LDAP Server Type: Active Directory (SSL Connection)
LdapRecord-Laravel Major Version: v3
PHP Version: 8.2
Hi there I am currently working on a DB-Managment-Web-App where employees can edit their CV and other personal information (not personal data stored in the Active Directory). To ensure that only employees of the university's department are able to use the application, I decided to make sure that the entire application except for the homepage is only accessible to authenticated users. I therefore decided to use Laravel as a framework and LdapRecord to get the authentication to work.
Initially there was the problem that I couldn't connect to the LDAP-Server cause my server didn't trust the CA's root Certificate. This problem is now solved and when I use $ php artisan ldap:test it passes without any issues. I therefore followed the documentation. Here are my configurations
LDAP (ldaps://xxx:636) - Operation: Search - Base DN: xxx - Filter: (&(objectclass=\74\6f\70)(objectclass=\70\65\72\73\6f\6e)(objectclass=\6f\72\67\61\6e\69\7a\61\74\69\6f\6e\61\6c\70\65\72\73\6f\6e)(objectclass=\75\73\65\72)(uid=XXX)(!(objectclass=\63\6f\6d\70\75\74\65\72))) - Selected: (objectguid,*) - Time Elapsed: 160.1
`
If I check the LDAP-Server in Apache Directory Studio I get the error that no schema is defined in Root DSE. At the Base DN I see the following:
ou=Groups
ou=People
If I click on one of the groups it is called cn=XXX. In a group there is an objectClass=groupOfNames (structural) defined as well as the cn=XXX.
If I click on one of the users it is called uid=XXX. In a group there is objectClass=idXXXAccount (structural), objectClass=top (abstract), objectClass=XXXAccount (structural), cn=XXX, givenName=XXX, mail=XXX, sn=XXX, title=XXX, uid=XXX, groupMember=XXX, groupMember=XXX, xxxuuid=XXX
The authentication should be done with the uid and password. Thanks for your help.
Environment:
Hi there I am currently working on a DB-Managment-Web-App where employees can edit their CV and other personal information (not personal data stored in the Active Directory). To ensure that only employees of the university's department are able to use the application, I decided to make sure that the entire application except for the homepage is only accessible to authenticated users. I therefore decided to use Laravel as a framework and LdapRecord to get the authentication to work.
Initially there was the problem that I couldn't connect to the LDAP-Server cause my server didn't trust the CA's root Certificate. This problem is now solved and when I use
$ php artisan ldap:testit passes without any issues. I therefore followed the documentation. Here are my configurationsdap.php:
` return [
];
`
auth.php: `<?php
return [
];
`
UserController.php: ` public function authenticate_test(Request $request) { $credentials = [ 'uid' => 'xxx', 'password' => 'xxx' ];
`
laravel.log: `LDAP (ldaps://xxx:636) - Operation: Binding - Username: xxx
LDAP (ldaps://xxx:636) - Operation: Bound - Username: xxx
LDAP (ldaps://xxx:636) - Operation: Search - Base DN: xxx - Filter: (&(objectclass=\74\6f\70)(objectclass=\70\65\72\73\6f\6e)(objectclass=\6f\72\67\61\6e\69\7a\61\74\69\6f\6e\61\6c\70\65\72\73\6f\6e)(objectclass=\75\73\65\72)(uid=XXX)(!(objectclass=\63\6f\6d\70\75\74\65\72))) - Selected: (objectguid,*) - Time Elapsed: 160.1 `
If I check the LDAP-Server in Apache Directory Studio I get the error that no schema is defined in Root DSE. At the Base DN I see the following: ou=Groups ou=People
If I click on one of the groups it is called
cn=XXX. In a group there is an objectClass=groupOfNames (structural) defined as well as the cn=XXX.If I click on one of the users it is called
uid=XXX. In a group there is objectClass=idXXXAccount (structural), objectClass=top (abstract), objectClass=XXXAccount (structural), cn=XXX, givenName=XXX, mail=XXX, sn=XXX, title=XXX, uid=XXX, groupMember=XXX, groupMember=XXX, xxxuuid=XXXThe authentication should be done with the uid and password. Thanks for your help.