Skip to content
Enables LDAP authentication for mautic 2 and newer
PHP JavaScript
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Packagist Packagist Version Build Status Scrutinizer Code Quality mautic

Mautic LDAP Authentication Plugin

This Plugin enables LDAP authentication for mautic 2 and newer. Even though Mautic offers SAML authentication, the main objective is to offer an alternative to those who do not want to setup SSO in their company just for mautic 😃

Installation via composer (preferred)

Execute composer require monogramm/mautic-ldap-auth-bundle in the main directory of the mautic installation.

Installation via .zip

  1. Download the, extract it into the plugins/ directory and rename the new directory to MauticLdapAuthBundle.
  2. Install symfony/ldap requirements with composer: composer require symfony/ldap:~2.8
  3. Clear the cache via console command php app/console cache:clear --env=prod (might take a while) OR manually delete the app/cache/prod directory.


Navigate to the Plugins page and click "Install/Upgrade Plugins". You should now see a "LDAP Auth" plugin.

After activating the plugin, you can now go to "Configuration > LDAP Settings" to edit the parameters.

You can also edit manually your parameters in local.php (adapt to your LDAP configuration):

    //'parameters' => array(
    // ...
        'ldap_auth_host' => '',
        'ldap_auth_port' => 389,
        'ldap_auth_version' => 3,
        'ldap_auth_ssl' => false,
        'ldap_auth_starttls' => true,
        'ldap_auth_base_dn' => 'ou=People,dc=ldap,dc=mysupercompany,dc=com',
        'ldap_auth_user_query' => '(objectclass=inetOrgPerson)',
        'ldap_auth_username_attribute' => 'uid',
        'ldap_auth_email_attribute' => 'mail',
        'ldap_auth_firstname_attribute' => 'givenname',
        'ldap_auth_lastname_attribute' => 'sn',
        'ldap_auth_fullname_attribute' => 'displayname',
        'ldap_auth_isactivedirectory' => false,
    // ...

A sample configuration for Active Directory is

    //'parameters' => array(
    // ...
        'ldap_auth_host' => '',
        'ldap_auth_port' => 389,
        'ldap_auth_version' => 3,
        'ldap_auth_ssl' => false,
        'ldap_auth_starttls' => false,
        'ldap_auth_base_dn' => 'cn=Users,dc=ad,dc=mysupercompany,dc=com',
        'ldap_auth_user_query' => '(objectclass=user)(memberof=marketing)',     // careful this can be case sensitive!
        'ldap_auth_username_attribute' => 'samaccountname',                     // this is case sensitive!
        'ldap_auth_email_attribute' => 'mail',
        'ldap_auth_firstname_attribute' => 'givenname',
        'ldap_auth_lastname_attribute' => 'sn',
        'ldap_auth_fullname_attribute' => 'displayname',
        'ldap_auth_isactivedirectory' => true,
        'ldap_auth_activedirectory_domain' => '',
    // ...

Once the parameters are set, open a new browser and check connection through LDAP. Do not log out until LDAP configuration is valid!

Developments in progress

  • Test LDAP Authentication settings
  • LDAP bind account and Group management


Ideas and suggestions are welcome. Feel free to create an issue or PR on Github using our CONTRIBUTING guidelines.


See LICENSE file.


Awesome contributor(s)

You can’t perform that action at this time.