Cover of the book Symfony 5: The Fast Track

Symfony 5: The Fast Track is the best book to learn modern Symfony development, from zero to production. +300 pages in full color showing how to combine Symfony with Docker, APIs, queues & async tasks, Webpack, Single-Page Applications, etc.

Buy printed version
WARNING: You are browsing the documentation for Symfony 4.0 which is not maintained anymore. Consider upgrading your projects to Symfony 5.1.

The Ldap Component

4.0 version

The Ldap Component

The Ldap component provides a means to connect to an LDAP server (OpenLDAP or Active Directory).


$ composer require symfony/ldap

Alternatively, you can clone the repository.


If you install this component outside of a Symfony application, you must require the vendor/autoload.php file in your code to enable the class autoloading mechanism provided by Composer. Read this article for more details.


The Symfony\Component\Ldap\Ldap class provides methods to authenticate and query against an LDAP server.

The Ldap class uses an Symfony\Component\Ldap\Adapter\AdapterInterface to communicate with an LDAP server. The adapter for PHP’s built-in LDAP extension, for example, can be configured using the following options:

IP or hostname of the LDAP server
Port used to access the LDAP server
The version of the LDAP protocol to use
The encryption protocol: ssl, tls or none (default)
You may use this option instead of host and port to connect to the LDAP server
Specifies whether to automatically follow referrals returned by the LDAP server
LDAP server’s options as defined in ConnectionOptions

For example, to connect to a start-TLS secured LDAP server:

use Symfony\Component\Ldap\Ldap;

$ldap = Ldap::create('ext_ldap', array(
    'host' => 'my-server',
    'encryption' => 'ssl',

Or you could directly specify a connection string:

use Symfony\Component\Ldap\Ldap;

$ldap = Ldap::create('ext_ldap', array('connection_string' => 'ldaps://my-server:636'));

The bind() method authenticates a previously configured connection using both the distinguished name (DN) and the password of a user:

use Symfony\Component\Ldap\Ldap;
// ...

$ldap->bind($dn, $password);

Once bound (or if you enabled anonymous authentication on your LDAP server), you may query the LDAP server using the query() method:

use Symfony\Component\Ldap\Ldap;
// ...

$query = $ldap->query('dc=symfony,dc=com', '(&(objectclass=person)(ou=Maintainers))');
$results = $query->execute();

foreach ($results as $entry) {
    // Do something with the results

By default, LDAP entries are lazy-loaded. If you wish to fetch all entries in a single call and do something with the results’ array, you may use the toArray() method:

use Symfony\Component\Ldap\Ldap;
// ...

$query = $ldap->query('dc=symfony,dc=com', '(&(objectclass=person)(ou=Maintainers))');
$results = $query->execute()->toArray();

// Do something with the results array

Creating or Updating Entries

The Ldap component provides means to create new LDAP entries, update or even delete existing ones:

use Symfony\Component\Ldap\Ldap;
use Symfony\Component\Ldap\Entry;
// ...

$entry = new Entry('cn=Fabien Potencier,dc=symfony,dc=com', array(
    'sn' => array('fabpot'),
    'objectClass' => array('inetOrgPerson'),

$entryManager = $ldap->getEntryManager();

// Creating a new entry

// Finding and updating an existing entry
$query = $ldap->query('dc=symfony,dc=com', '(&(objectclass=person)(ou=Maintainers))');
$result = $query->execute();
$entry = $result[0];
$entry->setAttribute('email', array('[email protected]'));

// Removing an existing entry
$entryManager->remove(new Entry('cn=Test User,dc=symfony,dc=com'));

This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.