### Install Frontend Dependencies and Build Assets Source: https://github.com/leenooks/phpldapadmin/wiki/Installation-Instructions Install frontend dependencies using npm and then build production assets with npm run prod. This step is necessary for compiling CSS and JavaScript. ```bash 6c6d03dce5a6:/var/www/html$ npm i [maybe some warnings] added 790 packages, and audited 791 packages in 7s 105 packages are looking for funding run `npm fund` for details found 0 vulnerabilities 6c6d03dce5a6:/var/www/html$ npm run prod > prod > npm run production > production > mix --production ● Mix █████████████████████████ sealing (88%) ... Laravel Mix v6.0.49 ✔ Compiled Successfully in 11387ms ┌─── ────────────────────────────────────────────────────────────────────────────────────────────────┐ │ File │ Size │ ├────────────────────────────────────────────────────────────────────────────────────────┼───────────┤ │ /js/app.js │ 16.1 KiB │ │ /js/manifest.js │ 1.47 KiB │ │ /js/vendor.js │ 484 KiB │ │ /js/vendor.js.LICENSE.txt │ 4.53 KiB │ │ css/app.css │ 520 KiB │ ... │ images/vendor/jquery.fancytree/dist/skin-xp/vline.gif?96c6eb3cb6e4b07ed7e9b7b3edb75652 │ 844 bytes │ └────────────────────────────────────────────────────────────────────────────────────────┴───────────┘ 24 WARNINGS in child compilations (Use 'stats.children: true' resp. '--stats-children' for more details) webpack compiled with 24 warnings ``` -------------------------------- ### Install Docker on Linux Source: https://github.com/leenooks/phpldapadmin/wiki/Installation-Instructions Use this command to install Docker on your Linux system. It's recommended to skip this if Docker is already installed. ```bash curl -sSL https://get.docker.com | sudo sh ``` -------------------------------- ### Example Docker Run Command with Persistent Mounts Source: https://github.com/leenooks/phpldapadmin/wiki/Docker-Container This example demonstrates running the phpLDAPadmin container with persistent volumes for session data and logs. This ensures that user sessions and log files are preserved across container restarts. ```bash # Example: docker run -d -p 8080:8080 -v phpldapadmin-sessions:/app/storage/framework/sessions -v phpldapadmin-logs:/app/storage/logs -e APP_KEY="base64:YOUR_GENERATED_KEY=" -e APP_TIMEZONE="UTC" -e LDAP_HOST="ldap.example.com" phpldapadmin/phpldapadmin ``` -------------------------------- ### Example Docker Run Command with Environment Variables Source: https://github.com/leenooks/phpldapadmin/wiki/Docker-Container An example of how to run the phpLDAPadmin Docker container, including essential environment variables for configuration. Adjust these variables based on your LDAP server and desired settings. ```bash # Example: docker run -d -p 8080:8080 -e APP_KEY="base64:YOUR_GENERATED_KEY=" -e APP_TIMEZONE="UTC" -e LDAP_HOST="ldap.example.com" phpldapadmin/phpldapadmin ``` -------------------------------- ### Clone and Install phpLDAPadmin from Source Source: https://context7.com/leenooks/phpldapadmin/llms.txt Install phpLDAPadmin directly from its GitHub repository. This involves cloning the project, checking out a specific release tag, and installing both JavaScript and PHP dependencies. ```bash # Clone and check out a release tag git clone https://github.com/leenooks/phpLDAPadmin.git /var/www/html cd /var/www/html git checkout 2.0.3 # Install JS and PHP dependencies npm install && npm run prod composer install --no-dev # Configure environment cp .env.example .env # Edit .env — set APP_KEY, LDAP_HOST, LDAP_USERNAME, LDAP_PASSWORD php artisan key:generate ``` -------------------------------- ### Verify Docker Installation Source: https://github.com/leenooks/phpldapadmin/wiki/Installation-Instructions After installation, run this command to confirm Docker is set up correctly. It displays information about the Docker environment. ```bash # docker info ``` -------------------------------- ### Install Composer Dependencies Source: https://github.com/leenooks/phpldapadmin/wiki/Installation-Instructions Install backend dependencies using Composer. The `--no-dev` flag ensures only production dependencies are installed. ```bash 6c6d03dce5a6:/var/www/html$ composer i --no-dev Installing dependencies from lock file Verifying lock file contents can be installed on current platform. Package operations: 76 installs, 0 updates, 0 removals - Downloading ramsey/collection (2.1.0) - Downloading brick/math (0.12.3) - Downloading ramsey/uuid (4.7.6) - Downloading voku/portable-ascii (2.0.3) ... Generating optimized autoload files > Illuminate\Foundation\ComposerScripts::postAutoloadDump > @php artisan package:discover --ansi INFO Discovering packages. directorytree/ldaprecord-laravel .................................... DONE