I'm using FR3DLdapBundle with FOSUserBundle.
Symfony 2.5.6
FOSUserBundle ~2.0@dev
FR3DLdapBundle ~2.0@dev
$ldapManager = $this->get('fr3d_ldap.ldap_manager');
print_r($ldapManager->findUserByUsername('nhoang@ldap.example.com'));
But I catch one error.
Binding requires username in DN form
CRITICAL - Uncaught PHP Exception FR3D\LdapBundle\Driver\LdapDriverException: "An error occur with the search operation." at myproj\vendor\fr3d\ldap-bundle\FR3D\LdapBundle\Driver\ZendLdapDriver.php line 55
I have done everything in the installation documents
fr3d_ldap:
driver:
host: ldap.example.com
port: 389
username: ldapadmin@ldap.example.com
password: password
bindRequiresDn: true
baseDn: dc=ldap,dc=example,dc=com
accountFilterFormat: (&(uid=%s)) # Optional. sprintf format %s will be the username
user:
baseDn: dc=ldap,dc=example,dc=com
filter: (&(ObjectClass=Person))
attributes:
- { ldap_attr: uid, user_method: setUsername }
providers:
chain_provider:
chain:
providers: [fos_userbundle, fr3d_ldapbundle]
fr3d_ldapbundle:
id: fr3d_ldap.security.user.provider
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
admin:
pattern: /admin/(.*)
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
login_path: _admin_login
check_path: _admin_login_check
default_target_path: /admin
logout:
path: _admin_logout
target: _admin_login
anonymous: true
main:
pattern: ^/
fr3d_ldap: ~
form_login:
provider: chain_provider
csrf_provider: form.csrf_provider
default_target_path: /profile
logout: true
anonymous: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
default:
anonymous: ~
I don't get how to make this work.
We faced the very same issue when trying to make our internal auxiliary tool to work with corporate domain authentication.
We had to do the following to get it to work:
Even though fr3d documentation says this is for OpenLDAP only, we tried to set special auth account username in the following form under driver settings (instead of AuthAccount@dns.example.com, and yes, our corporate LDAP is Microsoft AD):
fr3d_ldap: driver: host: dns.example.com port: 389 username: CN=AuthAccount,OU=Pseudo Accounts,OU=Managed Objects,DC=example,DC=com password: yourPassw0rd bindRequiresDn: true
Note there is no baseDn at all (already set in username, otherwise further filtering will work incorrectly).
After that the issue is gone and the only thing left is to correctly set the user settings:
user: baseDn: OU=Managed Objects,DC=example,DC=com filter: (&(sAMAccountName=%s))
Still have some work to do with attributes and so on, but with the above settings the LDAP auth itself started to work fine and we were able to log in to our tool with domain credentials.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.