Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Ldaprecord
Assessments

Ldaprecord Laravel Package

directorytree/ldaprecord

Integrate LDAP into Laravel with a fluent, ActiveRecord-style API. LdapRecord handles connections, queries, authentication, and directory operations across AD and OpenLDAP. Includes Laravel-ready features for config, models, and user syncing.

View on GitHub
Deep Wiki
Context7

Technical Evaluation

Architecture Fit

  • LDAP Abstraction: LdapRecord provides a Eloquent-like interface for LDAP operations, making it a natural fit for Laravel applications. It maps LDAP records to Eloquent models, enabling familiar CRUD operations (e.g., User::find(), Group::create()) while abstracting LDAP-specific complexities (e.g., DN formatting, filters).
  • Query Builder Alignment: The package’s Query\Builder mirrors Laravel’s Eloquent query builder, supporting where clauses, joins (via hasOne, belongsTo), and relationships, reducing cognitive load for developers.
  • Authentication Integration: The CanAuthenticate trait and Laravel auth integration enable seamless LDAP-backed authentication, aligning with Laravel’s security ecosystem (e.g., Auth::attempt()).
  • Event System: Leverages Laravel’s event system (e.g., saved, deleted) for LDAP operations, enabling hooks for logging, notifications, or auditing.
  • Multi-Tenancy Support: Configurable per-tenant LDAP connections via Laravel’s service container, ideal for SaaS applications with tenant-specific directories.

Integration Feasibility

  • Laravel Ecosystem Synergy: Works natively with Laravel’s service container, caching, queues, and testing tools (e.g., DirectoryFake). Minimal boilerplate required for basic integration.
  • Migration Path:
    • Greenfield Projects: Start with v4.x for Laravel 11–13 support and modern features (e.g., insertAndGetDn).
    • Legacy Systems: Use v3.x for Laravel 10 compatibility, then migrate incrementally to v4.x.
  • Compatibility:
    • LDAP Servers: Tested with Active Directory, OpenLDAP, and 389 Directory Server. Schema flexibility is high, but dynamic schemas may require custom model casting.
    • PHP Versions: Supports PHP 8.1–8.4, with fixes for edge cases (e.g., 32-bit timestamp bugs in v4.0.4).
  • Key Features:
    • Complex Filters: Nested andFilter/orFilter (fixed in v4.0.1) and base DN substitution (v3.3.0+) simplify queries.
    • Bulk Operations: chunk() and cursor() methods optimize large dataset retrieval.
    • Debugging: Granular LDAP_DEBUG_* constants (v3.7.2) and DirectoryFake for testing.

Technical Risk

Risk Impact Mitigation Strategy
Timestamp Handling High (v3.8.4, v4.0.4) Use ldap:timestamp casting; validate timestamps in tests.
TLS/SSL Misconfiguration Medium Enforce use_ssl = true in config; monitor ldap_start_tls() errors (fixed in v3.6.0).
Attribute Casting Issues Medium Extend AttributeCast for custom types (e.g., objectSid, binaryGUID).
Base DN Errors Low Use {base} syntax in queries (e.g., whereMemberOf); test with DirectoryFake.
Performance Overhead Low Cache frequent queries; use chunk() for large datasets.
Laravel Version Lock-in Low Monitor Laravel 14 support; use feature flags for breaking changes.
Schema Rigidity Medium Validate schema compatibility early; use Attribute casting for non-standard fields.
Debugging Complexity Medium Enable LDAP_DEBUG_FILTER or LDAP_DEBUG_PACKETS in staging.

Key Questions for TPM

  1. LDAP Environment Stability:

    • Is the target LDAP directory (e.g., Active Directory) static (schema changes infrequent) or dynamic (requiring real-time schema validation)?
    • Risk: Dynamic schemas may require custom model casting or pre-processing.

  2. Authentication Workflow:

    • Will LDAP be used for primary authentication (e.g., Auth::guard('ldap')) or supplemental (e.g., user provisioning)?
    • Impact: Primary auth requires rigorous testing of CanAuthenticate and BindException handling.