laravel/sanctum ..................................................... DONE laravel/ui .......................................................... DONE nesbot/carbon ....................................................... DONE nunomaduro/termwind ................................................. DONE 54 packages you are using are looking for funding. Use the `composer fund` command to find out more! ``` -------------------------------- ### Example Language File Naming Conventions Source: https://github.com/leenooks/phpldapadmin/blob/master/resources/lang/README.md Illustrates common naming conventions for language files, including general language codes and country-specific variations. ```text * `en.json` for English (General), * `en-GB.json` for English (Great Britain), * `zh-CN.json` for Chinese (China), * `zh-TW.json` for Chinese (Taiwan), etc ``` -------------------------------- ### List Directory Contents Source: https://github.com/leenooks/phpldapadmin/wiki/Installation-Instructions Verify the installation directory contents after cloning or extracting phpLDAPadmin. ```bash 6c6d03dce5a6:/var/www/html$ ls LICENSE app composer.json database package.json resources tests README.md artisan composer.lock docker phpunit.xml routes webpack.mix.js VERSION bootstrap config package-lock.json public storage ``` -------------------------------- ### Define Custom LDAP Entry Template with JSON Source: https://context7.com/leenooks/phpldapadmin/llms.txt Use JSON files to define custom templates for guided entry creation in phpLDAPadmin. Place custom templates in the `templates/custom/` directory. This example shows a staff user account template. ```json // templates/custom/staff_account.json { "title": "Staff User Account", "description": "New staff user with posixAccount", "enabled": true, "icon": "fa-user-tie", "rdn": "cn", "regexp": "/^ou=staff,/", "objectclasses": [ "inetOrgPerson", "posixAccount" ], "attributes": { "givenName": { "display": "First Name", "onchange": [ "=autoFill(cn;%givenName% %sn/U%)", "=autoFill(uid;%givenName|0-1/l%%sn/l%)" ], "order": 1 }, "sn": { "display": "Last Name", "onchange": ["=autoFill(cn;%givenName% %sn/U%)"], "order": 2 }, "cn": { "display": "Common Name", "readonly": true, "order": 3 }, "uid": { "display": "Username", "order": 4 }, "userPassword": { "display": "Password", "helper": "ARGON2ID", "order": 5 }, "uidNumber": { "display": "UID", "readonly": true, "value": "=getNextNumber(/;uidNumber)", "order": 6 }, "gidNumber": { "display": "Primary Group", "type": "select", "options": "=getSelectList(/;(objectClass=posixGroup);gidNumber;%gidNumber%;%cn/C% [%gidNumber%])", "order": 7 }, "homeDirectory": { "display": "Home Dir", "order": 8 }, "loginShell": { "display": "Shell", "type": "select", "options": { "/bin/bash": "Bash", "/bin/zsh": "ZSH", "/usr/sbin/nologin": "No Login" }, "value": "/bin/bash", "order": 9 }, "mail": { "display": "Email Address", "order": 10 } } } ``` -------------------------------- ### Run phpLDAPadmin Docker Container Source: https://context7.com/leenooks/phpldapadmin/llms.txt Start the phpLDAPadmin Docker container with essential environment variables for LDAP connectivity and application settings. Ensure to replace placeholder values with your specific configuration. ```bash # 2. Start the container (replace values as needed) docker run -d \ --name pla \ -e APP_KEY="base64:3JrewY/3wdVdjKKQxfyh7Zn1gqBzLJfCL3JLfY4n1p4=" \ -e LDAP_HOST="ldap.example.org" \ -e LDAP_USERNAME="cn=admin,dc=example,dc=org" \ -e LDAP_PASSWORD="secret" \ -e LDAP_BASE_DN="dc=example,dc=org" \ -e LDAP_ALLOW_GUEST="false" \ -p 80:8080 \ -v pla_sessions:/app/storage/framework/sessions \ -v pla_logs:/app/storage/logs \ phpldapadmin/phpldapadmin # 3. Open http://localhost in a browser # Login with LDAP credentials (default login attribute: uid) ``` -------------------------------- ### Run phpldapadmin Docker Container Source: https://github.com/leenooks/phpldapadmin/wiki/Installation-Instructions This command starts the phpldapadmin Docker container. Replace '10.10.10.10' with your LDAP server's IP or hostname. The container maps port 8080 internally to port 80 on the host. ```bash docker run -itd -e LDAP_HOST=10.10.10.10 -p 80:8080 phpldapadmin/phpldapadmin ``` -------------------------------- ### OpenLDAP rootdn Configuration Example Source: https://github.com/leenooks/phpldapadmin/wiki/FAQ This configuration snippet shows the rootdn and its password, which is relevant when troubleshooting login issues in PLA, especially if the rootdn entry itself does not exist in the LDAP server. ```ini olcRootDN: cn=admin,dc=Test olcRootPW:: [ROOTDN PASSWORD] ``` -------------------------------- ### ldapsearch Anonymous Bind Example Source: