Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Zend Ldap
Docs

Zend Ldap Laravel Package

zendframework/zend-ldap

Zend LDAP provides PHP tools for LDAP directory operations like binding, searching, and modifying entries. This repository was abandoned on 2019-12-31 and has moved to laminas/laminas-ldap.

View on GitHub
Deep Wiki
Context7

API overview

Configuration options

Zend\Ldap\Ldap accepts an array of options either supplied to the constructor or through the setOptions() method. The permitted options are as follows:

Name Description
host The default hostname of the LDAP server if not supplied to connect() (also may be used when trying to canonicalize usernames in bind()).
port Default port of the LDAP server if not supplied to connect().
useStartTls Whether or not the LDAP client should use TLS (aka SSLv2) encrypted transport. A value of true is strongly favored in production environments to prevent passwords from be transmitted in clear text. The default value is false, as servers frequently require that a certificate be installed separately after installation. The useSsl and useStartTls options are mutually exclusive. The useStartTls option should be favored over useSsl, but not all servers support this newer mechanism.
useSsl Whether or not the LDAP client should use SSL encrypted transport. The useSsl and useStartTls options are mutually exclusive.
username The default credentials username. Some servers require that this be in DN form. This must be given in DN form if the LDAP server requires a DN to bind and binding should be possible with simple usernames.
password The default credentials password (used only with username above).
bindRequiresDn If true, this instructs Zend\Ldap\Ldap to retrieve the DN for the account used to bind if the username is not already in DN form. The default value is false.
baseDn The default base DN used for searching (e.g., for accounts). This option is required for most account related operations and should indicate the DN under which accounts are located.
accountCanonicalForm A small integer indicating the form to which account names should be canonicalized. See the Account Name Canonicalization section.
accountDomainName The FQDN domain for which the target LDAP server is an authority (e.g., example.com).
accountDomainNameShort The ‘short’ domain for which the target LDAP server is an authority. This is usually used to specify the NetBIOS domain name for Windows networks, but may also be used by non-AD servers.
accountFilterFormat The LDAP search filter used to search for accounts. This string is a sprintf() style expression that must contain one %s to accommodate the username. The default value is (&(objectClass=user)(sAMAccountName=%s)) unless bindRequiresDn is set to true, in which case the default is (&(objectClass=posixAccount)(uid=%s)). Users of custom schemas may need to change this option.
allowEmptyPassword Some LDAP servers can be configured to accept an empty string password as an anonymous bind. This behavior is almost always undesirable. For this reason, empty passwords are explicitly disallowed. Set this value to true to allow an empty string password to be submitted during the bind.
optReferrals If set to true, this option indicates to the LDAP client that referrals should be followed. The default value is false.
tryUsernameSplit If set to false, this option indicates that the given username should not be split at the first @ or \\ character to separate the username from the domain during the binding-procedure. This allows the user to use usernames that contain an @ or \\ character that do not inherit some domain-information, e.g. using email-addresses for binding. The default value is true.
networkTimeout Number of seconds to wait for LDAP connection before fail. If not set, the default value is the system value.
reconnectAttempts Number of times the client tries to reconnect to the server after the connection was lost before finally giving up. This might be especially helpfull in long running applications. The defalt value is 0 (Connect once and do not try to reconnect - behaviour up to version 2.9.0)

API Reference

Class names are relative to the Zend\Ldap namespace, unless otherwise noted.

Zend\Ldap\Ldap

Zend\Ldap\Ldap is the base interface into a LDAP server. It provides connection and binding methods as well as methods to operate on the LDAP tree.

