PHPackages sroutier/eloquent-ldap - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Database & ORM](/categories/database) 4. / 5. sroutier/eloquent-ldap ActiveLibrary[Database & ORM](/categories/database) sroutier/eloquent-ldap ====================== A Laravel package that first tries to log the user against the internal database if that fails, it tries against the configured LDAP/AD server. 2.0(8y ago)228.7k5[1 issues](https://github.com/sroutier/eloquent-ldap/issues)1GPL-3.0PHPPHP >=7.0.0 Since Aug 7Pushed 8y ago2 watchersCompare [ Source](https://github.com/sroutier/eloquent-ldap)[ Packagist](https://packagist.org/packages/sroutier/eloquent-ldap)[ Docs](https://github.com/sroutier/eloquent-ldap)[ RSS](/packages/sroutier-eloquent-ldap/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (3)Versions (15)Used By (1) eloquent-ldap ============= [](#eloquent-ldap) [![Latest Version on Packagist](https://camo.githubusercontent.com/0ce8301178df481dde62210ca25c2de41ffc4b658f330aaef4eb783f5eb0c075/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7061636b61676973742d76302e312e322d6f72616e67652e737667)](https://packagist.org/packages/sroutier/eloquent-ldap)[![Software License](https://camo.githubusercontent.com/593d3efeb74012dc6de7db89d2833a5ec1621c3e236d115ca4c25d0b2410a324/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e63652d47504c76332d627269676874677265656e2e737667)](LICENSE.md) A Laravel package that first tries to log the user against the internal database, if that fails, it tries against the configured LDAP/AD server. Optionally it will create a local user record on first login of an LDAP user, as well as grant that user permissions to local groups that have matching names of the LDAP groups that the user is a member of. Version Compatibility --------------------- [](#version-compatibility) LaravelLERN5.1.x1.x5.5.x2.xInstall ------- [](#install) Via Composer ``` $ composer require sroutier/eloquent-ldap ``` Declare provider ---------------- [](#declare-provider) Add this declaration in the provider array of your `./config/app.php` file: ``` Sroutier\EloquentLDAP\Providers\EloquentLDAPServiceProvider::class, ``` Publish assets -------------- [](#publish-assets) To publish the assets, config file and migration scripts, run this command: ``` $ php artisan vendor:publish --provider="Sroutier\EloquentLDAP\Providers\EloquentLDAPServiceProvider" ``` This will publish a config file and a migration file. Migration --------- [](#migration) The migration script will add a new column `auth_type` to the schema of the `users` table, and one column `resync_on_login` to the `groups` table. You should already have both tables, but if you do not or if you want to use different tables for those purposes, the migration to create those tables is provided as an example, but commented out. You will want to review the migration script and adjust according to your scenario. Once ready, run the migration script with this command: ``` $ php artisan migrate ``` Configure --------- [](#configure) The recommended way to configure this package is by defining the following variables in you `.env` file and adjusting the values there. For a detailed explanation of each setting, refer to the config file that you published above. The configuration that you will need will vary based on the type or server that you wish to authenticate against. Below are example config section for both options, Lightweight Directory Access Protocol (LDAP) and Microsoft Active Directory (MSAD). ### Microsoft Active Directory server. [](#microsoft-active-directory-server) Below is a section of a `.env` config file that shows how to configure your system to access a Microsoft Active Directory server: ``` eloquent-ldap.enabled=true eloquent-ldap.debug=false eloquent-ldap.server_type=MSAD eloquent-ldap.create_accounts=true eloquent-ldap.replicate_group_membership=true eloquent-ldap.resync_on_login=true eloquent-ldap.group_model=App\Models\Role eloquent-ldap.label_internal=internal eloquent-ldap.label_ldap=ldap eloquent-ldap.account_suffix=@company.com eloquent-ldap.base_dn=DC=department,DC=company,DC=com eloquent-ldap.server=ldapsrv01.company.com eloquent-ldap.port=389 eloquent-ldap.user_name=ldap_reader eloquent-ldap.password=PaSsWoRd eloquent-ldap.return_real_primary_group=true eloquent-ldap.secured=false eloquent-ldap.secured_port=636 eloquent-ldap.recursive_groups=true eloquent-ldap.sso=false eloquent-ldap.username_field=samaccountname eloquent-ldap.email_field=userprincipalname eloquent-ldap.first_name_field=givenname eloquent-ldap.last_name_field=sn eloquent-ldap.user_filter=(&(objectcategory=person)(samaccountname=%username)) ``` ### Lightweight Directory Access Protocol server. [](#lightweight-directory-access-protocol-server) Below is a section of a `.env` config file that shows how to configure your system to access a Lightweight Directory Access Protocol server: ``` eloquent-ldap.enabled=true eloquent-ldap.debug=false eloquent-ldap.server_type=LDAP eloquent-ldap.create_accounts=true eloquent-ldap.replicate_group_membership=false eloquent-ldap.resync_on_login=false eloquent-ldap.group_model=App\Models\Role eloquent-ldap.label_internal=internal eloquent-ldap.label_ldap=ldap eloquent-ldap.account_suffix= eloquent-ldap.base_dn=dc=example,dc=com eloquent-ldap.server=ldap.forumsys.com eloquent-ldap.port=389 eloquent-ldap.user_name=cn=read-only-admin,dc=example,dc=com eloquent-ldap.password=password eloquent-ldap.return_real_primary_group=true eloquent-ldap.secured=false