@stevebauman I've followed all of the documentation but can't seem to get Auth::user()->adldapUser to return anything but null.

I have added the trait to my user model, turned on bind_user_to_model and confirmed that authentication is working properly using the standard Auth controller with the $username attribute overridden to be samaccountname.

When doing dd(Auth::user()) I am also getting a null value on $adldapUser. Any help would be greatly appreciated.

Hello for days I'm trying to connect an application with ldap but I have been many problems, I followed the tutorials https://github.com/SaschaDens/ldap-connector and https://github.com/Adldap2/Adldap2-Laravel laravel 5.2 and I get the following error in the login These credentials do not match our records. I hope you can help me @stevebauman

• Laravel Version: 5.4
• Adldap2-Laravel Version: 3.0.4/7.0.11
• PHP Version: 7.0

Description:

I have ADLDAP working on my local dev environment and talking to my AD server just fine. When I try to login from my site on my dev server however it fails with: "BindException in Guard.php line 80: Can't contact LDAP server". I can successfully ping from the dev server to the AD server just fine. I can also run "php artisan adldap:import" from the dev server and it will import all the users. Any ideas?

• Laravel Version: #5.8.31#
• Adldap2-Laravel Version: #6.0#
• PHP Version: #7.2#
• LDAP Type: Active Directory

Description:

Performed a "Composer update" commandand now my site has crashed. When I log in I am getting the following error message:

"Call to undefined method Adldap\Log\EventLogger::log()"

Steps To Reproduce:

Nothing else changed except running a composer update command

I am trying to check the LDAP if a username exists and if it doesn't then I want to write the data out to a table to provide a way for users not in the ldap to set up their own account. Everytime I dump the results I get a null value.

Auth.php:

<?php

return [

    'defaults' => [
        'guard' => 'web',
        'passwords' => 'users',
    ],

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'adldap',
        ],

        'api' => [
            'driver' => 'token',
            'provider' => 'users',
        ],
    ],

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],

        'adldap' => [
            'driver' => 'adldap',
            'model' => App\User::class,
        ],
    ],

    'passwords' => [
        'users' => [
            'provider' => 'users',
            'email' => 'auth.emails.password',
            'table' => 'password_resets',
            'expire' => 60,
        ],
    ],
];

adldap_auth.php:

<?php

return [

    'connection' => env('ADLDAP_CONNECTION', 'default'),

    'username_attribute' => ['username' => 'samaccountname'],

    'limitation_filter' => env('ADLDAP_LIMITATION_FILTER', ''),

    'login_fallback' => env('ADLDAP_LOGIN_FALLBACK', true),

    'password_key' => env('ADLDAP_PASSWORD_KEY', 'password'),

    'password_sync' => env('ADLDAP_PASSWORD_SYNC', true),

    'login_attribute' => env('ADLDAP_LOGIN_ATTRIBUTE', 'samaccountname'),

    'bind_user_to_model' => env('ADLDAP_BIND_USER_TO_MODEL', true),

    'sync_attributes' => [
        'FirstName' => 'givenname',
        'LastName' => 'sn',
        'email' => 'mail',
    ],

    'select_attributes' => [ ],
];

Hello,

First, I want to thank you for your hard work for making such a useful library and I'd like to tell that I can be considered as both a Laravel and a LDAP newbie.

I am currently trying to make a simple user interface which will allow the LDAP users to change their attributes (password, telephone, address etc..) There is an OpenLDAP server already actively using by the company.

• The company doesn't want to add the web server into the domain which the application will run on. Is there any way to configure adldap2-laravel to connect the server by using the server's IP address? I tried official PHP-Ldap library to test if I can bind the admin user and fetch some data and I successfully achieved it. But I couldn't figure out where to configure the server's IP address in the adldap2-laravel library or it is not even possible.
• Second question is; is it possible to authenticate users by only LDAP database? I made a search through the issues and read the guides. It seems we need a User model and a database for the adldap2-laravel working. I want to achieve my goal by like;
  • Post user credentials from UI (uid an password)
  • Check credentials from the LDAP database
  • If matches, log the user in and allow the user to see and change his/her attributes

Sorry for the long post. It will be very appreciated if you can enlighten me. Thanks again.

• Laravel Version: 5.8.22
• Adldap2-Laravel Version: 6.0.6
• PHP Version: 7.3.4
• LDAP Type: ActiveDirectory

Description:

I'm authenticating my users based on username and password. The AD users authenticate successfully and are logged in to the application. The fields I want are sync'd correctly. The issue is that my logged in User object's 'ldap' property is always null. I can recreate this in Tinker as well. So I can't access any of the ldap methods.

