember', null, ['class' => 'form-control']) !!}
</div>

<div class="form-group">
 {!! Form::submit('Logon', ['class' => 'form-control btn btn-primary']) !!}
</div>

{!! Form::close() !!}

@stop

User.php

protected $fillable = ['username', 'password'];

Hi Steve

i have another question if you could, i tried asking on the laravel irc chat but no luck (either i didn't understand or they didn't ^^)

when you login with ldap user, a row is automatically inserted in the DB with some information.
what/where is the file(s) doing this insertion ?

i would like to write some more information in the DB from the ldap server, and update it on the next login if data from ldap server changes.
again it's not an issue with your great package but i would be glad if you could help, or even point me to some specific documentation :)

thanks a lot

I have set the option "login_fallback" true but I'm still getting ldap_bind(): Unable to bind to server: Invalid credentials error for the local db user.
The users who exist in AD can login but local db users gets the error above.

hello there :)

i have a field in my AD called "Office" so i added in my sync_attributes :
`
'sync_attributes' => [

'name' => 'cn',
'email' => 'mail',
'department' => 'department',
'room' => 'office',

],

`
but it's like it's not recognized
it works for any other field (like 'room' => 'mobile' for example, i got the mobile number written in the users database) but for office, i just receive null...

i'm able to get the office using the model :
$room = $user->adldapUser->getPhysicalDeliveryOfficeName();

but for the login, trying to update the users table, it seems to not receiving anything, and thus writing NULL in the db

is it a bug or do i do i miss something/do something wrong ?

thanks

Could you show me some documention about how I prepare my application to use the create users feature? I followed the https://github.com/Adldap2/Adldap2/blob/v5.2/docs/models/USER.md doc but didn't work well

Thanks

The first time I logged in with no issues.
dd(Auth::guard('gardName')->user()); is giving all my user session information
So I logged out doing Auth::guard('admin')->logout();
now dd(Auth::guard('admin')->user()); is returning null. Which means that user is no longed in.

Now I tried to login again. But I have an SQL error everytime:

SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry 'FirstName lastName' for key 'username' (SQL: insert into 'employee' ('username', 'password') values (FirstName lastName, gjkdfgdfgdfs5g4dfg4dfg4dfs6g4d6f5gdf6g4f))

Why am I getting this ? Shouldn't the record be updated if it already exists ?

I'm trying to get Adldap Auth to work and I get the follow message on my login screen when I try to login with valid creditentials:

These credentials do not match our records.

I do not get any connection errors from Adldap so I think my config is correctly set up.

I also tried doing a $ad->search()->all(); and the result is an empty ArrayCollection.

I'm not quite sure where this issue lies and how to debug this further.

Hello, could you tell me is it possible to authenticate user by adldap, then store some information in database users table, but without password? I tried to do this, but with no effect :( it still store AD password in users table..

Just a question:
How would you set login limitations. For example only users from a special group should be able to login.
Without changing the base_dn...

Trying to install on top of working laravel 5.1 on Ubuntu dev server
Added the "adldap2/adldap2-laravel": "1.1.*" line to composer.json file.
Ran composer update and got:
------------------ snip ----------------------------------
Loading composer repositories with package information
Updating dependencies (including require-dev)
Your requirements could not be resolved to an installable set of packages.

Problem 1
- adldap2/adldap2-laravel v1.1.0 requires adldap2/adldap2 5.1.* -> satisfiable by adldap2/adldap2[v5.1.0, v5.1.1, v5.1.2, v5.1.3, v5.1.4, v5.1.5, v5.1.6, v5.1.7].
- adldap2/adldap2-laravel v1.1.1 requires adldap2/adldap2 5.1.* -> satisfiable by adldap2/adldap2[v5.1.0, v5.1.1, v5.1.2, v5.1.3, v5.1.4, v5.1.5, v5.1.6, v5.1.7].
- adldap2/adldap2-laravel v1.1.2 requires adldap2/adldap2 5.1.* -> satisfiable by adldap2/adldap2[v5.1.0, v5.1.1, v5.1.2, v5.1.3, v5.1.4, v5.1.5, v5.1.6, v5.1.7].
- adldap2/adldap2 v5.1.7 requires ext-ldap * -> the requested PHP extension ldap is missing from your system.
- adldap2/adldap2 v5.1.6 requires ext-ldap * -> the requested PHP extension ldap is missing from your system.
- adldap2/adldap2 v5.1.5 requires ext-ldap * -> the requested PHP extension ldap is missing from your system.
- adldap2/adldap2 v5.1.4 requires ext-ldap * -> the requested PHP extension ldap is missing from your system.
- adldap2/adldap2 v5.1.3 requires ext-ldap * -> the requested PHP extension ldap is missing from your system.
- adldap2/adldap2 v5.1.2 requires ext-ldap * -> the requested PHP extension ldap is missing from your system.
- adldap2/adldap2 v5.1.1 requires ext-ldap * -> the requested PHP extension ldap is missing from your system.
- adldap2/adldap2 v5.1.0 requires ext-ldap * -> the requested PHP extension ldap is missing from your system.
- Installation request for adldap2/adldap2-laravel 1.1.* -> satisfiable by adldap2/adldap2-laravel[v1.1.0, v1.1.1, v1.1.2].

How can I resolve this?
Thanks

If I change the attribute 'use_ssl' to 'true', the connection method should change the connection port from 389 to 636

Hi..

Need help.. I been trying for hours to get the auth working however failed. I got sample code which i tested working using ldap library but i did not manage to the auth working. The code that working is

$host = 'ibnuhajar.iium.edu.my';
$port = 389;
$basedn = 'cn=Users, dc=iiu, dc=edu, dc=my';

    $auth = '0';

    $PHP_AUTH_USER = 'faaazma';
    $PHP_AUTH_PW = 'wildfire';

    if ($PHP_AUTH_USER != "" && $PHP_AUTH_PW != "") {
        $ds=ldap_connect($host,$port);
        $r = ldap_search( $ds, $basedn, 'uid=' . $PHP_AUTH_USER);
        if ($r) {
            $result = ldap_get_entries( $ds, $r);
            //dd($PHP_AUTH_USER,$PHP_AUTH_PW,$result);
            if (array_key_exists(0,$result)) {
                $bind_with_pwd = ldap_bind( $ds, $result[0]['dn'], $PHP_AUTH_PW);
                if ($bind_with_pwd) {
                    //return $result[0];
                    $auth = '1';
                } else {

                    $auth = '3';
                }
            }
        } else {

            $auth = '2';
        }
    }

What config should be in my config/adldap.php and adldap_auth.php to make it work.

I manage to get and entry working as in

$ldapuser = Adldap::search()->where('cn', '=', 'faaazma')->first(); which result an ENTRY records.

but failed for

$user = Adldap::users()->find('faaazma'); // it return false from dd

Attached are my config/adldap.php and adldap_auth.php and login.blade.php.

Please assist.

adldap.php.txt
adldap_auth.php.txt
login.blade.php.txt

I have a base_dn that I have been given, however instead of being your usual 'base_dn' => 'OU=Users,DC=Company,DC=local', I also have a cn in the base_dn as our IT sets up security groups like that. Unfortunately when I use 'base_dn' => 'CN=Group,OU=Users,DC=Company,DC=local', I am unable to authenticate, in fact I don't even think it is able to pick up my user account.

Is there a way to utilize the CN with the base_dn and grab the users inside?