PHPackages silverstripe/activedirectory - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. silverstripe/activedirectory Abandoned → [silverstripe/ldap](/?search=silverstripe%2Fldap)ArchivedSilverstripe-module[Authentication & Authorization](/categories/authentication) silverstripe/activedirectory ============================ Adds Active Directory support to SilverStripe including user synchronisation and SSO/LDAP authentication 3.2.1(8y ago)2621.0k26BSD-3-ClausePHPPHP >=5.4 Since Jun 12Pushed 3y ago13 watchersCompare [ Source](https://github.com/silverstripe/silverstripe-activedirectory)[ Packagist](https://packagist.org/packages/silverstripe/activedirectory)[ RSS](/packages/silverstripe-activedirectory/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (6)Dependencies (7)Versions (20)Used By (0) WARNING ======= [](#warning) This package is no longer being maintained. Consider using alternatives like [`silverstripe/ldap`](https://packagist.org/packages/silverstripe/ldap) instead. SilverStripe Active Directory module ==================================== [](#silverstripe-active-directory-module) [![Build Status](https://camo.githubusercontent.com/3f9d59fc200769177513ac9de48a8de4bd6ac671cd7361e4ce9e493d8b0204ee/68747470733a2f2f7365637572652e7472617669732d63692e6f72672f73696c7665727374726970652f73696c7665727374726970652d6163746976656469726563746f72792e737667)](https://travis-ci.org/silverstripe/silverstripe-activedirectory)[![SilverStripe supported module](https://camo.githubusercontent.com/9b7e93d393a01f6d3091fb30983b870aa863ef076858115faaa1c74b995854ec/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f73696c7665727374726970652d737570706f727465642d3030373143342e737667)](https://www.silverstripe.org/software/addons/silverstripe-commercially-supported-module-list/) Introduction ------------ [](#introduction) This SilverStripe module provides Active Directory integration. It comes with three major components: - Single sign-on authentication with SAML - Synchronisation of Active Directory users and group memberships via LDAP - Active Directory authentication via LDAP binding These components may be used in any combination, also alongside the default SilverStripe authentication scheme. Requirements ------------ [](#requirements) - PHP 5.4+ with extensions: ldap, openssl, dom, and mcrypt - SilverStripe 3.1 - Active Directory on Windows Server 2008 R2 or greater (AD) - Active Directory Federation Services 2.0 or greater (ADFS) - HTTPS endpoint on SilverStripe site - HTTPS endpoint on ADFS - SSL/StartTLS encrypted LDAP endpoint on Active Directory This module has been tested on the following configurations: - Windows Server 2008 R2 with ADFS 2.0 - Windows Server 2012 R2 with ADFS 3.0 This module has not been tested on non-Microsoft directory products, such as OpenLDAP. **Note:** This module will not be supported on SilverStripe 4. Please use either [silverstripe/ldap](https://github.com/silverstripe/silverstripe-ldap)or [silverstripe/saml](https://github.com/silverstripe/silverstripe-saml) for SilverStripe 4 compatibility. Overview -------- [](#overview) [![](docs/en/img/saml_ad_integration.png)](docs/en/img/saml_ad_integration.png)*(Image) Typical authentication and authorisation flow for this module* [Security Assertion Markup Language (SAML)](http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language) is an XML-based, open-standard data format for exchanging authentication and authorization data between parties. The single most important requirement that SAML addresses is web browser single sign-on (SSO). With this module, SilverStripe site is able to act as a SAML Service Provider (SP) entity, and thus allows users to perform a single sign-on against a centralised user directory (an Identity Provider - IdP). The intended counterparty for this module is the [Active Directory Federation Services (ADFS)](http://en.wikipedia.org/wiki/Active_Directory_Federation_Services). ADFS is a software component developed by Microsoft that can be installed on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries. ADFS uses a claims-based access control authorization model to maintain application security and implement federated identity. We rely on this mechanism for authentication, and for automated synchronisation of some basic personal details into SilverStripe. To synchronise further personal details, LDAP synchronisation feature can be used, also included in this module. This allows arbitrary fields to be synchronised - including binary fields such as photos. If relevant mappings have been configured in the CMS the module will also automatically maintain SilverStripe group memberships, which opens the way for an AD-centric authorisation. If SAML authentication cannot be used, this module also provides an LDAP authenticator as an alternative. Security -------- [](#security) With appropriate configuration, this module provides a secure means of authentication and authorisation. For