Open MoiseScalzo opened 5 years ago
UPDATE: maybe I've solved changing this:
'ldap' => [
'discover' => 'userprincipalename',
'authenticate' => 'password'
]
to this:
'ldap' => [
'discover' => 'userprincipalname',
'authenticate' => 'userprincipalname',
],
can you confirm that is the right way?
Hi @MoiseScalzo,
This is definitely the right way when using ActiveDirectory. The authenticate
value is what to use as the users username when calling ldap_bind()
on your configured LDAP connection. Setting it to password
won't work.
For example, in ActiveDirectory, a users Distinguished Name or User Principal Name can be used as a username to bind to ActiveDirectory servers:
// Using UPN:
$userPrincipalName = 'jdoe@acme.org';
ldap_bind($conn, $userPrincipalName, 'secret-password');
// Using DN:
$dn = 'cn=John Doe,ou=Users,dc=acme,dc=org';
ldap_bind($conn, $dn, 'secret-password');
So you can actually use either distinguishedname
or userprincipalname
as the value for the authenticate
option. They will both work.
I hope I made it more understandable!
Are you able to successfully login now?
Hi, @stevebauman thank you very much for the clarification. Now login works correctly. Thanks
Description:
I'm trying to login with email address (as userprincipalename) and password in a
NoDatabaseUserProvider
configuration but theAuth::attempt()
return always false. On the other hand,Adldap::auth()->attempt($request->userprincipalname, $request->password, $bindAsUser = true);
it return true and alsoAdldap::search()->findBy('userprincipalname', $username)
works correctly. So, where I'm wrong? :( thank you in advanceconfig/auth.php
config/ldap_auth.php
App\Http\Controllers\Auth\LoginController
login.blade.php