https://github.com/leenooks/phpldapadmin/wiki/FAQ This `ldapsearch` command demonstrates an anonymous bind to an LDAP server. It is used to illustrate a scenario where anonymous binds might fail to return necessary attributes like 'objectclass', preventing successful logins in PLA if not configured correctly. ```bash > ldapsearch -vxh localhost -b 'ou=People,o=Simpsons' -s sub # Bart Simpson, People, Simpsons dn: cn=Bart Simpson,ou=People,o=Simpsons cn: Bart Simpson gidNumber: 1000 givenName: Bart homeDirectory: /home/users/simpsons/bart mail: bart.simpson@example.com sn: Simpson uid: bart uidNumber: 1000 ``` -------------------------------- ### Run PLA Docker Container with HTTP Source: https://github.com/leenooks/phpldapadmin/wiki/Docker-‐-http-&-https Start the PLA Docker container and map port 8080 on the host to port 8080 in the container. Access PLA via http://localhost:8080. To use a different host port, adjust the -p option. ```bash docker run -it -p 8080:8080 leenooks/phpldapadmin ``` -------------------------------- ### LDAP Server Log Example Source: https://github.com/leenooks/phpldapadmin/wiki/FAQ This log snippet from an OpenLDAP server indicates a successful BIND operation but a subsequent search failure for the rootdn entry, which is a common cause for login issues when LDAP_LOGIN_ATTR is set to 'dn'. ```log 68049600.366eef01 0xfffe05af1ab0 conn=1105 fd=30 ACCEPT from IP=10.0.0.2:32818 (IP=0.0.0.0:389) 68049600.3677a7c9 0xfffe095fcab0 conn=1105 op=0 BIND dn="cn=admin,dc=Test" method=128 68049600.3699cba9 0xfffe095fcab0 conn=1105 op=0 BIND dn="cn=admin,dc=Test" mech=SIMPLE bind_ssf=0 ssf=0 68049600.369cb2d6 0xfffe095fcab0 conn=1105 op=0 RESULT tag=97 err=0 qtime=0.000013 etime=0.002692 text= 68049600.36eb49c9 0xfffe078f7ab0 conn=1105 op=1 SRCH base="cn=admin,dc=Test" scope=0 deref=0 filter="(objectClass=*)" 68049600.36eb93ae 0xfffe078f7ab0 conn=1105 op=1 SRCH attr=entryuuid * 68049600.37389ae3 0xfffe078f7ab0 conn=1105 op=1 SEARCH RESULT tag=101 err=32 qtime=0.000126 etime=0.005515 nentries=0 text= 68049601.0bbb6ecb 0xfffe05af1ab0 conn=1105 op=2 UNBIND 68049601.0bc180b1 0xfffe05af1ab0 conn=1105 fd=30 closed ``` -------------------------------- ### Entry Export (LDIF) - GET /entry/export/{encrypted-id} Source: https://context7.com/leenooks/phpldapadmin/llms.txt Exports an LDAP entry and its descendants as an LDIF document. The entry is identified by an encrypted ID obtained from Entry::getDNSecure(). Binary values are base64-encoded and long lines are wrapped. ```bash # Get the encrypted ID of a DN from the tree, then: curl -s "http://localhost/entry/export/" \ -H "Cookie: laravel_session=" # Example LDIF output: # version: 1 # # # Entry 1: uid=jdoe,ou=users,dc=example,dc=org # dn: uid=jdoe,ou=users,dc=example,dc=org # objectClass: inetOrgPerson # objectClass: posixAccount # cn: John Doe # sn: Doe # uid: jdoe # uidNumber: 1042 # gidNumber: 1000 # homeDirectory: /home/1000/jdoe # loginShell: /bin/zsh # mail: jdoe@example.org ``` -------------------------------- ### Verify LDAP Connectivity Source: https://context7.com/leenooks/phpldapadmin/llms.txt Test the LDAP connection settings configured in the environment file. This command checks connectivity using different protocols (LDAP, LDAPS, STARTTLS) and reports success or failure. ```bash # Verify LDAP connectivity ./artisan ldap:test # Output: # +------------+------------+------------------+-------------------------+---------------+ # | Connection | Successful | Username | Message | Response Time | # +------------+------------+------------------+-------------------------+---------------+ # | ldap | ✔ Yes | cn=Admin,dc=Test | Successfully connected. | 652.69ms | # | ldaps | ✔ Yes | cn=Admin,dc=Test | Successfully connected. | 697.69ms | # | starttls | ✔ Yes | cn=Admin,dc=Test | Successfully connected. | 704.03ms | # +------------+------------+------------------+-------------------------+---------------+ ``` -------------------------------- ### List Direct Child Entries with Server::children() Source: https://context7.com/leenooks/phpldapadmin/llms.txt Fetches immediate children of a DN, pre-fetching subordinate information for tree display. Requires a configured LDAP server instance. ```php $server = config('server'); $children = $server->children('ou=users,dc=example,dc=org'); foreach ($children as $child) { echo $child->getRdn(); // "uid=jdoe" echo $child->getDn(); // "uid=jdoe,ou=users,dc=example,dc=org" echo $child->has_children; // bool echo $child->icon(); // "fas fa-user" } ``` -------------------------------- ### Retrieve Base DNs from LDAP Server Source: https://context7.com/leenooks/phpldapadmin/llms.txt Use `Server::baseDNs()` to get a cached collection of naming contexts. Results