Getting Started

Minimal Setup

Installation:

composer require dol/ldap-bundle

Add to config/bundles.php:

return [
    // ...
    DarwinOnLine\DoLLdapBundle\DoLLdapBundle::class => ['all' => true],
];

Configuration: Publish the default config:
```
php bin/console dol:ldap:install
```
Edit config/packages/dol_ldap.yaml to define multiple LDAP connections (e.g., ldap1, ldap2).

First Use Case: Inject the LDAPManager service and connect to a specific LDAP domain:

use DarwinOnLine\DoLLdapBundle\Manager\LDAPManager;

public function __construct(private LDAPManager $ldapManager) {}

public function syncUsers()
{
    $ldap1 = $this->ldapManager->getConnection('ldap1');
    $users = $ldap1->search('ou=users', '(objectClass=person)');
    // Process users...
}

Implementation Patterns

Multi-LDAP Workflows

Connection Management:

Use LDAPManager to dynamically switch between LDAP domains:

$ldap1 = $ldapManager->getConnection('ldap1');
$ldap2 = $ldapManager->getConnection('ldap2');

Define connections in config/packages/dol_ldap.yaml:

dol_ldap:
    connections:
        ldap1:
            host: 'ldap.example.com'
            port: 389
            use_ssl: false
            base_dn: 'dc=example,dc=com'
        ldap2:
            host: 'ldap2.example.com'
            port: 636
            use_ssl: true
            base_dn: 'dc=corp,dc=example,dc=com'

Service Integration:

Extend Laravel services (e.g., AuthServiceProvider) to use multi-LDAP:

public function boot()
{
    $this->ldapManager->getConnection('ldap1')->authenticate('username', 'password');
}

Query Patterns:

Chain searches across domains:

$users = [];
foreach (['ldap1', 'ldap2'] as $connectionName) {
    $ldap = $this->ldapManager->getConnection($connectionName);
    $users = array_merge($users, $ldap->search('ou=users', '(objectClass=person)'));
}

Event-Driven Sync:

Use Laravel events to trigger LDAP syncs:

event(new LDAPSyncEvent('ldap1'));
// Listen in EventServiceProvider:
protected $listen = [
    LDAPSyncEvent::class => [LDAPSyncListener::class],
];

Gotchas and Tips

Pitfalls

Connection Timeouts:

LDAP operations may hang. Set timeouts in config:

dol_ldap:
    connections:
        ldap1:
            timeout: 5  # seconds

Debug with ldap_get_last_error():

$ldap->connect();
if ($ldap->isConnected() === false) {
    throw new \RuntimeException(ldap_error($ldap->getLink()));
}

SSL/TLS Issues:

Ensure use_ssl is set correctly and certificates are valid. For self-signed certs:

dol_ldap:
    connections:
        ldap1:
            use_ssl: true
            verify_peer: false  # Disable for testing only!

Base DN Scope:
- Misconfigured base_dn will return no results. Test with:
```
$ldap->search('', '(objectClass=*)');  # Search entire directory
```
Archived Package:
- No active maintenance. Fork or patch locally if critical bugs arise.

Debugging Tips

Enable Logging: Add to config/packages/dol_ldap.yaml:
```
dol_ldap:
    debug: true
```
Logs will appear in var/log/dev.log.

Dump LDAP Errors:

try {
    $ldap->search('ou=users', '(invalid_filter)');
} catch (\Exception $e) {
    \Log::error('LDAP Error: ' . ldap_error($ldap->getLink()));
}

Connection Validation: Create a console command to test connections:

use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;

class CheckLDAPConnections extends Command
{
    protected function execute(InputInterface $input, OutputInterface $output)
    {
        $ldapManager = $this->getContainer()->get('dol_ldap.manager');
        foreach ($ldapManager->getConnectionNames() as $name) {
            $ldap = $ldapManager->getConnection($name);
            $output->writeln(sprintf(
                '[%s] %s',
                $name,
                $ldap->isConnected() ? '✅ Connected' : '❌ Failed'
            ));
        }
    }
}

Extension Points

Custom Connection Factories: Override the default factory to add logic:

// src/Service/LDAPConnectionFactory.php
use DarwinOnLine\DoLLdapBundle\Factory\LDAPConnectionFactory as BaseFactory;

class LDAPConnectionFactory extends BaseFactory
{
    public function createConnection(array $config)
    {
        $connection = parent::createConnection($config);
        // Add custom logic (e.g., pre-authentication)
        return $connection;
    }
}

Bind in services.yaml:

services:
    dol_ldap.factory:
        class: App\Service\LDAPConnectionFactory
        public: true

Event Listeners: Extend sync logic via events:

// src/EventListener/LDAPSyncListener.php
use DarwinOnLine\DoLLdapBundle\Event\LDAPSyncEvent;

class LDAPSyncListener
{
    public function onLDAPSync(LDAPSyncEvent $event)
    {
        $connectionName = $event->getConnectionName();
        $ldap = $this->ldapManager->getConnection($connectionName);
        // Custom sync logic...
    }
}

Middleware for LDAP Auth: Create middleware to validate LDAP credentials:

// src/Http/Middleware/ValidateLDAP.php
use Closure;
use DarwinOnLine\DoLLdapBundle\Manager\LDAPManager;

class ValidateLDAP
{
    public function __construct(private LDAPManager $ldapManager) {}

    public function handle($request, Closure $next)
    {
        $ldap = $this->ldapManager->getConnection('ldap1');
        if (!$ldap->authenticate($request->user(), $request->password())) {
            abort(401, 'LDAP authentication failed');
        }
        return $next($request);
    }
}

Ldap Bundle Laravel Package