CODEWITHSUNDEEP
phpauthenticationldapsymfony
marcus
marcus

Reputation: 41

Symfony3 LDAP authentication bind credentials

I'm struggling with the ldap authentication within a symfony project.

My service looks like this:

ldap:
    class: Symfony\Component\Ldap\Ldap
    factory: ['Symfony\Component\Ldap\Ldap', 'create']
    arguments:
        - 'ext_ldap'
        - host: 'ldap.example.com'

The bind and a example query to the ldap server are working fine:

$ldap = $this->get('ldap');
$ldap->bind('binduser', 'bindpw');
$query = $ldap->query('OU=MyBusiness,DC=example,DC=com', 'sAMAccountName=xxx');

Now I want to authenticate against the ldap server. I have used the firewall settings from http://symfony.com/doc/current/security/ldap.html#configuration-example-for-form-login. But the great question is where to put the bind credentials here?

The corresponding log entry here is:

php.DEBUG: Warning: ldap_bind(): Unable to bind to server: Invalid credentials

So it's pretty obvious what's missing, but I couldn't find a way to provide the bind credentials to form_login_ldap.

The reference on http://symfony.com/doc/current/reference/configuration/security.html also doesn't show how to provide them.

Thanks!

Upvotes: 2

Views: 1157

Answers (1)

ste
ste

Reputation: 1539

The bind credentials are those submitted from the user in the form.

As you see here http://symfony.com/doc/current/security/ldap.html#configuration-example-for-form-login

            service: ldap
            dn_string: 'uid={username},dc=example,dc=com'

you just need to specify the dn_string and the user will be authenticated with his credentials calling a ldap_bind.

Is your user (the one you entered in the form) authorized to ldap_bind? The one you enter in the config of the LDAP user provider, if you have one, is useless for this purpose.

The form login is a traditional login form that can be done following this http://symfony.com/doc/current/security/form_login_setup.html

Upvotes: 0

Related Questions