are cached per-session. Specify `objects: false` to retrieve only DN strings. ```php use App\Classes\LDAP\Server; // Returns Collection (objects=true, default) $bases = Server::baseDNs(); foreach ($bases as $base) { echo $base->getDn(); // "dc=example,dc=org" echo $base->getRdn(); // "dc=example" echo $base->getDNSecure(); // AES-encrypted string safe for HTML/JS echo $base->is_base; // true } // Returns Collection of DN strings only $dnsOnly = Server::baseDNs(objects: false); // ["dc=example,dc=org", "dc=test,dc=org"] ``` -------------------------------- ### Test LDAP Connection Source: https://github.com/leenooks/phpldapadmin/wiki/Installation-Instructions Run this command to test the connection to your LDAP server. It checks connections using ldap, ldaps, and starttls protocols. ```bash 6c6d03dce5a6:/var/www/html$ ./artisan ldap:test Testing LDAP connection [ldap]... Testing LDAP connection [ldaps]... Testing LDAP connection [starttls]... +------------+------------+------------------+-------------------------+---------------+ | Connection | Successful | Username | Message | Response Time | ``` -------------------------------- ### Clone phpLDAPadmin Repository Source: https://github.com/leenooks/phpldapadmin/wiki/Installation-Instructions Use this command to clone the phpLDAPadmin repository. Ensure you checkout a specific release version after cloning. ```bash 6c6d03dce5a6:/var/www/html$ git clone https://github.com/leenooks/phpLDAPadmin.git . Cloning into '.'... remote: Enumerating objects: 9604, done. remote: Counting objects: 100% (1819/1819), done. remote: Compressing objects: 602/602, done. remote: Total 9604 (delta 1313), reused 1466 (delta 1134), pack-reused 7785 (from 2) Receiving objects: 100% (9604/9604), 9.05 MiB | 6.02 MiB/s, done. Resolving deltas: 100% (5580/5580), done. 6c6d03dce5a6:/var/www/html$ git checkout 2.0.3 Note: switching to '2.0.3'. ... ``` -------------------------------- ### Fetch Tree Children - AJAX POST /ajax/children Source: https://context7.com/leenooks/phpldapadmin/llms.txt Loads child entries for a given parent DN. Pass the encrypted parent DN as the '_key' parameter. The response includes details for each child and an optional node for creating new entries. ```bash curl -s -X POST http://localhost/ajax/children \ -H "X-CSRF-TOKEN: " \ -H "Cookie: laravel_session=" \ -d "_key=&create=1" | jq . # Response: # [ # { # "title": "[Create Entry]", # "item": "", # "lazy": false, # "icon": "fas fa-fw fa-square-plus text-warning", # "tooltip": "Create new LDAP item here" # }, # { # "title": "ou=users", # "item": "", # "icon": "fas fa-object-group", # "lazy": true, # "tooltip": "ou=users,dc=example,dc=org" # } # ] ``` -------------------------------- ### Entry Import (LDIF) - POST /entry/import/process/ldif Source: https://context7.com/leenooks/phpldapadmin/llms.txt Parses and applies an LDIF file or text to the LDAP server. Supports 'add' and 'modify' change types, base64 values, and multi-line continuations. Returns a status view of the import process. ```bash # Import via file upload curl -s -X POST http://localhost/entry/import/process/ldif \ -H "X-CSRF-TOKEN: " \ -H "Cookie: laravel_session=" \ -F "file=@/tmp/new_users.ldif" ``` -------------------------------- ### Create LDAP Entry using Form Data Source: https://context7.com/leenooks/phpldapadmin/llms.txt Creates a new LDAP entry using form data. Specify the parent container, RDN, and template. All attribute values must be sent as arrays. ```bash curl -s -X POST http://localhost/entry/create \ -H "X-CSRF-TOKEN: " \ -H "Cookie: laravel_session=" \ -d "_key=" \ -d "_rdn=uid" \ -d "_rdn_value=jdoe" \ -d "_step=2" \ -d "_template=templates/user_account.json" \ -d "objectclass[_null_][]=inetOrgPerson" \ -d "objectclass[_null_][]=posixAccount" \ -d "cn[_null_][]=John Doe" \ -d "sn[_null_][]=Doe" \ -d "uid[_null_][]=jdoe" \ -d "uidNumber[_null_][]=1042" \ -d "gidNumber[_null_][]=1000" \ -d "homeDirectory[_null_][]=/home/1000/jdoe" ``` -------------------------------- ### AJAX: Fetch Tree Children Source: https://context7.com/leenooks/phpldapadmin/llms.txt Loads child entries for a given parent DN (passed as an encrypted `_key`). Returns icon, lazy-load flag, and tooltip for each child, plus an optional "Create Entry" node at the top. ```APIDOC ## POST /ajax/children ### Description Loads child entries for a given parent DN (passed as an encrypted `_key`). Returns icon, lazy-load flag, and tooltip for each child, plus an optional "Create Entry" node at the top. ### Method POST ### Endpoint /ajax/children ### Parameters #### Request Body - **_key** (string) - Required - Encrypted parent DN. - **create** (integer) - Optional - Set to 1 to include the "Create Entry" node. ### Request