Adldap2-Laravel comes with a command that allows you to import users from your LDAP server automatically.
Note: Make sure you're able to connect to your LDAP server and have configured the
adldapauth driver correctly before running the command.
To import all users from your LDAP connection simply run php artisan adldap:import.
Note: The import command will utilize all scopes and sync all attributes you have configured in your
config/adldap_auth.phpconfiguration file.
Example:
php artisan adldap:import
Found 2 user(s).You will then be asked:
Would you like to display the user(s) to be imported / synchronized? (yes/no) [no]:
> yConfirming the display of users to will show a table of users that will be imported:
+------------------------------+----------------------+----------------------------------------------+
| Name | Account Name | UPN |
+------------------------------+----------------------+----------------------------------------------+
| John Doe | johndoe | johndoe@email.com |
| Jane Doe | janedoe | janedoe@email.com |
+------------------------------+----------------------+----------------------------------------------+After it has displayed all users, you will then be asked:
Would you like these users to be imported / synchronized? (yes/no) [no]:
> y
2/2 [============================] 100%
Successfully imported / synchronized 2 user(s).To import a single user, insert one of their attributes and Adldap2 will try to locate the user for you:
php artisan adldap:import jdoe@email.com
Found user 'John Doe'.The --filter (or -f) option allows you to enter in a raw filter in combination with your scopes inside your config/adldap_auth.php file:
php artisan adldap:import --filter "(cn=John Doe)"
Found user 'John Doe'.The --no-log option allows you to disable logging during the command.
By default, this is enabled.
php artisan adldap:import --no-logThe --delete (or -d) option allows you to soft-delete deactivated LDAP users. No users will
be deleted if your User model does not have soft-deletes enabled.
php artisan adldap:import --deleteThe --restore (or -r) option allows you to restore soft-deleted re-activated LDAP users.
php artisan adldap:import --restoreNote: Usually the
--restoreand--deleteoptions are used in tandem to allow full synchronization.
To run the import command via a schedule, use the --no-interaction flag:
php artisan adldap:import --no-interactionUsers will be imported automatically with no prompts.
You can also call the command from the Laravel Scheduler, or other commands:
// Importing one user
$schedule->command('adldap:import sbauman', ['--no-interaction'])
->everyMinute();// Importing all users
$schedule->command('adldap:import', ['--no-interaction'])
->everyMinute();// Importing users with a filter
$dn = 'CN=Accounting,OU=SecurityGroups,DC=Acme,DC=Org';
$filter = sprintf('(memberof:1.2.840.113556.1.4.1941:=%s)', $dn);
$schedule->command('adldap:import', ['--no-interaction', '--filter' => $filter])
->everyMinute();- Users who already exist inside your database will be updated with your configured
sync_attributes - Users are never deleted from the import command, you will need to delete users regularly through your model
- Successfully imported (new) users are reported in your log files with:
[2016-06-29 14:51:51] local.INFO: Imported user johndoe- Unsuccessful imported users are also reported in your log files, with the message of the exception:
[2016-06-29 14:51:51] local.ERROR: Unable to import user janedoe. SQLSTATE[23000]: Integrity constraint violation: 1048- Specifying a username uses ambiguous naming resolution, so you're able to specify attributes other than their username, such as their email (
php artisan adldap:import jdoe@mail.com). - If you have a password mutator (setter) on your User model, it will not override it. This way, you can hash the random 16 characters any way you please.