  3. Performance SLAs:

    • Are there latency requirements for LDAP operations (e.g., <100ms for auth)? Raw ldap_* functions may outperform this ORM.
    • Mitigation: Benchmark with DirectoryFake; cache frequent queries.

  4. Multi-Tenancy Needs:

    • Will each tenant have a separate LDAP base DN? If so, how will connections be managed (e.g., per-request binding)?
    • Solution: Use Laravel’s service container to bind tenant-specific configurations.

  5. Testing Strategy:

    • Is there access to a staging LDAP server for integration tests, or will DirectoryFake suffice?
    • Recommendation: Use DirectoryFake for unit tests; supplement with end-to-end tests against a real directory.

  6. Upgrade Path:

    • Is the team prepared to migrate from v3.x to v4.x (breaking changes in query builder behavior)?
    • Plan: Pilot with a non-critical model; use the upgrade guide.

  7. Custom Attributes:

    • Does the LDAP schema include non-standard attributes (e.g., binary data, custom extensions)?
    • Action: Extend AttributeCast or Attribute classes for unsupported types.

  8. Compliance Requirements:

    • Are there audit logs or immutable records needed for LDAP operations (e.g., GDPR right to erasure)?
    • Solution: Use Laravel’s observers or events to log changes to a secondary database.

Integration Approach

Stack Fit

  • Laravel Core: Seamless integration with Eloquent, auth, events, and service container. No middleware or facade conflicts.
  • PHP Extensions: Requires php-ldap extension (enabled by default in most Laravel deployments).
  • Database Layer: Complements (not replaces) existing database models. Ideal for hybrid systems (e.g., user profiles in MySQL + LDAP auth).
  • Testing Tools: Works with Pest, PHPUnit, and Laravel Dusk via DirectoryFake.

Migration Path

Phase Actions Tools/Dependencies
Assessment Audit LDAP schema; identify critical models (e.g., User, Group). DirectoryFake, ldapsearch
Pilot Implement a non-critical model (e.g., Department) with basic CRUD. Test with DirectoryFake. Laravel Tinker, Pest
Core Integration Replace custom LDAP logic with LdapRecord models. Migrate auth to CanAuthenticate. Laravel Auth, ldaprecord-laravel
Advanced Features Add relationships (e.g., User belongsTo Group), chunking, or caching. Eloquent Relationships, Laravel Cache
Optimization Profile queries; implement caching for frequent operations (e.g., group membership checks). Laravel Debugbar, Blackfire
Production Rollout Gradually replace endpoints; monitor LDAP connection metrics. Sentry, Laravel Horizon (for queue monitoring)

Compatibility

  • LDAP Servers:
    • Active Directory: Full support (tested with whereMemberOf, objectSid).
    • OpenLDAP: Supported but may require custom casting for non-standard attributes.
    • 389 Directory Server: Compatible; validate with DirectoryFake.
  • Laravel Versions:
    • v11–v13: Use v4.x (recommended).
    • v10: Use v3.x; plan upgrade to v4.x.
    • v9 or below: Not officially supported; consider backporting fixes.
  • PHP Versions:
    • 8.1–8.4: Fully supported.
    • 7.4: Use v3.x (last compatible version).
  • Edge Cases:
    • Empty whereIn: Fixed in v3.8.5.
    • 32-bit PHP Timestamps: Fixed in v4.0.4.
    • TLS Issues: Monitor ldap_start_tls() errors; use allow_insecure_password_changes cautiously.

Sequencing

  1. Configuration:
    • Publish and configure `
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
hamzi/corewatch
minionfactory/raw-hydrator
hexters/coinpayment
rjcodes/rjcms
act-training/laravel-permissions-manager
alimarchal/laravel-chart-of-accounts
babenkoivan/elastic-scout-driver
mkwebdesign/filament-watchdog-v5
renatomarinho/laravel-page-speed
zedmagdy/filament-business-hours
renatovdemoura/blade-elements-ui
devgeek/beacon-admin
benjamin-rqt/data-watcher-bundle
atriumphp/atrium
sandermuller/package-boost-laravel
sandermuller/boost-skills
redaxo/core
yusufgenc/filament-api-forge
l3aro/rating-star-for-filament
leek/filament-subtenant-scope