Headers - X-CSRF-TOKEN: - Cookie: laravel_session= ### Response #### Success Response (200) - An array of objects, each representing a child entry or the "Create Entry" node, including `title`, `item` (encrypted DN or command), `lazy` flag, `icon`, and `tooltip`. ### Response Example ```json [ { "title": "[Create Entry]", "item": "", "lazy": false, "icon": "fas fa-fw fa-square-plus text-warning", "tooltip": "Create new LDAP item here" }, { "title": "ou=users", "item": "", "icon": "fas fa-object-group", "lazy": true, "tooltip": "ou=users,dc=example,dc=org" } ] ``` ``` -------------------------------- ### Entry Model - Create New Entry Source: https://context7.com/leenooks/phpldapadmin/llms.txt Creates and persists a new LDAP entry. Attribute assignments support tag-keyed arrays for language-tag and binary-tag support. Saving the entry performs an LDAP add operation. ```APIDOC ## `Entry` Model — Create and Persist a New LDAP Entry `App\Ldap\Entry` extends LdapRecord's `Model`. Attribute assignments accept tag-keyed arrays where `Entry::TAG_NOTAG` (`'_null_'`) denotes untagged values, enabling language-tag and binary-tag support. Calling `save()` performs an LDAP add. ```php use App\Ldap\Entry; use LdapRecord\Exceptions\InsufficientAccessException; use LdapRecord\LdapRecordException; $entry = new Entry; $entry->setDn('uid=newuser,ou=users,dc=example,dc=org'); $entry->objectclass = [Entry::TAG_NOTAG => ['inetOrgPerson', 'posixAccount']]; $entry->cn = [Entry::TAG_NOTAG => ['New User']]; $entry->sn = [Entry::TAG_NOTAG => ['User']]; $entry->uid = [Entry::TAG_NOTAG => ['newuser']]; $entry->uidnumber = [Entry::TAG_NOTAG => ['1050']]; $entry->gidnumber = [Entry::TAG_NOTAG => ['1000']]; $entry->homedirectory = [Entry::TAG_NOTAG => ['/home/1000/newuser']]; try { $entry->save(); echo 'Created: ' . $entry->getDn(); } catch (InsufficientAccessException $e) { echo 'Access denied: ' . $e->getDetailedError()->getErrorMessage(); } catch (LdapRecordException $e) { echo 'LDAP error ' . $e->getDetailedError()->getErrorCode() . ': ' . $e->getDetailedError()->getErrorMessage(); } ``` ``` -------------------------------- ### Configure phpLDAPadmin Environment Variables Source: https://context7.com/leenooks/phpldapadmin/llms.txt List of essential environment variables for configuring phpLDAPadmin. These variables control application behavior, LDAP connection details, authentication, and performance settings. ```bash # Minimal required variables APP_KEY=base64:... # From: artisan key:generate --show LDAP_HOST=ldap.example.org # Hostname / IP of the LDAP server # Connection options LDAP_PORT=389 # Default 389; use 636 for LDAPS LDAP_CONNECTION=ldap # ldap | ldaps | starttls (see config/ldap.php) LDAP_USERNAME=cn=admin,dc=example,dc=org LDAP_PASSWORD=secret LDAP_SSL=false LDAP_TLS=false LDAP_SASL=false # Base DN (auto-detected from rootDSE if omitted; colon-delimited for multiple) LDAP_BASE_DN=dc=example,dc=org:dc=other,dc=org # Authentication / access LDAP_ALLOW_GUEST=false # true = anonymous bind browse without login LDAP_LOGIN_ATTR=uid # Attribute for the login form; use DN for full-DN login LDAP_LOGIN_ATTR_DESC=User ID # Label shown in the login box LDAP_LOGIN_OBJECTCLASS=posixAccount # Comma-separated; user needs at least one # Performance LDAP_CACHE=false # Enable query result caching CACHE_DRIVER=file # file | memcached | redis LDAP_CACHE_TIME=300 # Seconds # Templates LDAP_TEMPLATE_EXCLUDE_SYSTEM=false # true = only load templates/custom/ LDAP_TEMPLATE_UIDNUMBER_START=1000 LDAP_TEMPLATE_GIDNUMBER_START=1000 ``` -------------------------------- ### Schema Viewer - AJAX POST /ajax/schema/view Source: https://context7.com/leenooks/phpldapadmin/llms.txt Fetches a rendered HTML fragment for the in-browser schema viewer. This endpoint supports viewing object classes, attribute types, LDAP syntaxes, and matching rules. ```bash # Fetch object classes fragment curl -s -X POST http://localhost/ajax/schema/view \ -H "X-CSRF-TOKEN: " \ -d "type=objectclasses" # Fetch attribute types fragment curl -s -X POST http://localhost/ajax/schema/view \ -d "type=attributetypes" # Other valid types: ldapsyntaxes | matchingrules ``` -------------------------------- ### Server::fetch() Source: https://context7.com/leenooks/phpldapadmin/llms.txt Retrieves a single LDAP Entry by its Distinguished Name (DN) with loop-detection. ```APIDOC ## Server::fetch() ### Description Retrieves a single `Entry` model by DN with loop-detection guard (max depth 2). All operational (`+`) and user (`*`) attributes are fetched by default. ### Method `fetch(string $dn, array $attributes = ['*']): ?Entry` ### Parameters #### Path Parameters - **dn** (string) - Required - The Distinguished Name (DN) of the entry to