I re-created a new application from scratch and followed the Adldap2-Laravel instructions to the letter, but I'm getting the same problem. I feel like I'm missing something somewhere. I've done Laravel applications in the past and haven't had this problem.

Steps To Reproduce:

1. I log the user in via Tinker using Auth::attempt().
2. The user is logged in successfully, but I do get the following... PHP Warning: unlink PHP Warning: ldap_search(): Search: Bad search filter PHP Warning: ldap_get_entries() expects parameter 2 to be resource, bool given PHP Warning: ldap_search(): Search: Bad search filter PHP Warning: ldap_get_entries() expects parameter 2 to be resource, bool given

Each warning is followed by a file path to the php file the warning originates from. Perhaps this ldap_search() thing is the reason I'm having issues? 3) Once logged in I can access the user via Auth::user(), but as mentioned above, the ldap property is null.

Any direction on this would be much appreciated!

https://github.com/Adldap2/Adldap2-laravel/blob/master/src/AdldapAuthUserProvider.php#L57

$user is not instanceof Adldap\Models\User so it always return false because $user is Adldap\Models\Entry

Please advise.

hi Steve, i have followed all the steps and try to login but i can't login .but the credentials i have provided is write. do you have an idea where this might goes wrong.

thanks

Does this class work with Laravel 5.3? I noticed the main difference is that AuthController got deprecated. But everything else seems the same. I am relatively new to Laravel and LDAP in general. I followed the instructions and things seem to not pass the login. It doesn't even hit the LDAP server. The login just seems to refresh when I submit. Is there something wrong with my code? I removed the comments for ease of reading. The XXXXXX's would contain my information.

# Auth.php

<?php

return [

    'defaults' => [
        'guard' => 'web',
        'passwords' => 'users',
    ],

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'token',
            'provider' => 'users',
        ],
    ],

    'providers' => [
        'users' => [
            'driver' => 'adldap',//'eloquent',
            'model' => App\User::class,
        ],

        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    ],

    'passwords' => [
        'users' => [
            'provider' => 'users',
            'table' => 'password_resets',
            'expire' => 60,
        ],
    ],

];

# adldap.php

<?php

return [

    'connections' => [

        'default' => [

            'auto_connect' => true,

            'connection' => Adldap\Connections\Ldap::class,

            'schema' => Adldap\Schemas\ActiveDirectory::class,

            'connection_settings' => [

                'account_prefix' => '',

                'account_suffix' => '@xxxxxxxxx.com',

                'domain_controllers' => ['xxxxxxxxxx','xxxxxxxxxxx'],

                'port' => 389,

                'timeout' => 5,

                'base_dn' => 'OU=XXX,OU=XXX,DC=xxx,DC=xxxxxx',

                'admin_account_suffix' => '@xxxxxx.com',

                'admin_username' => env('ADLDAP_ADMIN_USERNAME', 'xxxxx'),

                'admin_password' => env('ADLDAP_ADMIN_PASSWORD', 'xxxxx'),

                'follow_referrals' => false,

                'use_ssl' => false,

                'use_tls' => false,

            ],

        ],

    ],

];

# adldap_auth.php

<?php

return [


    'connection' => env('ADLDAP_CONNECTION', 'default'),

    'username_attribute' => ['username' => 'samaccountname'],

    'limitation_filter' => env('ADLDAP_LIMITATION_FILTER', ''),

    'login_fallback' => env('ADLDAP_LOGIN_FALLBACK', false),

    'password_key' => env('ADLDAP_PASSWORD_KEY', 'password'),

    'password_sync' => env('ADLDAP_PASSWORD_SYNC', true),

    'login_attribute' => env('ADLDAP_LOGIN_ATTRIBUTE', 'samaccountname'),

    'windows_auth_attribute' => ['samaccountname' => 'AUTH_USER'],

    'bind_user_to_model' => env('ADLDAP_BIND_USER_TO_MODEL', false),

    'sync_attributes' => [

        'name' => 'cn',

    ],

    'select_attributes' => [

    ],

];

• Laravel Version: 5.5
• Adldap2-Laravel Version: 4.0
• PHP Version: 7.2.3
• LDAP Type: OpenLDAP

Description:

Hello!

