On this page

Configuration

Important: It's recommended to only use one approach listed in this guide below. Using both approaches to configure your LDAP connections may lead to unexpected results.

LdapRecord-Laravel provides two ways to configure your connections:

Using a published configuration file

To publish the ldap.php configuration file, execute the below artisan command:

php artisan vendor:publish --provider="LdapRecord\Laravel\LdapServiceProvider"

The ldap.php file will then be created inside your applications config, directory.

Inside the configuration file, set up your LDAP connections, or paste the following in your .env file to get started quicky:

Review the LDAP configuration documentation to see what each option is used for.

LDAP_CACHE=false
LDAP_LOGGING=true
LDAP_CONNECTION=default
LDAP_HOST=127.0.0.1
LDAP_USERNAME="cn=user,dc=local,dc=com"
LDAP_PASSWORD=secret
LDAP_PORT=389
LDAP_BASE_DN="dc=local,dc=com"
LDAP_TIMEOUT=5
LDAP_SSL=false
LDAP_TLS=false
LDAP_SASL=false

If you'd like to configure more options that are specified in the ldap.php file, you may create your own env variables to control those options.

Using an environment file (.env)

LDAP connections may be configured directly in your .env without having to publish any configuration files.

If your application has a single connection, you can paste the below env to get started right away:

LDAP_CACHE=false
LDAP_LOGGING=true
LDAP_CONNECTION=default
LDAP_CONNECTIONS=default

LDAP_DEFAULT_HOSTS=10.0.0.1
LDAP_DEFAULT_USERNAME="cn=admin,dc=local,dc=com"
LDAP_DEFAULT_PASSWORD=secret
LDAP_DEFAULT_PORT=389
LDAP_DEFAULT_BASE_DN="dc=local,dc=com"
LDAP_DEFAULT_TIMEOUT=5
LDAP_DEFAULT_SSL=false
LDAP_DEFAULT_TLS=false
LDAP_DEFAULT_SASL=false

To set up multiple connections, you may use a comma-separated list of connection names using the LDAP_CONNECTIONS variable:

LDAP_CONNECTIONS=alpha,bravo

Next, set your default LDAP connection by using the LDAP_CONNECTION variable:

LDAP_CONNECTION=alpha

Then, to configure options for each connection you have specified, you must suffix them by LDAP_{CONNECTION}_:

LDAP_CACHE=false
LDAP_LOGGING=true
LDAP_CONNECTION=alpha
LDAP_CONNECTIONS=alpha,bravo

LDAP_ALPHA_HOSTS=10.0.0.1,10.0.0.2
LDAP_ALPHA_USERNAME="cn=admin,dc=alpha,dc=com"
LDAP_ALPHA_PASSWORD=secret
LDAP_ALPHA_PORT=389
LDAP_ALPHA_BASE_DN="dc=alpha,dc=com"
LDAP_ALPHA_TIMEOUT=5
LDAP_ALPHA_SSL=false
LDAP_ALPHA_TLS=false
LDAP_ALPHA_SASL=false

LDAP_BRAVO_HOSTS=11.0.0.1,11.0.0.2
LDAP_BRAVO_USERNAME="cn=admin,dc=bravo,dc=com"
LDAP_BRAVO_PASSWORD=secret
LDAP_BRAVO_PORT=389
LDAP_BRAVO_BASE_DN="dc=bravo,dc=com"
LDAP_BRAVO_TIMEOUT=5
LDAP_BRAVO_SSL=false
LDAP_BRAVO_TLS=false
LDAP_BRAVO_SASL=false

To configure PHP LDAP options for a connection using an env variable, use the configuration name pattern LDAP_{CONNECTION}_OPT_{NAME}.

For example, you may configure the option LDAP_OPT_X_TLS_CERTFILE for a connection named alpha like so:

LDAP_ALPHA_OPT_X_TLS_CERTFILE=/usr/bin/etc/path

Caching

To enable caching for your LDAP connections, you may use the LDAP_CACHE environment variable:

LDAP_CACHE=true

After enabling caching, you may set the cache duration for your queries on your models the cache() method:

use App\Ldap\User;

$until = new \DateTime('tomorrow');
   
$results = User::cache($until)->get();

When caching queries, a signature is built from the model, its connection, and the query parameters to ensure that other queries executed do not call upon the same cache results. For example:

$until = new \DateTime('tomorrow');

$results = User::cache($until)->get();

// Different cache key due to where clause.
$results = User::where('cn', 'John Doe')->cache($until)->get();

Testing your connection

Once you have your connection(s) configured, run a quick test to make sure they've been set up properly:

php artisan ldap:test
Generated on March 17, 2024
Edit on GitHub