fetch. - **attributes** (array) - Optional - An array of attribute names to fetch. Defaults to `['*']` which fetches all user and operational attributes. ### Request Example ```php use App\Classes\LDAP\Server; $server = config('server'); // Server singleton bound in AppServiceProvider // Fetch all attributes $entry = $server->fetch('uid=jdoe,ou=users,dc=example,dc=org'); if ($entry) { echo $entry->getDn(); echo $entry->getFirstAttribute('cn'); // "John Doe" echo $entry->getFirstAttribute('mail'); // "jdoe@example.org" echo $entry->icon(); // "fas fa-user" echo $entry->has_children; // false // Retrieve a typed Attribute object $pw = $entry->getObject('userpassword'); $hash = $pw->hash($pw->tagValues()->first()); // Password hash object $valid = $hash->compare($pw->tagValues()->first(), 'plaintextguess'); // bool } // Fetch specific attributes only $minimal = $server->fetch('ou=groups,dc=example,dc=org', ['dn', 'cn', 'member']); ``` ### Response #### Success Response (200) - **?Entry** - An `Entry` model object if found, otherwise `null`. The `Entry` object has methods like `getDn()`, `getFirstAttribute()`, `getObject()`, and properties like `has_children`. #### Response Example ```json { "dn": "uid=jdoe,ou=users,dc=example,dc=org", "attributes": { "cn": ["John Doe"], "mail": ["jdoe@example.org"], "userPassword": ["...hash..."] // ... other attributes }, "icon": "fas fa-user", "has_children": false } ``` ``` -------------------------------- ### Minimal Caddy Configuration for PLA Proxy Source: https://github.com/leenooks/phpldapadmin/wiki/Docker-‐-http-&-https This Caddy configuration uses a reusable snippet to proxy requests to the PLA container. It handles TLS certificates and forwards traffic to the specified backend address. ```caddy # CADDY direct to HTTP server (docker-proxy) { encode zstd gzip reverse_proxy {args[0]} } demo.phpldapadmin.org { tls path/to/org.phpldapadmin.demo.crt path/to/org.phpldapadmin.demo.key import docker-proxy pla_web:8080 } ``` -------------------------------- ### Entry Import (LDIF) Source: https://context7.com/leenooks/phpldapadmin/llms.txt Parses and applies an RFC 2849 LDIF file or pasted text to the LDAP server. Returns a result view with per-entry success/failure status. ```APIDOC ## POST /entry/import/process/ldif ### Description Parses and applies an RFC 2849 LDIF file or pasted text to the LDAP server. Supports `add` and `modify` change types, base64-encoded values, multi-line continuations, and attribute language tags. Returns a result view with per-entry success/failure status. ### Method POST ### Endpoint /entry/import/process/ldif ### Parameters #### Request Body - **file** (file) - Required - The LDIF file to import. ### Request Headers - X-CSRF-TOKEN: - Cookie: laravel_session= ### Response #### Success Response (200) - A result view detailing the success or failure status for each entry processed. ``` -------------------------------- ### Create and Persist a New LDAP Entry Source: https://context7.com/leenooks/phpldapadmin/llms.txt Creates a new LDAP entry using the Entry model. Supports language-tagged attributes and requires proper exception handling for LDAP operations. Ensure necessary use statements are included. ```php use App\Ldap\Entry; use LdapRecord\Exceptions\InsufficientAccessException; use LdapRecord\LdapRecordException; $entry = new Entry; $entry->setDn('uid=newuser,ou=users,dc=example,dc=org'); $entry->objectclass = [Entry::TAG_NOTAG => ['inetOrgPerson', 'posixAccount']]; $entry->cn = [Entry::TAG_NOTAG => ['New User']]; $entry->sn = [Entry::TAG_NOTAG => ['User']]; $entry->uid = [Entry::TAG_NOTAG => ['newuser']]; $entry->uidnumber = [Entry::TAG_NOTAG => ['1050']]; $entry->gidnumber = [Entry::TAG_NOTAG => ['1000']]; $entry->homedirectory = [Entry::TAG_NOTAG => ['/home/1000/newuser']]; try { $entry->save(); echo 'Created: ' . $entry->getDn(); } catch (InsufficientAccessException $e) { echo 'Access denied: ' . $e->getDetailedError()->getErrorMessage(); } catch (LdapRecordException $e) { echo 'LDAP error ' . $e->getDetailedError()->getErrorCode() . ': ' . $e->getDetailedError()->getErrorMessage(); } ``` -------------------------------- ### Server::children() Source: https://context7.com/leenooks/phpldapadmin/llms.txt Lists the immediate children of a given Distinguished Name (DN). It fetches subordinate information to enable tree expansion without extra requests. ```APIDOC ## `Server::children()` — List Direct Child Entries Returns a sorted `LDAPCollection` of immediate children of a DN, with `hassubordinates`/`numsubordinates` fetched to allow the tree to show expand arrows without an extra round-trip. ```php $server = config('server'); $children = $server->children('ou=users,dc=example,dc=org'); foreach ($children as $child) { echo $child->getRdn(); // "uid=jdoe" echo $child->getDn(); // "uid=jdoe,ou=users,dc=example,dc=org" echo $child->has_children; // bool echo $child->icon(); // "fas fa-user" } ``` ``` -------------------------------- ### Server::baseDNs() Source: https://context7.com/leenooks/phpldapadmin/llms.txt Retrieves a cached Collection of Entry model objects for all naming contexts. Results are cached per-session. ```APIDOC ## Server::baseDNs() ### Description Static method on `App\Classes\LDAP\Server`. Returns a cached `Collection` of `Entry` model objects for all naming contexts, sourced either from `LDAP_BASE_DN` or the server's `rootDSE namingContexts`. Results are cached per-session for `LDAP_CACHE_TIME` seconds. ### Method `static baseDNs(bool $objects = true): Collection` ### Parameters #### Query Parameters - **objects** (bool) - Optional - If true (default), returns `Collection`; if false, returns `Collection` of DN strings only. ### Request Example ```php use App\Classes\LDAP\Server; // Returns Collection (objects=true, default) $bases = Server::baseDNs(); foreach ($bases as $base) { echo $base->getDn(); // "dc=example,dc=org" echo $base->getRdn(); // "dc=example" echo $base->getDNSecure(); // AES-encrypted string safe for HTML/JS echo $base->is_base; // true } // Returns Collection of DN strings only $dnsOnly = Server::baseDNs(objects: false); // ["dc=example,dc=org", "dc=test,dc=org"] ``` ### Response #### Success Response (200) - **Collection** - A collection of Entry objects, each with methods like `getDn()`, `getRdn()`, `getDNSecure()`, and properties like `is_base`. - **Collection** - A collection of DN strings. #### Response Example ```json // Example for objects: true [ { "dn": "dc=example,dc=org", "rdn": "dc=example", "is_base": true // ... other Entry object properties } ] // Example for objects: false [ "dc=example,dc=org", "dc=test,dc=org" ] ``` ``` -------------------------------- ### AJAX: Fetch LDAP Tree Base DNs Source: https://context7.com/leenooks/phpldapadmin/llms.txt Returns the base DNs of the configured LDAP server as a JSON array suitable for populating the FancyTree root nodes. Each item includes an encrypted `item` key used for all subsequent tree operations. ```APIDOC ## POST /ajax/bases ### Description Returns the base DNs of the configured LDAP server as a JSON array suitable for populating the FancyTree root nodes. Each item includes an encrypted `item` key used for all subsequent tree operations. ### Method POST ### Endpoint /ajax/bases ### Request Headers - X-CSRF-TOKEN: - Cookie: laravel_session= ### Response #### Success Response (200) - An array of objects, each containing `title`, `item` (encrypted DN), `lazy` flag, `icon`, and `tooltip`. ### Response Example ```json [ { "title": "dc=example,dc=org", "item": "", "lazy": true, "icon": "fa-fw fas fa-sitemap", "tooltip": "dc=example,dc=org" } ] ``` ``` -------------------------------- ### LDIF Import Source: https://context7.com/leenooks/phpldapadmin/llms.txt Parses RFC 2849 LDIF text and applies it to the connected LDAP server. It returns a collection of result maps for each entry processed. ```APIDOC ## LDIF Import Programmatic Usage `App\Classes\LDAP\Import\LDIF` parses RFC 2849 LDIF text and applies it to the connected LDAP server. Returns a `Collection` of per-entry result maps. ```php use App\Classes\LDAP\Import\LDIF as LDIFImport; use App\Exceptions\Import\{GeneralException, VersionException}; $ldifText = <<process(); foreach ($results as $result) { echo $result->get('dn') . ': ' . $result->get('result') . PHP_EOL; // uid=bsmith,...: Added // uid=jdoe,...: Modified } } catch (VersionException $e) { echo 'LDIF version error: ' . $e->getMessage(); } catch (GeneralException $e) { echo 'Parse error: ' . $e->getMessage(); } ``` ``` -------------------------------- ### Server::schema() Source: https://context7.com/leenooks/phpldapadmin/llms.txt Introspects the LDAP schema, loading and caching parsed schema items. ```APIDOC ## Server::schema() ### Description Loads and caches parsed schema items from the server's subschema subentry. Returns full collections or individual items for `objectclasses`, `attributetypes`, `ldapsyntaxes`, and `matchingrules`. ### Method `schema(string $type, ?string $name = null): Collection|SchemaItem|null` ### Parameters #### Path Parameters - **type** (string) - Required - The type of schema item to retrieve. Accepted values are `objectclasses`, `attributetypes`, `ldapsyntaxes`, `matchingrules`. - **name** (string|null) - Optional - The name of a specific schema item to retrieve. If null, returns a collection of all items of the specified type. ### Request Example ```php $server = config('server'); // All object classes (Collection) $allOCs = $server->schema('objectclasses'); // Single object class by name $oc = $server->schema('objectclasses', 'inetOrgPerson'); echo $oc->name; // "inetOrgPerson" echo $oc->isStructural(); // true or false echo $oc->isAuxiliary(); // false // Required and optional attributes for the class foreach ($oc->getMustAttrs() as $attr) { echo $attr->name; // e.g. "cn", "sn" } foreach ($oc->getMayAttrs() as $attr) { echo $attr->name; // e.g. "mail", "telephoneNumber" } // Single attribute type $at = $server->schema('attributetypes', 'mail'); echo $at->sub_str_rule() ? 