The LDAP connection can be used to connect the company's internal LDAP client to xentral in order to be able to identify the employees via LDAP when logging into xentral.
Note
The following instructions assume knowledge of how to use LDAP. Our support cannot help you with the configuration - here you would have to ask your system administrator.
First you have to install the php7.x-ldap package on the server (e.g. php7.0-ldap if the server runs with PHP 7.0).
Under Administration → Settings → System → Basic Settings → System there are the following setting options:
-
LDAP URI → The URI to reach your LDAP client
-
LDAP RDN → Main group of users that can log in
-
LDAP Base DN → Defines where in the directory tree downwards the search for specific objects should be started
-
LDAP Filter → Within the directories can be filtered by stored data. E.g. you can check if the user belongs to the appropriate group and if it is a person at all. (The specification of the LDAP filter is mandatory otherwise the authentication does not work)
Note: You can pass the corresponding user name in xentral in 2 ways:
-
%user%
-
{USER}
Example An example of the settings on an Active Directory would be the following:

Under Administration → Settings → Users you can then select the "LDAP directory" login method within a user.
The user name must match the name of the user in the LDAP directory. The password can be left blank.
In order for the user to log in now, they need their LDAP username and password of the user in the LDAP directory.
For a better understanding, the internal process is described below.
// Connect to the LDAP Server
$ds = ldap_connect($this->app->erp->Firmendaten("ldap_host"));
$search = $this->app->erp->Firmendaten("ldap_searchbase");
$filter = $this->app->erp->Firmendaten("ldap_filter");
$bind_name = str_replace('{USER}',$username,$this->app->erp->Firmendaten("ldap_bindname"));
// Bind LDAP server
$ldapbind = ldap_bind($ds, $bind_name, $password);
// Search on LDAP server
$sr=ldap_search($ds,$search, $filter);
// if find then bind
if(ldap_count_entries($ds,$sr) > 0)
if($ldapbind)