LDAP Authentication - Could not complete search

v2025, I try to configure as in the photo but I can’t log in because it gives me an error on the filter. I tried to configure both LDAP filter and LDAP query string in every way. The only way to make the phpmkr2025 configuration work is to enter LDAP search dn (danilo.macri) and LDAP search password (my domain password). if I enter LDAP search dn and LDAP search password the authentication works only that in my company domain we don’t have a standard username and password for searching but you can also do the anonymous search as you can see in phpmkr2024 the configuration only happens with the 4 parameters. Can you help me? If you can’t change the default ldap authentication is it possible to write a custom one? Thanks.

When LDAP is activated, the hard-coded user cannot log in.



As the error message said, it tried to search with the default (sAMAccountName={user_identifier}) and failed, if your LDAP server does not use sAMAccountName, you need to set LDAP uid key as what it uses.

If the LDAP filter is empty, the default filter ({uid_key}={user_identifier}) is used. If your LDAP server uses other filter, this settings is required.

my LDAP server uses sAMAccountName and the search in my case is fine the default because it must be done on sAMAccountName. As you can see in version 2024 I do not use other filters, only and exclusively the 4 parameters and everything works perfectly.
The only way to make LDAP authentication 2025 work is this. not having a generic search account for me is a problem because if I change the password no one enters. Is there a way to pass username and password that the operator enters in the login? (the only solution that comes to mind)

v2025 uses Symfony LDAP component which is a much more advanced component than that in older versions (including v2024) which only does simple binding. The new componentt does not only binds user during authentication, but also search and load user info and refreshes user during subsequent requests for better security. If your LDAP server does not allow anonymous searching without search dn and password, you need to enter the LDAP search dn and LDAP search password (e.g. the admin dn and password).

I saw that v 2025 uses Symfony LDAP component but my server accepts anonymous searches, in fact if I use other libraries I have no problem. The problem seems to be that Symfony LDAP component only performs searches with authentication. Can you kindly reproduce the problem using the anonymous search mode? (you will probably notice that the search occurs only if authenticated even if the server accepts anonymous searches). Is there a way to pass the values ​​entered in the login form to LDAP search dn and LDAP search password?

In your first post the error was Could not complete search with dn “dc=domail,dc=local”, query “(sAMAccountName=danilo.macri)”. So it did try to search anonymously but failed, you may want to double check if:

  1. Your server does allow anonymous search, Active Directory may not allow by default, you may google for more info,
  2. The base dn "dc=domail,dc=local" is correct,
  3. The filter "(sAMAccountName=danilo.macri)" is correct. Are you sure it is enough? May be you need a filter like "(|(sAMAccountName={user_identifier})(userPrincipalName={user_identifier}))"?
  4. You may write a simple script and test searching your server with PHP’s ldap_search first. Then post the code that works with your server for discussion.