[HELP] LDAP Authentication with database

Hi. I would like to ask for your help. The search result for LDAP is very limited and I have already tried different methods in fixing the login page for my task. The AD credential should be authenticated using LDAP and I have compiled PHP and enabled LDAP in our server. Please check the codes below or see the attached file. Any suggestions on how to make this work would be of great help.

I have included the ldap function (ldapAuth) in User.php.

I have also created a database table named admin’ with fields id (PK, incremental), username and role.

Thanks in advance.

User.php

<?php

namespace app\models;

class User extends \yii\base\Object implements \yii\web\IdentityInterface

{

public $id;


public $username;


public $password;


public $authKey;


public $accessToken;





private static $users = [


    '100' => [


        'id' => '100',


        'username' => 'admin',


        'password' => 'adm!np@ssword',


        'authKey' => 'test100key',


        'accessToken' => '100-token',


    ],                                                                                      


];





public static function findIdentity($id)


{


    return isset(self::$users[$id]) ? new static(self::$users[$id]) : null;


}





public static function findIdentityByAccessToken($token, $type = null)


{


    foreach (self::$users as $user) {


        if ($user['accessToken'] === $token) {


            return new static($user);


        }


    }


    return null;


}





public static function findByUsername($username)


{


  


    return new static(array ('username' => $username));


  


    foreach (self::$users as $user) {


        if (strcasecmp($user['username'], $username) === 0) {


            return new static($user);


        }


    }


    return null;


}





public function getId()


{


    return $this->id;


}





public function getAuthKey()


{


    return $this->authKey;


}





public function validateAuthKey($authKey)


{


    return $this->authKey === $authKey;


}





[b]public static function ldapAuth($username, $password)[/b] {





    $adServer = "ldap://wsmv001.company.com ldap://wsmv002.company.com ";





    try {


        $ldap = ldap_connect($adServer);


        if (!$ldap) {


            throw new Exception("Unable to connect to ldap server");


            echo "<br><br><br><br>";


            echo "Not connected!";


        }


        else{


            echo "<br><br><br><br>";


            echo "Connected!";


        }


       


        if (strpos($username, '\\') > 0) {


            $parts = explode("\\", $username);


            $region = $parts[0];


            $username = $parts[1];


        }


        else {


            $region = "na";


            $username = $username;


        }





        $ldaprdn = strtoupper($region) . "\\" . $username;


        $ldap_dn = "dc={$region},dc=vishayint,dc=com";





        ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);


        ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);





        $bind = ldap_bind($ldap, $ldaprdn, $password);


        if (!$bind) {


            throw new Exception("unable to authenticate");


        }


        return true;





        // below may be used if/when we use AD groups to define iClock privileges


        echo "Authenticated\r\n";


        $results = ldap_search($ldap,$ldap_dn,"(samaccountname={$username})", array("memberof"));


        //$results = ldap_search($ldap,$ldap_dn);


        $entries = ldap_get_entries($ldap, $results);





        print_r($entries);


        // No information found, bad user


        if($entries['count'] == 0) {


            echo "No entries found\r\n";


        }





        // Get groups and primary group token


        $output = $entries[0]['memberof'];


        $token = $entries[0]['primarygroupid'][0];





        // Remove extraneous first entry


        array_shift($output);





        // We need to look up the primary group, get list of all groups


        $results2 = ldap_search($ldap,$ldap_dn,"(objectcategory=group)",array("distinguishedname","primarygrouptoken"));


        $entries2 = ldap_get_entries($ldap, $results2);





        // Remove extraneous first entry


        array_shift($entries2);





        // Loop through and find group with a matching primary group token


        foreach($entries2 as $e) {


            if($e['primarygrouptoken'][0] == $token) {


                // Primary group found, add it to output array


                $output[] = $e['distinguishedname'][0];


                // Break loop


                break;


            }


        }





        return $output;


    }


    finally {


        @ldap_close($ldap);


    }


}

}

LoginForm.php

<?php

namespace app\models;

use Yii;

use yii\base\Model;

class LoginForm extends Model

{

public $username;


public $password;


public $rememberMe = true;





private $_user = false;





public function rules()


{


    return [


        // username and password are both required


        [['username', 'password'], 'required'],


        // rememberMe must be a boolean value


        ['rememberMe', 'boolean'],


        // password is validated by validatePassword()


        ['password', 'validatePassword'],


    ];


}





public function validatePassword($attribute, $params)


{


    if (!$this->hasErrors()) {


        $user = $this->getUser();





        $this->_user = User::ldapAuth($user, $password);


    }


}





public function login()


{


    if ($this->validate()) {


        return Yii::$app->user->login($this->getUser(), $this->rememberMe ? 3600*24*30 : 0);


    }


    return false;


}





public function getUser()


{


    if ($this->_user === false) {


        $this->_user = User::findByUsername($this->username);


    }





    return $this->_user;


}

}