Skip to content
background-image background-image

ldap_reader_connector

LDAP Reader Connector

  • Version

    3.0

  • Agent restriction

    None

  • Processing type

    Row by row

  • Multi-input step

    Not Supported

The LDAP reader connector reads data from LDAP server through Lightweight Directory Access Protocol (LDAP). See the Configuration section for a description of each option.


Configuration

LDAP Attributes configuration

Result Path

Defines the LDAP Attributes that will be selected from LDAP server entries.

LDAP Connection configuration

Hostname

The URL of the LDAP server. Define LDAP server in IP address format or dotted format (port can be also included).

Example

  • ldap.ups.local
  • ldap.ups.local:389
  • 192.168.0.1
  • 192.168.0.1:389

BaseDN

Base DN is the starting point of LDAP directory.

It is defined by attributes

  • o - organization
  • ou - organizational unit
  • dc - domain component
  • uid - user ID
  • cn - common name ...

dc=example,dc=com

Authentication Type

Supported authentication types

  • Anonymous - No authentication is performed.
  • Delegation - Enables Active Directory Services Interface (ADSI) to delegate the user''s security context, which is necessary for moving objects across domains.
  • FastBind - Specifies that ADSI will not attempt to query the Active Directory Domain Services objectClass property. Therefore, only the base interfaces that are supported by all ADSI objects will be exposed. Other interfaces that the object supports will not be available. A user can use this option to boost the performance in a series of object manipulations that involve only methods of the base interfaces. However, ADSI does not verify if any of the request objects actually exist on the server.
  • ReadonlyServer - For a WinNT provider, ADSI tries to connect to a domain controller. For Active Directory Domain Services, this flag indicates that a writable server is not required for a serverless binding.
  • Sealing - Encrypts data using Kerberos. The Secure flag must also be set to use sealing.
  • Secure - Requests secure authentication. When this flag is set, the WinNT provider uses NTLM to authenticate the client. Active Directory Domain Services uses Kerberos, and possibly NTLM, to authenticate the client. When the user name and password are a null reference (Nothing in Visual Basic), ADSI binds to the object using the security context of the calling thread, which is either the security context of the user account under which the application is running or of the client user account that the calling thread is impersonating.
  • SecureSocketsLayer - Attaches a cryptographic signature to the message that both identifies the sender and ensures that the message has not been modified in transit. Active Directory Domain Services requires the Certificate Server be installed to support Secure Sockets Layer (SSL) encryption.
  • ServerBind - If your ADsPath includes a server name, specify this flag when using the LDAP provider. Do not use this flag for paths that include a domain name or for serverless paths. Specifying a server name without also specifying this flag results in unnecessary network traffic.
  • Signing - Verifies data integrity to ensure that the data received is the same as the data sent. The Secure flag must also be set to use signing.

Username

Defines the login name that is used for connection authentication.

cn=read-only-admin,dc=example,dc=com

Password

Define the password that is used to authenticate the connection.

Filter

Defines the criteria used to identify entries in search request. Filters are a key element in defining the criteria used to identify entries in search requests.

(objectClass=inetOrgPerson)

For more examples of connection strings, see official documentation.


Input & Output Schema

Input

Data schema is optional

The connector does not expect a specific schema. The required data structure can be achieved by correct configuration. Although the selected connector doesn't require a schema generally, the individual integration task step may need to match the output data structure of the preceding task step and use a data schema selected from the repository or create a new input schema.

Output

JSON (ver. 1.0.0)

Column Data type Allow null Description
JSON JSON No Input/Output in JSON format

Example

LDAP Attribute configuration:

{
"Attributes":[
    {
     "Value":"uid"
    },
    {
     "Value":"cn"
    },
    {
     "Value":"adspath"
    }]
}
Returned data:

[
{
    "uid":"newton",
    "adspath":"LDAP://ldap.forumsys.com/uid=newton,dc=example,dc=com",
    "cn":"Isaac Newton"
},
{
    "uid":"einstein",
    "adspath":"LDAP://ldap.forumsys.com/uid=einstein,dc=example,dc=com",
    "cn":"Albert Einstein"
}
]

Release notes

3.0.3

  • Fixed shared nuget package versions.

3.0.2

  • Fixed right processing of nullable properties.