LDAP Authentication SuiteCRM

rsp · 19 June 2025 18:10

Use an ldapsearch to confirm that the bind user can retrieve `givenName` and `sn`. (sudo apt install ldap-utils)

ldapsearch \
  -x \
  -H ldap://your-ad-server \
  -D "bind-user@domain" \
  -W \
  -b "dc=your,dc=domain" \
  "(sAMAccountName=testuser)" \
  givenName sn mail

YAML is picky about formatting and quote types.

parameters:
  ldap.extra_fields: ['mail', 'givenName', 'sn']
  ldap.autocreate.extra_fields_map:
    mail: email1
    givenName: first_name
    sn: last_name

Clear Symfony Cache

./bin/console cache:clear

OR

./bin/console cache:clear --env=prod

Install PHP LDAP extension

sudo apt install php8.2-ldap

Restart Web Server

sudo systemctl restart apache2

OR

sudo systemctl restart php8.2-fpm
sudo systemctl restart nginx

Verify LDAP module is enabled

php -m | grep ldap

LDAP Authentication SuiteCRM

Use an ldapsearch to confirm that the bind user can retrieve givenName and sn. (sudo apt install ldap-utils)

YAML is picky about formatting and quote types.

Clear Symfony Cache

Install PHP LDAP extension

Restart Web Server

Verify LDAP module is enabled

Use an ldapsearch to confirm that the bind user can retrieve `givenName` and `sn`. (sudo apt install ldap-utils)