Method signature Description
`__construct(array Traversable $options = null) : void`
getResource() : resource Returns the raw LDAP extension (ext/ldap) resource.
getLastErrorCode() : int Returns the LDAP error number of the last LDAP command.
getLastError(int &$errorCode = null, array &$errorMessages = null) : string Returns the LDAP error message of the last LDAP command. The optional $errorCode parameter is set to the LDAP error number when given. The optional $errorMessages array will be filled with the raw error messages when given. The various LDAP error retrieval functions can return different things, so they are all collected if $errorMessages is given.
`setOptions(array Traversable $options) : void`
getOptions() : array Returns the current connection and binding parameters.
getBaseDn() : string Returns the base DN this LDAP connection is bound to.
getCanonicalAccountName(string $acctname, int $form) : string Returns the canonical account name of the given account name $acctname. $form specifies the format into which the account name is canonicalized. See Account Name Canonicalization for more details.
disconnect() : void Disconnects the instance from the LDAP server.
connect(string $host, int $port, bool $useSsl, bool $useStartTls, int $networkTimeout) : void Connects the instance to the given LDAP server. All parameters are optional and will be taken from the LDAP connection and binding parameters passed to the instance via the constructor or via setOptions() if null.
bind(string $username, string $password) : void Authenticates $username with $password on the LDAP server. If both parameters are omitted, the binding will be carried out with the credentials given in the connection and binding parameters. If no credentials are given in the connection and binding parameters, an anonymous bind will be performed. Note that this requires anonymous binds to be allowed on the LDAP server. An empty string, '', can be passed as $password together with a username if, and only if, allowEmptyPassword is set to true in the connection and binding parameters.
search(/* ... */) : Collection Searches the LDAP tree with the given $filter and the given search parameters; see below for full details.
`count(string Filter\AbstractFilter $filter, string
`countChildren(string Dn $dn) : int`
`exists(string Dn $dn) : bool`
searchEntries(/* ... */) : array Performs a search operation and returns the result as an PHP array. This is essentially the same method as search() except for the return type. See search() and searchEntries() below for more details.
`getEntry(string Dn $dn, array $attributes, bool $throwOnNotFound) : array`
prepareLdapEntryArray(array &$entry) : void Prepare an array for the use in LDAP modification operations. This method does not need to be called by the end-user as it's implicitly called on every data modification method.
`add(string Dn $dn, array $entry) : void`
`update(string Dn $dn, array $entry) : void`
`save(string Dn $dn, array $entry) : void`
`delete(string Dn $dn, boolean $recursively) : void`
`moveToSubtree(string Dn $from, string
`move(string Dn $from, string
`rename(string Dn $from, string
`copyToSubtree(string Dn $from, string
`copy(string Dn $from, string
`getNode(string Dn $dn) : Node`
getBaseNode() : Node Returns the entry for the base DN $baseDn wrapped in a Zend\Ldap\Node.
getRootDse() : Node\RootDse Returns the RootDSE for the current server.
getSchema() : Node\Schema Returns the LDAP schema for the current server.

search()

The search() signature is as follows:

search(
    string|Filter\AbstractFilter $filter,
    string|Dn $basedn,
    int $scope,
    array $attributes,
    string $sort,
    string $collectionClass,
    int $sizelimit,
    int $timelimit
) : Collection

where:

  • $filter: The filter string to be used in the search, e.g. (objectClass=posixAccount).
  • $basedn: The search base for the search. If omitted or null, the baseDn from the connection and binding parameters is used.
  • $scope: The search scope:
    • Ldap::SEARCH_SCOPE_SUB searches the complete subtree including the $baseDn node. This is the default value.
    • Ldap::SEARCH_SCOPE_ONE restricts search to one level below $baseDn.
    • Ldap::SEARCH_SCOPE_BASE restricts search to the $baseDn itself; this can be used to efficiently retrieve a single entry by its DN.
  • $attributes: Specifies the attributes contained in the returned entries. To include all possible attributes (ACL restrictions can disallow certain attribute to be retrieved by a given user), pass either an empty array ([]) or an array containing a wildcard (['*']) to the method. On some LDAP servers, you can retrieve special internal attributes by passing ['*', '+'] to the method.
  • $sort: If given, the result collection will be sorted according to the attribute $sort. Results can only be sorted after one single attribute as this parameter uses the ext/ldap function ldap_sort().
  • $collectionClass: If given, the result will be wrapped in an object of type $collectionClass. By default, an object of type Zend\Ldap\Collection will be returned. The custom class must extend Zend\Ldap\Collection, and will be passed a Zend\Ldap\Collection\Iterator\Default on instantiation.
  • $sizelimit: Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
  • $timelimit: Sets the maximum number of seconds to spend on the search. Setting this to 0 means no limit.

searchEntries()

searchEntries(
    string|Dn $basedn,
    int $scope,
    array $attributes,
    string $sort,
    bool $reverseSort,
    int $sizelimit,
    int $timelimit
) : array

Arguments are essentially the same as for search(), with two differences:

  • $reverseSort: a boolean indicating whether or not the results should be returned in reverse sort order.
  • $collectionClass is not present in this signature.