secure communication over the internet during the SAML authentication process, users must communicate with SilverStripe and ADFS using HTTPS. Similarly, for AD authentication to be secure users must access the SilverStripe site using HTTPS. SilverStripe trusts ADFS responses based on pre-shared x509 certificates. These certificates are exchanged between the Identity Provider (ADFS) and the Service Provider (SilverStripe site) during the initial configuration phase. AD user synchronisation and authentication is hidden behind the backend (server to server communication), but must still use encrypted LDAP communication to prevent eavesdropping (either StartTLS or SSL - this is configurable). If the webserver and the AD server are hosted in different locations, a VPN could also be used to further encapsulate the traffic going over the public internet. In-depth guides --------------- [](#in-depth-guides) - [Developer guide](docs/en/developer.md) - configure your SilverStripe site - [ADFS administrator guide](docs/en/adfs.md) - prepare the Identity Provider - [CMS usage guide](docs/en/usage.md) - manage LDAP group mappings - [Troubleshooting](docs/en/troubleshooting.md) - common problems Changelog --------- [](#changelog) The changelog can be found at [CHANGELOG.MD](CHANGELOG.MD). ### Health Score 39 — LowBetter than 86% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity34 Limited adoption so far Community27 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor1 Top contributor holds 58.9% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~87 days Recently: every ~132 days Total 18 Last Release 2507d ago Major Versions 1.0.0 → 2.0.02016-04-08 2.0.0 → 3.0.02017-02-08 3.x-dev → 4.x-dev2019-07-07 ### Community Maintainers ![](https://www.gravatar.com/avatar/b0cba8b534e20e6ab4fff555a97b237a18436ebca1446fc0b29c8a8b504038b9?d=identicon)[GuySartorelli](/maintainers/GuySartorelli) ![](https://www.gravatar.com/avatar/a25bc04c5720a36869d5a39c6449dde7eb43e19b7c8e666d5f632d6a9ab440b1?d=identicon)[emteknetnz](/maintainers/emteknetnz) ![](https://www.gravatar.com/avatar/afbb3dcc9ef29c1a6eedd6addcae5fce9ab1271915a85a4c349301b71237368d?d=identicon)[silverstripe-machine01](/maintainers/silverstripe-machine01) --- Top Contributors [![mateusz](https://avatars.githubusercontent.com/u/118653?v=4)](https://github.com/mateusz "mateusz (43 commits)")[![robbieaverill](https://avatars.githubusercontent.com/u/5170590?v=4)](https://github.com/robbieaverill "robbieaverill (9 commits)")[![dhensby](https://avatars.githubusercontent.com/u/563596?v=4)](https://github.com/dhensby "dhensby (8 commits)")[![zenril](https://avatars.githubusercontent.com/u/1300057?v=4)](https://github.com/zenril "zenril (5 commits)")[![halkyon](https://avatars.githubusercontent.com/u/138450?v=4)](https://github.com/halkyon "halkyon (1 commits)")[![jakedaleweb](https://avatars.githubusercontent.com/u/11186642?v=4)](https://github.com/jakedaleweb "jakedaleweb (1 commits)")[![GuySartorelli](https://avatars.githubusercontent.com/u/36352093?v=4)](https://github.com/GuySartorelli "GuySartorelli (1 commits)")[![micmania1](https://avatars.githubusercontent.com/u/881537?v=4)](https://github.com/micmania1 "micmania1 (1 commits)")[![NightJar](https://avatars.githubusercontent.com/u/778003?v=4)](https://github.com/NightJar "NightJar (1 commits)")[![Firesphere](https://avatars.githubusercontent.com/u/680570?v=4)](https://github.com/Firesphere "Firesphere (1 commits)")[![sosumi](https://avatars.githubusercontent.com/u/860456?v=4)](https://github.com/sosumi "sosumi (1 commits)")[![chillu](https://avatars.githubusercontent.com/u/111025?v=4)](https://github.com/chillu "chillu (1 commits)") --- Tags silverstripe-modulesilverstripeSSOsamldirectoryldapadactive ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/silverstripe-activedirectory/health.svg) ``` [![Health](https://phpackages.com/badges/silverstripe-activedirectory/health.svg)](https://phpackages.com/packages/silverstripe-activedirectory) ``` ### Alternatives [onelogin/php-saml PHP SAML Toolkit 1.3k44.0M107](/packages/onelogin-php-saml)[hslavich/oneloginsaml-bundle OneLogin SAML Bundle for Symfony 1482.5M1](/packages/hslavich-oneloginsaml-bundle)[codegreencreative/laravel-samlidp Make your PHP Laravel application an Identification Provider using SAML 2.0. This package allows you to implement your own Identification Provider (idP) using the SAML 2.0 standard to be used with supporting SAML 2.0 Service Providers (SP). 263763.5k1](/packages/codegreencreative-laravel-samlidp)[humanmade/wp-simple-saml WordPress Simple SAML plugin 124284.7k2](/packages/humanmade-wp-simple-saml)[scaler-tech/laravel-saml2 SAML2 Service Provider integration for Laravel applications, based on OneLogin toolkit 2737.5k](/packages/scaler-tech-laravel-saml2)[nbgrp/onelogin-saml-bundle OneLogin SAML Symfony Bundle 551.2M](/packages/nbgrp-onelogin-saml-bundle) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)