[Question] Only allow LDAP users already in DB

[striker4150]

Environment (please complete the following information):

• LDAP Server Type: Active Directory

• LdapRecord-Laravel Major Version: v2

• PHP Version: 8.1.15

• Database: MySQL 5.7

Table Schema:

CREATE TABLE `users` (
    `id` BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
    `username` VARCHAR(255) NOT NULL COLLATE 'utf8mb4_unicode_ci',
    `first_name` VARCHAR(255) NULL DEFAULT NULL COLLATE 'utf8mb4_unicode_ci',
    `last_name` VARCHAR(255) NULL DEFAULT NULL COLLATE 'utf8mb4_unicode_ci',
    `email` VARCHAR(255) NULL DEFAULT NULL COLLATE 'utf8mb4_unicode_ci',
    `status` VARCHAR(255) NOT NULL DEFAULT 'A' COLLATE 'utf8mb4_unicode_ci',
    `created_at` TIMESTAMP NULL DEFAULT NULL,
    `updated_at` TIMESTAMP NULL DEFAULT NULL,
    `guid` VARCHAR(255) NULL DEFAULT NULL COLLATE 'utf8mb4_unicode_ci',
    `domain` VARCHAR(255) NULL DEFAULT NULL COLLATE 'utf8mb4_unicode_ci',
    PRIMARY KEY (`id`) USING BTREE,
    UNIQUE INDEX `users_username_unique` (`username`) USING BTREE,
    UNIQUE INDEX `users_guid_unique` (`guid`) USING BTREE
)

LDAP config:

'users' => [
    'driver' => 'ldap',
    'model' => LdapRecord\Models\ActiveDirectory\User::class,
    'rules' => [],
    'database' => [
        'model' => User::class,
        'password_column' => false,
        'sync_passwords' => false,
        'sync_attributes' => [
            'first_name' => 'givenname',
            'last_name' => 'sn',
            'email' => 'mail',
        ],
        'sync_existing' => [
            'username' => 'userprincipalname',
        ],
    ],
],

Hi, I would like to use the Database Auth Configuration, but I would like to only allow LDAP users to log in if they are already in my database (based on the username column). How can I accomplish this?

[stevebauman]

Hi @striker4150,

Here you go!

https://ldaprecord.com/docs/laravel/v2/auth/restricting-login/#using-only-manually-imported-users