首页 文章

Symfony 3.2 ldap身份验证问题

提问于
浏览
1

我试图通过ldap(窗口活动目录)验证用户,Symfony 3.2根据documents配置了服务和安全性

但是我收到了错误:

php.DEBUG:警告:ldap_bind():无法绑定到服务器:无效凭据{“exception”:“[object](Symfony \ Component \ Debug \ Exception \ SilencedErrorContext:{\”severity \“:2,\”文件\ “:\”/无功/网络/ HTML /工作流/供应商/ symfony的/ symfony的/ SRC / Symfony的/组件/ LDAP /适配器/ ExtLdap / Connection.php \ “\ ”行\“:54})”} []

尝试了许多参数更改,例如添加域或完全从ldap搜索softerra复制cn字符串 .

security.yml

security:
    providers:
        my_ldap:
            ldap:
                service: ldap
                base_dn: dc=example,dc=example
                search_dn: "cn=user.name,DC=example,DC=example" 
                search_password: PassWord
                default_roles: ROLE_ADMIN
                uid_key: sAMAccountName

firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false

    main:
        # an`enter code here`onymous: ~`enter code here`
        http_basic_ldap:
            service: ldap
            dn_string: 'uid={username},dc=example,dc=example' 

access_control:
   - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
   - { path: ^/, roles: ROLE_ADMIN }

service.yml

services:
        ldap:
            class: Symfony\Component\Ldap\LdapClient
            arguments:
                - ip   # host
                - portenter code here         # port
                - 3           # version
                - false       # SSL
                - false       # TLS

native php

<?php
$name = 'username@domain.local';
$pass = 'password';
$adServer = 'ldap://xxx.xxx.xxx.xxx:1234/';

$basedn="OU=Users,OU=Office,OU=xxx,DC=xxx,DC=xxx"
$filter="(&(!(ou=NoSync))(department=*)(sn=*))";

$attributes=array("displayname", "mail", "company", "department", "physicaldeliveryofficename", "memberOf","givenname","sn","manager",
                    "mobile", "ipphone", "telephoneNumber", "facsimiletelephonenumber", "streetaddress", "l", "st","userprincipalname",
                    "postalcode", "c", "title", "samaccountname", "useraccountcontrol");

$cnx = ldap_connect($adServer) or die("Could not connect to LDAP server.");
ldap_bind($cnx, $name, $pass);

ldap_set_option($cnx, LDAP_OPT_SIZELIMIT,10000);
ldap_set_option($cnx, LDAP_OPT_PROTOCOL_VERSION, 3) or die ("Could not set ldap protocol");;
ldap_set_option($cnx, LDAP_OPT_REFERRALS, 0) or die ("Could not set option referrals");
ldap_control_paged_result($cnx, 1000) or die ("Could not set option page limit");


$pageSize = 900;
    $total='';
    $cookie = '';
    $arr_rec=[];
    $arr_rec_update=[]; 
     do {
            $total = $pageSize + $total;
            ldap_control_paged_result($cnx, $pageSize, true, $cookie);

            $result  = ldap_search($cnx,$basedn,$filter,$attributes);
            $entries = ldap_get_entries($cnx, $result);
?>
symfony ldap

1 回答

  • 1

    1,声明你所做的ldap服务已被弃用,对于Symfony 3.2你应该使用ldap类声明它:

    app/config/services.yml

    services:
    ldap:
        class: Symfony\Component\Ldap\Ldap
        factory: [ 'Symfony\Component\Ldap\Ldap', 'create']
        arguments:
            - ext_ldap
            - host: ip
            - port: 1234
            - version: 3
            - ssl: false
            - tls: false

    关于您提供的PHP脚本,您的配置应如下所示:

    app/config/security.yml

    security:
    providers:
        my_ldap:
            ldap:
                service: ldap
                base_dn: 'OU=Users,OU=Office,OU=xxx,DC=xxx,DC=xxx'
                search_dn: 'username@domain.local'
                search_password: 'password'
                default_roles: 'ROLE_ADMIN'

    firewalls:
        main:
            pattern: ^/
            anonymous: ~
            http_basic_ldap:
                service: ldap
                dn_string: '{username}'
                #dn_string: 'domain\{username}' # or try including your domain prefix
    回复于

相关问题