Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Ldaprecord
Assessments

Ldaprecord Laravel Package

directorytree/ldaprecord

Integrate LDAP into Laravel with a fluent, ActiveRecord-style API. LdapRecord handles connections, queries, authentication, and directory operations across AD and OpenLDAP. Includes Laravel-ready features for config, models, and user syncing.

View on GitHub
Deep Wiki
Context7

Product Decisions This Supports

  • Identity & Access Management (IAM) Systems: Enables seamless integration of LDAP/Active Directory with Laravel applications, reducing reliance on custom LDAP libraries or third-party SaaS solutions (e.g., Okta, Azure AD). Supports build vs. buy decisions by providing a maintainable, open-source alternative.

    • Use Cases: SSO, user provisioning, directory synchronization, and role-based access control (RBAC).

  • Enterprise Authentication: Accelerates development of SSO (Single Sign-On), user provisioning, and directory synchronization features, aligning with roadmaps for internal tools, HR systems, or customer portals.

    • Example: Integrate Active Directory with a Laravel-based employee portal to automate user onboarding/offboarding.

  • Legacy System Modernization: Facilitates migration of monolithic PHP/LDAP applications to Laravel by standardizing LDAP interactions with Eloquent-like syntax.

    • Example: Replace a legacy PHP script using ldap_connect() with a Laravel model using LdapRecord.

  • Compliance & Security: Addresses GDPR, HIPAA, or FERPA requirements by enabling granular LDAP attribute access (e.g., lastLogin, accountStatus) without exposing raw directory data.

    • Example: Restrict access to sensitive attributes like userPassword via Laravel policies.

  • Multi-Tenant SaaS: Supports tenant-specific LDAP configurations (e.g., per-tenant base DNs) via Laravel’s service container bindings.

    • Example: Configure separate LDAP connections for each SaaS tenant in a shared hosting environment.

  • Developer Productivity: Reduces boilerplate for LDAP operations by providing Eloquent-like syntax, query builders, and Laravel integrations (e.g., caching, observers).

    • Example: Replace 50 lines of raw LDAP code with a single User::where('department', 'IT')->get().

  • Testing & Debugging: Includes tools like DirectoryFake for unit testing and granular debug levels (e.g., DEBUG_FILTER, DEBUG_PACKETS) to simplify troubleshooting.

    • Example: Mock LDAP responses in PHPUnit tests without external dependencies.

When to Consider This Package

  • Avoid if:

    • Your LDAP environment is highly dynamic (e.g., frequent schema changes) and requires real-time schema validation—consider a dedicated LDAP management tool like Apache Directory Studio or 389 Directory Server.
    • You need advanced LDAPv3 features (e.g., syncrepl, chaining referrals, or dynamic groups) unsupported by this ORM—evaluate phpLDAPadmin or LDAP SDKs like adldap2.
    • Your team lacks PHP/Laravel expertise—this package assumes familiarity with Eloquent and Laravel’s service container.
    • You require sub-millisecond latency for LDAP operations—this ORM adds abstraction overhead compared to raw ldap_* functions.
    • Your application uses non-standard LDAP extensions (e.g., custom controls, proprietary schemas) not covered by the package’s attribute casting system.

  • Consider if:

    • You’re building a Laravel application with LDAP dependencies (e.g., authentication, user management).
    • Your LDAP directory is stable (e.g., Active Directory, OpenLDAP) with a defined schema.
    • You prioritize developer velocity over raw LDAP performance (e.g., CRUD operations, simple queries).
    • You need Laravel integration (e.g., authentication, Eloquent relationships, caching).
    • Your use case involves common LDAP operations like:
      • User/group provisioning.
      • Authentication via LDAP (e.g., CanAuthenticate trait).
      • Querying directory attributes (e.g., mail, memberOf, lastLoginTime).
      • Synchronizing local Laravel users with LDAP.
    • You want to avoid vendor lock-in and prefer an open-source solution over proprietary LDAP APIs.

How to Pitch It (Stakeholders)

For Executives (CTO, Product Leaders)

"LdapRecord is a strategic investment to modernize our LDAP integration without sacrificing control or incurring licensing costs. Here’s why it aligns with our goals:

  1. Cost Efficiency:

    • Eliminates the need for third-party SaaS tools (e.g., Okta, Azure AD) for basic LDAP operations, saving $X/year in subscriptions.
    • Open-source (MIT license) with no hidden costs or vendor lock-in.

