search

DirectoryTree / LdapRecord-Laravel

Multi-domain LDAP Authentication & Management for Laravel.
https://ldaprecord.com/docs/laravel/v3
MIT License
509 stars 54 forks source link

[Support] Is Samba supported? #446

Closed FrancescoD3V closed 2 years ago

FrancescoD3V commented 2 years ago

Hi, do you know if I can log in via samba?

So I set config \ auth.php

'ldap' => [ 'driver' => 'ldap', 'model' => LdapRecord \ Models \ ActiveDirectory \ User :: class, 'database' => [ 'model' => App \ User :: class, 'sync_passwords' => false, 'sync_attributes' => [ 'name' => 'cn', 'email' => 'mail', ], ], ],

But when I do php artisan ldap: import the console tells me there are no users

Environment:

stevebauman commented 2 years ago

Hi @FrancescoD3V,

Can you post your LDAP configuration with any sensitive details excluded (password, etc.)?

FrancescoD3V commented 2 years ago

Sure!

auth env ldap login user

stevebauman commented 2 years ago

Thanks for posting that.

I see that you're using the ActiveDirectory\User model. This will result in searches returning no results with Samba. The ActiveDirectory\User model contains object classes that do not exist in Samba. LdapRecord doesn't come out of the box with Samba models (I don't have a server to test with).

I would first attempt to run the php artisan ldap:browse command to verify that you can connect to your LDAP server and browse your directory. Check if you can see all of its objects.

Once you've confirmed that, you will have to create a new LDAP user model to be able to synchronize users into your local database. To do this, run php artisan make:ldap-model User. A new User model will be created in your Laravel application's app/Ldap folder.

Open the newly created app/Ldap/User.php model, and update its object classes to your Samba user's object classes (I don't know what they are).

Note. This is critical. If they do not match your user's Samba object classes, you will not get any results during import, or you will get results that are not actually users:

namespace App\Ldap;

use LdapRecord\Models\Model;

class User extends Model
{
    public static $objectClasses = [
        // Insert the list of objectclasses here.
    ];
}

Now, open the config/auth.php file and replace the ActiveDirectory\User model reference with \App\Ldap\User::class:

'ldap' => [
    'driver' => 'ldap',
    'model' => \LdapRecord\Models\ActiveDirectory\User::class // <-- Replace this
    'model' => \App\Ldap\User::class, // <-- With this
    // ...
],

Finally, try running php artisan ldap:import again. See if it imports any users.

This should get you up and running. Let me know if you run into further issues.