'substring search ok' : 'no sub search'; // All LDAP syntaxes $syntaxes = $server->schema('ldapsyntaxes'); // All matching rules $rules = $server->schema('matchingrules') ->sortBy(fn($item) => strtolower($item->name)); ``` ### Response #### Success Response (200) - **Collection** - A collection of schema items (e.g., `ObjectClass`, `AttributeType`) if `name` is null. - **SchemaItem** - A specific schema item object (e.g., `ObjectClass`) if `name` is provided. - **null** - If the requested schema item is not found. #### Response Example ```json // Example for $server->schema('objectclasses', 'inetOrgPerson') { "name": "inetOrgPerson", "isStructural": true, "isAbstract": false, "mustContain": ["cn", "sn", "uid"], "mayContain": ["mail", "telephoneNumber", "homeDirectory", "loginShell"] } // Example for $server->schema('attributetypes', 'mail') { "name": "mail", "numericOid": "2.16.840.1.113730.3.2.2", "desc": "RFC4519 mail attribute", "syntax": "1.3.6.1.4.1.1466.115.121.1.15", "equality": "caseIgnoreMatch", "ordering": "caseIgnoreOrderingMatch", "substr": "caseIgnoreSubstringsMatch", "singleValue": false } ``` ``` -------------------------------- ### Generate Encryption Key for Docker Container Source: https://github.com/leenooks/phpldapadmin/wiki/Docker-Container Use this command to generate a secure encryption key for your phpLDAPadmin container. This key is used to encrypt session data and should be persisted using the APP_KEY environment variable. ```bash docker run -it --rm phpldapadmin/phpldapadmin ./artisan key:generate --show ``` -------------------------------- ### Create LDAP Entry Source: https://context7.com/leenooks/phpldapadmin/llms.txt Creates a new LDAP entry from submitted form data. The RDN and its value are specified, along with the parent container and a template. Attribute values are provided as arrays. ```APIDOC ## Create LDAP Entry — `POST /entry/create` Creates a new LDAP entry from a submitted form. The `_rdn` and `_rdn_value` fields compose the new DN beneath the container specified by `_key`. All attribute values are passed as arrays keyed by attribute name. ```bash curl -s -X POST http://localhost/entry/create \ -H "X-CSRF-TOKEN: " \ -H "Cookie: laravel_session=" \ -d "_key=" \ -d "_rdn=uid" \ -d "_rdn_value=jdoe" \ -d "_step=2" \ -d "_template=templates/user_account.json" \ -d "objectclass[_null_][]=inetOrgPerson" \ -d "objectclass[_null_][]=posixAccount" \ -d "cn[_null_][]=John Doe" \ -d "sn[_null_][]=Doe" \ -d "uid[_null_][]=jdoe" \ -d "uidNumber[_null_][]=1042" \ -d "gidNumber[_null_][]=1000" \ -d "homeDirectory[_null_][]=/home/1000/jdoe" ``` ### Response - On success: 302 redirect to / with flash 'success' message, fragment = encrypted new DN - On LDAP error 50 (insufficient access): 302 redirect with 'failed' message - On duplicate DN: 302 redirect back with 'failed' message ``` -------------------------------- ### Import LDAP Entry via Pasted Text Source: https://context7.com/leenooks/phpldapadmin/llms.txt Use this endpoint to import LDAP entries by pasting LDIF text directly. It handles LDIF version mismatches and object class violations, returning specific HTTP error codes. ```bash curl -s -X POST http://localhost/entry/import/process/ldif \ -H "X-CSRF-TOKEN: " \ -d 'text=version: 1 dn: uid=jsmith,ou=users,dc=example,dc=org changetype: add objectClass: inetOrgPerson objectClass: posixAccount cn: Jane Smith sn: Smith uid: jsmith uidNumber: 1043 gidNumber: 1000 homeDirectory: /home/1000/jsmith userPassword: {ARGON2ID}$argon2id$...' ``` -------------------------------- ### Copy or Move LDAP Entry Source: https://context7.com/leenooks/phpldapadmin/llms.txt Clones an LDAP entry to a new DN. Set `delete=1` to perform a move operation (copy then delete original). Requires the source DN and the target DN. ```bash # Copy (clone to new DN) curl -s -X POST http://localhost/entry/copy-move \ -H "X-CSRF-TOKEN: " \ -d "_key=" \ -d "to_dn=uid=jdoe-backup,ou=archive,dc=example,dc=org" \ -d "delete=0" ``` ```bash # Move (copy + delete) curl -s -X POST http://localhost/entry/copy-move \ -d "_key=" \ -d "to_dn=uid=jdoe,ou=staff,dc=example,dc=org" \ -d "delete=1" ```