Im able to authenticate successfully but Im not redirected past the login screen. The logs show everything worked but Im returned to the /login again with out any errors.

Im only interested in the authentication part. No need to save anything to a database (NoDatabaseUserProvider).

local.INFO: User '{MyUserName}' has been successfully found for authentication.  
local.INFO: User '{MyUserName}' is authenticating with username: 'uid={uid},cn=users,dc=mydomain,dc=com'  
local.INFO: User '{MyUserName}' has successfully passed LDAP authentication.  
local.INFO: User '{MyUserName}' has been successfully logged in. 

Steps To Reproduce:

Every login is an endless loop. If I try to visit the url mydomain.com/home, I'm redirected to /login again.

.env

ADLDAP_CONTROLLERS='mydomain.com'
ADLDAP_BASEDN='cn=users,dc=mydomain,dc=com'
CACHE_DRIVER=file
SESSION_DRIVER=file

adldap_auth.php

return [
    'connection' => env('ADLDAP_CONNECTION', 'default'),
    'provider' => Adldap\Laravel\Auth\NoDatabaseUserProvider::class,
    'rules' => [Adldap\Laravel\Validation\Rules\DenyTrashed::class],
    'scopes' => [Adldap\Laravel\Scopes\UidScope::class],
    'usernames' => [
         'ldap' => [
             'discover' => 'uid',
             'authenticate' => 'dn'
        ]
    ],
    'login_fallback' => env('ADLDAP_LOGIN_FALLBACK', false),
    'sync_attributes' => [
        'username' => 'uid',
        'name' => 'cn',
    ]
];

adldap.php

return [
    'connections' => [
        'default' => [
            'auto_connect' => env('ADLDAP_AUTO_CONNECT', true),
            'connection' => Adldap\Connections\Ldap::class,
            'schema' => Adldap\Schemas\OpenLDAP::class,
            'connection_settings' => [
                'account_prefix' => env('ADLDAP_ACCOUNT_PREFIX', ''),
                'account_suffix' => env('ADLDAP_ACCOUNT_SUFFIX', ''),
                'domain_controllers' => explode(' ', env('ADLDAP_CONTROLLERS', '')),
                'port' => env('ADLDAP_PORT', 389),
                'timeout' => env('ADLDAP_TIMEOUT', 5),
                'base_dn' => env('ADLDAP_BASEDN', ''),
                'admin_account_prefix' => env('ADLDAP_ADMIN_ACCOUNT_PREFIX', ''),
                'admin_account_suffix' => env('ADLDAP_ADMIN_ACCOUNT_SUFFIX', ''),
                'admin_username' => env('ADLDAP_ADMIN_USERNAME', ''),
                'admin_password' => env('ADLDAP_ADMIN_PASSWORD', ''),
                'follow_referrals' => false,
                'use_ssl' => env('ADLDAP_USE_SSL', false),
                'use_tls' => env('ADLDAP_USE_TLS', false),
            ],
        ],
    ],
];

LoginController.php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;

class LoginController extends Controller
{

    use AuthenticatesUsers;

    protected $redirectTo = '/home';
    protected $username = 'username';

    public function username()
    {
        return 'uid';
    }

    public function __construct()
    {
        $this->middleware('guest')->except('logout');
    }
}

login.blade.php

...
<div class="form-group row">
  <label for="uid" class="col-sm-4 col-form-label text-md-right">{{ __('User Name') }}</label>

  <div class="col-md-6">
    <input id="uid" type="text" class="form-control{{ $errors->has('uid') ? ' is-invalid' : '' }}" name="uid" value="{{ old('uid') }}"
      required autofocus> @if ($errors->has('uid'))
    <span class="invalid-feedback">
      <strong>{{ $errors->first('uid') }}</strong>
    </span>
    @endif
  </div>
</div>
...

• Laravel Version: 8.0
• Adldap2-Laravel Version: 6.1
• PHP Version: 7.4.1
• LDAP Type: ActiveDirectory

<

Description

I login user using AD credential ,how can active directory user be logout ?although i destroy session but still auth is return true....

Steps To Reproduce:

By using built-in close() method public function logout{ Session::flush(); $provider = Adldap::getProvider('default'); $provider->getConnection()->close(); } why connection seem to be close in Adldap::getFacadeRoot()->getProvider('default')->getConnection()->isBound() meanwhile open in Adldap::getConnection(); [?]

