Skip to content

comodojo/ldaph

Repository files navigation

comodojo.ldaph

Build Status Latest Stable Version Total Downloads Latest Unstable Version License Scrutinizer Code Quality Code Coverage

poor man's php ldap class

Ldaph is a simple library made to handle LDAP/ActiveDirectory authentication and search.

It supports:

  • ssl (ldaps)
  • tls
  • single sign on (Active Directory)

Installation

Install composer, then:

composer require comodojo/ldaph 1.0.*

Basic Usage

  • Creating an instance

    Class constructor expects ldap server and port as parameters. Wrap it in a try/catch block, since it may generate a LdaphException in case of wrong parameters or missed php ext.

    try {
    	
    	$ldap = new \Comodojo\Ldaph('ldap.exampe.com', 389);
    
    }
    catch (LdaphException $le){
    
    	// handle exception here
    
    }
  • User authentication

    $dn = "uid=john,dc=example,dc=com";
    
    try {
    
    	$ldap = new \Comodojo\Ldaph('ldap.exampe.com', 389);
    	$lauth = $ldap->dn($dn)->auth('john', 'doe');
    
    }
    catch (LdaphException $le){
    
    	// handle exception here
    
    }

    Defining DN, there is a special word USERNAME that will be replaced with first auth() parameter ($username).

    Examples of DN:

  • Search LDAP tree

    Searching into ldap tree requires, at least:

    • base DN (base)
    • search DN (searchbase)
    • bind DN (dn)
    • account (user/pass)

    search() method will list ldap tree using this parameters.

    $dn = "uid=USERNAME,dc=example,dc=com";
    $base = "dc=example,dc=com";
    $searchbase = "(uid=PATTERN)";
    
    try {
    
    	$ldap = new \Comodojo\Ldaph('ldap.exampe.com', 389);
    
    	$lsearch = $ldap->base($base)
    					->searchbase($searchbase)
    					->dn($dn)
    					->account('john', 'doe')
    					->search("*",true);
    
    }
    catch (LdaphException $le){
    
    	// handle exception here
    
    }

    Special word 'PATTERN' in searchbase will be replaced with first search() parameter.

    Second parameter (if true) will return results in a more convenient, array-based form.

    Examples of searchbase (if you are looking for usernames):

    • "(&(!(objectClass=computer))(|(anr=PATTERN)))" (for Active Directory)
    • "(uid=PATTERN)" (for openLDAP)

Documentation

Contributing

Contributions are welcome and will be fully credited. Please see CONTRIBUTING for details.

License

comodojo/ldaph is released under the MIT License (MIT). Please see License File for more information.