Unlike search(), this method always returns an array of results.

Zend\Ldap\Collection

Zend\Ldap\Collection implements Iterator to allow for item traversal using foreach() and Countable to be able to respond to count(). With its protected createEntry() method, it provides an extension point for developers needing custom result objects.

Method signature Description
__construct(Collection\DefaultIterator $iterator) : void The constructor must be provided with a Zend\Ldap\Collection\DefaultIterator, which does the real result iteration.
close() : bool Closes the internal iterator. This is also called in the destructor.
toArray() : array Returns all entries as an array.
getFirst() : array Returns the first entry in the collection or null if the collection is empty.

Zend\Ldap\Attribute

Zend\Ldap\Attribute is a helper class providing only static methods to manipulate arrays suitable to the structure used in Zend\Ldap\Ldap data modification methods, and to the data format required by the LDAP server. PHP data types are converted using Zend\Ldap\Converter\Converter methods.

Method signature Description
static setAttribute(array &$data, string $attribName, mixed $value, bool $append) : void Sets the attribute $attribName in $data to the value $value. If $append is true (false by default) $value will be appended to the attribute. $value can be a scalar value or an array of scalar values. Conversion will take place.
`static getAttribute(array $data, string $attribName, int null $index) : array
`static attributeHasValue(array &$data, string $attribName, mixed array $value) : bool`
static removeDuplicatesFromAttribute(array &$data, string $attribName) : void Removes all duplicates from the attribute $attribName in $data.
`static removeFromAttribute(array &$data, string $attribName, mixed array $value) : void`
static setPassword(/* ... */) : void See setPassword below for details.
static createPassword(string $password, string $hashType) : string Creates an LDAP password. The password hash can be specified with $hashType. The default value here is Attribute::PASSWORD_HASH_MD5 with Attribute::PASSWORD_HASH_SHA as the other possibility.
static setDateTimeAttribute(/* ... */) : void See setDateTimeAttribute() below for details.
static getDateTimeAttribute(/* ... */) : array int

setPassword()

The full signature of setPassword() is as follows:

static setPassword(
    array &$data,
    string $password,
    string $hashType,
    string $attribName
) : void

Sets an LDAP password for the attribute $attribName in $data. $attribName defaults to userPassword which is the standard password attribute. The password hash can be specified with $hashType. The default value here is Attribute::PASSWORD_HASH_MD5 with Attribute::PASSWORD_HASH_SHA as the other possibility.

setDateTimeAttribute()

The full signature of setDateTimeAttribute() is as follows:

static setDateTimeAttribute(
    array &$data,
    string $attribName,
    int|array $value,
    boolean $utc,
    boolean $append
) : void

Sets the attribute $attribName in $data to the date/time value $value. if $append is true (false by default) $value will be appended to the attribute. $value can be an integer value or an array of integers. Date-time-conversion according to Converter\Converter::toLdapDateTime() will take place.

getDateTimeAttribute()

The full signature of getDateTimeAttribute() is as follows:

static getDateTimeAttribute(
    array $data,
    string $attribName,
    int|null $index
) : array|int

Returns the date/time attribute $attribName from $data. If $index is null (default), an array will be returned containing all the date/time values for the given attribute. An empty array wi...

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
davejamesmiller/laravel-breadcrumbs
artisanry/parsedown
christhompsontldr/phpsdk
enqueue/dsn
bunny/bunny
enqueue/test
enqueue/null
enqueue/amqp-tools
bower-asset/punycode
bower-asset/inputmask
bower-asset/jquery
bower-asset/yii2-pjax
laravel/nova
spatie/laravel-mailcoach
spatie/laravel-superseeder
laravel/liferaft
nst/json-test-suite
danielmiessler/sec-lists
jackalope/jackalope-transport
twbs/bootstrap4