  2. Speed to Market:

    • Reduces development time for LDAP features by 40–60% compared to custom solutions.
    • Example: Our SSO roadmap item can be delivered in 2 sprints instead of 6.

  3. Scalability:

    • Supports multi-tenant SaaS architectures with per-tenant LDAP configurations.
    • Handles enterprise-scale directories (e.g., Active Directory with 100K+ users).

  4. Compliance & Security:

    • Enables granular access controls to LDAP attributes (e.g., userPassword, telephoneNumber) to meet GDPR/HIPAA requirements.
    • Integrates with Laravel’s auth system for consistent security policies.

  5. Future-Proofing:

    • Actively maintained with support for Laravel 11–13 and PHP 8.4, ensuring compatibility with our tech stack.
    • Backward-compatible upgrade path from v3 to v4.

Recommendation: Approve a proof-of-concept (PoC) for our [Project X] LDAP integration to validate the package’s fit. If successful, prioritize it for the next release cycle."*

For Engineering (Dev Leads, Architects)

"LdapRecord is a high-leverage tool for LDAP integration in Laravel, offering these technical advantages:

Pros:

  • Eloquent-Like Syntax:

    • Write User::where('department', 'Engineering')->get() instead of raw LDAP filters.
    • Supports query scopes, relationships, and Eloquent events (e.g., retrieved, saved).

  • Seamless Laravel Integration:

    • Works with authentication (CanAuthenticate trait), caching, and service containers.
    • Example: Use Auth::attempt(['username' => $dn, 'password' => $password]) with LDAP-backed users.

  • Performance Optimizations:

    • Handles edge cases like 32-bit PHP timestamp bugs (fixed in v4.0.4) and empty whereIn queries (v3.8.5).
    • Supports chunking and pagination for large result sets.

  • Debugging & Testing:

    • Granular debug levels (e.g., DEBUG_FILTER, DEBUG_PACKETS) for troubleshooting.
    • DirectoryFake for unit testing without external LDAP dependencies.

  • Active Maintenance:

    • Regular releases (e.g., Laravel 13 support in v4.0.3) and 578 GitHub stars indicate strong community adoption.

Cons & Mitigations:

Challenge Mitigation
Abstraction Overhead Benchmark against raw ldap_* functions; use only for CRUD-heavy workflows.
TLS/SSL Configuration Set allow_insecure_password_changes carefully in config.
Attribute Casting Use custom casts for binary data (e.g., objectSid).
Learning Curve Provide internal docs comparing LdapRecord to raw LDAP for the team.

Recommendation:

  • Pilot Phase: Start with a non-critical LDAP model (e.g., Group or OrganizationalUnit) to validate integration.
  • Performance Testing: Compare query speeds against raw LDAP for your specific use case.
  • Adoption: Prioritize features like authentication and user provisioning first, then expand to complex queries.

Example Workflow:

// Before (Raw LDAP)
$ldap = ldap_connect('ldap://server');
ldap_bind($ldap, $dn, $password);
$result = ldap_search($ldap, 'ou=users,dc=company', '(mail=*)');
$entries = ldap_get_entries($ldap, $result);

// After (LdapRecord)
User::where('mail', 'like', '%@company.com')->get();

Tools to Leverage:

  • DirectoryFake for testing.
  • DEBUG_PACKETS for LDAP protocol-level debugging.
  • Laravel’s service container to bind tenant-specific LDAP configurations.

For Security/Compliance Teams

"LdapRecord enhances our LDAP security posture by:

  1. Granular Attribute Access:

    • Restrict sensitive attributes (e.g., userPassword, homeDirectory) via Laravel policies or attribute casting.
    • Example: Hide telephoneNumber from non-HR users.

  2. **

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
hexters/coinpayment
rjcodes/rjcms
act-training/laravel-permissions-manager
alimarchal/laravel-chart-of-accounts
babenkoivan/elastic-scout-driver
mkwebdesign/filament-watchdog-v5
renatomarinho/laravel-page-speed
zedmagdy/filament-business-hours
renatovdemoura/blade-elements-ui
devgeek/beacon-admin
benjamin-rqt/data-watcher-bundle
atriumphp/atrium
sandermuller/package-boost-laravel
sandermuller/boost-skills
redaxo/core
yusufgenc/filament-api-forge
l3aro/rating-star-for-filament
leek/filament-subtenant-scope
anil/file-picker
broqit/fields-ai