• Laravel Version: 6.20.44 upgrading from 5.8
• Adldap2-Laravel Version: 6.1.6 upgrading from 3.0.*
• PHP Version: 7.4
• LDAP Type: ActiveDirectory

Hi, i'm trying to upgrade my Laravel backend to version 6, and it requires me to upgrade Adldap2-Laravel aswell, but after doing so following the upgrade guide it doesn't work anymore. It does seem to connect to my AD server, because when I change LDAP_HOST settings it returns 'can't connect to ldap server'. But when querying for users, it just returns an empty array. Here's my config:

.env:

LDAP_ACCOUNT_PREFIX="internal\\"
LDAP_ACCOUNT_SUFFIX=
LDAP_BASE_DN="OU=BLAAT,dc=INTERNAL,dc=BLAAT,dc=nl"
LDAP_HOSTS=s-hdc1.example.nl
LDAP_PORT=389
LDAP_USE_SSL=true
LDAP_ADMIN_USERNAME="user"
LDAP_ADMIN_PASSWORD="password"
LDAP_PASSWORD_SYNC=true

config\auth.php:

'providers' => [
        'users' => [
            'driver' => 'mixed',
            'model' => App\Models\User::class,
            'use_adldap' => !empty(env('LDAP_HOSTS', null))
        ],
    ],

the code i use to get users:

$users = Adldap::search()->users()->get();
\Log::Info($users);

I've allready tried republishing the config files (which genereates config/ldap.php and config/ldap_auth.php) and going through each setting to see what has changed compared to the older version of Adldap2-Laravel. Kind of at a loss here, and help is greatly appreciated. Let me know if more examples of files are needed. Thanks

• Laravel Version: 8.83.3
• Adldap2-Laravel Version: 6.1
• PHP Version: 8.0
• LDAP Type: ActiveDirectory
• Apache Version: 2.4.53
• Apache Modul; auth_gssapi

Description:

As described in the instructions, I have activated the middleware for SSO. However, this only works if I activate authentication for the entire site in Apache. Then the queries via GraphQL to Lighthouse PHP no longer work.

So I wanted to enable authentication for only one URL e.g. /auth. But then SSO no longer works. Here is my config:

     <LocationMatch "/auth">
          AllowOverride None
          AuthType GSSAPI
          AuthName "xx.yy.zz"
          GssapiBasicAuth On
          GssapiCredStore keytab:/etc/kerberos.keytab
          GssapiLocalName On
          require valid-user
        </LocationMatch>

The WWW-Authenticate parameter is included in the response and vary starts with "Authorization".

When I read the Auth::user() value in the route mentioned, it is empty.

Does anyone have a similar constellation and can tell me whether authentication with SSO is only possible via a single route?

• Laravel Version: #.#
• Adldap2-Laravel Version: #.#
• PHP Version: #.#
• LDAP Type: Active Directory

Hi Steve!

Is there a way I can get a list of distributions groups? Something like the trait HasMemberOf.

foreach ($group->getMemberNames() as $name) { // Returns 'John Doe' echo $name; }

but with distributions groups.

Thank you!

Laravel Version: 8 Adldap2-Laravel Version: 6.1 PHP Version: 7.4

I have users table.

I'm trying to make their authentication with LDAP. But when user login, It tries to recreate It's record if 'username' and 'objecthuid' columns are empty. But there's still a user with same e-mail address, so that singularity validation returns error "there's still a record with that email address."

I want to work with LDAP like; "If email exist, then login and update. If not exist so create new record."

• Laravel Version: 8
• Adldap2-Laravel Version: 6.1
• PHP Version: 7.4

Trying to login user via LDAP. It doesnt work and returns error below. Here's my code:

       config(['ldap.connections.default.settings.account_prefix' => '']);
       config(['ldap.connections.default.settings.username' => $request->username]);
       config(['ldap.connections.default.settings.password' => $request->password]);
       config(['ldap.connections.default.settings.base_dn' => 'dc=blabla,dc=com,dc=tr']);
       config(['ldap.connections.default.settings.hosts' => ['blabla']]);


       $credentials = $request->only('username', 'password');
       $aws = Auth::attempt($credentials);
        if ($aws) {
            $results = array('status' => 1, "message" => "Wrong credentials");
        }

And here's my error:

{
    "message": "Unable to locate a user without a objectguid",
    "exception": "UnexpectedValueException",
    "file": "/var/www/vhosts/blabla/httpdocs/vendor/adldap2/adldap2-laravel/src/Commands/Import.php",
    "line": 184,
    "trace": [