eloquent-ldap.secured_port=636 eloquent-ldap.recursive_groups=true eloquent-ldap.sso=false eloquent-ldap.username_field=uid eloquent-ldap.email_field=mail eloquent-ldap.first_name_field= eloquent-ldap.last_name_field=sn eloquent-ldap.user_filter=(&(objectclass=person)(uid=%username)) ``` ***NOTE:*** THe configuration options above will allow you to connect and authenticate users using the publicly available OpenLDAP test server hosted by [Forum Systems](http://www.forumsys.com/en/tutorials/integration-how-to/ldap/online-ldap-test-server/). ### MSAD vs LDAP [](#msad-vs-ldap) A couple of difference in how to configure the system depending on which server type is being used are worth pointing out. - eloquent-ldap.server\_type: Can be either LDAP or MSAD. Lets the system know how to interact with the authentication server. - eloquent-ldap.replicate\_group\_membership: Currently only supported for MSAD servers. - eloquent-ldap.resync\_on\_login: Currently only supported for MSAD servers. - eloquent-ldap.account\_suffix: - LDAP: Should remain empty for LDAP servers. - MSAD: Should contain the static part of the users email address. - eloquent-ldap.user\_name: - LDAP: Should be the complete DN of the user to bind with. - MSAD: Simply the name of the user to bind with. - eloquent-ldap.return\_real\_primary\_group: - LDAP: Not used. - MSAD: Fix Microsoft AD not following standards may incur extra processing. Usage ----- [](#usage) The `users` table/model must have the following columns/attributes named `username`, `first_name`, `last_name` and `email`. The migration script provided with this package has an example of how to create such a table but it is commented out. The user model must have the `auth-type` attribute added to its `fillable` array to allow setting the column in the database. Also your login view and `AuthController` must accept a user name and password. They can accept other fields if you want, such as email, security token, etc... But the first time a new user tries to log in, since he will not be found in the local database, the package will need the user name to authenticate against the LDAP server. Example ------- [](#example) For a concrete example of this package used in an active project, see [sroutier/laravel-5.1-enterprise-starter-kit](https://github.com/sroutier/laravel-5.1-enterprise-starter-kit). Note that in that project this package is used in combination with [Zizaco/entrust](https://github.com/zizaco/entrust) to provide role based authorization, therefore there is no group model, but instead a role model. Change log ---------- [](#change-log) Please see [CHANGELOG](CHANGELOG.md) for more information what has changed recently. Contributing ------------ [](#contributing) Please see [CONTRIBUTING](CONTRIBUTING.md) for details. Security -------- [](#security) If you discover any security related issues, please email instead of using the issue tracker. Credits ------- [](#credits) - [Sebastien Routier](https://github.com/sroutier) - [All Contributors](https://github.com/sroutier/eloquent-ldap/graphs/contributors) License ------- [](#license) The GNU General Public License Version 3 (GPLv3). Please see [License File](LICENSE.md) for more information. ### Health Score 36 — LowBetter than 82% of packages Maintenance19 Infrequent updates — may be unmaintained Popularity31 Limited adoption so far Community16 Small or concentrated contributor base Maturity66 Established project with proven stability Bus Factor1 Top contributor holds 93.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~69 days Recently: every ~104 days Total 13 Last Release 3098d ago Major Versions 0.1.10 → 1.02017-03-21 1.0 → 2.02017-11-14 PHP version history (2 changes)0.1.0PHP >=5.5.9 2.0PHP >=7.0.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/06ae2fa96df33d63760f91043de13bb8724a0ebe5b4052155d8bb7d782dc15b4?d=identicon)[sroutier](/maintainers/sroutier) --- Top Contributors [![sroutier](https://avatars.githubusercontent.com/u/3011606?v=4)](https://github.com/sroutier "sroutier (30 commits)")[![EmaBJ](https://avatars.githubusercontent.com/u/16415143?v=4)](https://github.com/EmaBJ "EmaBJ (1 commits)")[![KHlushchenko](https://avatars.githubusercontent.com/u/6852568?v=4)](https://github.com/KHlushchenko "KHlushchenko (1 commits)") --- Tags active-directoryauthenticationeloquentlaravellaravel-packageldapphplaravelauthAuthenticationeloquentldapactive directoryadldap-eloquent ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/sroutier-eloquent-ldap/health.svg) ``` [![Health](https://phpackages.com/badges/sroutier-eloquent-ldap/health.svg)](https://phpackages.com/packages/sroutier-eloquent-ldap) ``` ### Alternatives [tucker-eric/eloquentfilter An Eloquent way to filter Eloquent Models 1.8k4.8M26](/packages/tucker-eric-eloquentfilter)[watson/validating Eloquent model validating trait. 9723.3M47](/packages/watson-validating)[kodeine/laravel-acl Light-weight role-based permissions for Laravel 5 built in Auth system. 782354.8k5](/packages/kodeine-laravel-acl)[cybercog/laravel-love Make Laravel Eloquent models reactable with any type of emotions in a minutes! 1.2k302.7k1](/packages/cybercog-laravel-love)[cviebrock/eloquent-taggable Easy ability to tag your Eloquent models in Laravel. 567694.8k3](/packages/cviebrock-eloquent-taggable)[reedware/laravel-relation-joins Adds the ability to join on a relationship by name. 2121.2M13](/packages/reedware-laravel-relation-joins) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)