LDAP

Discover more about the LDAP component and how to use it on the Digibee Integration Platform.

LDAP makes operations on a LDAP server.

Parameters

Take a look at the configuration parameters of the component. Parameters supported by Double Braces expressions are marked with (DB).

Parameter
Description
Default value
Data type

Account

Account to be used by the component.

N/A

String

Operation

Commands available (Search, Add, Delete, or Modify).

Search

String

Search Operation

Object, One level, or Sub trees.

Object

String

Modify Operation

Commands available (Add Attribute, Remove Attribute, Replace Attribute, or Increment Attribute).

Add Attribute

String

Host Name

Name or IP of LDAP.

199.199.199.1

String

Port

Port of LDAP.

389

Integer

Authentication DN

Distinguished Name (DN) used to connect the LDAP server.

CN=Users,DC=digibee,DC=io

String

Operation DN (DB)

Distinguished Name (DN) used for operations. This field supports Double Braces expressions.

{{message.$.dnOperation}}

String

Filter (DB)

Filter expressions.

{{message.$.dnOperation}}

String

Entries (DB)

JSON expression representing the entries that will be added or modified. This field supports Double Braces expressions.

N/A

String

SSL

If the option is activated, an SSL security protocol can be configured through the Custom SSL Certificate parameter.

False

Boolean

Custom SSL certificate

Specifies the custom account that is used for the secure connection.

N/A

String

Fail On Error

If the option is enabled, the execution of the pipeline with an error will be interrupted; otherwise, the pipeline execution proceeds, but the result will show a false value for the “success” property.

False

Boolean

Parameters additional information

Authentication DN

The Authentication DN parameter must be configured with the full path to the aimed user. With that, if Distinguished Name is equal to "CN=UserExample,OU=FOLDER1,DC=abc,DC=com,DC=br", the Authentication DN parameter will be configured with "OU=FOLDER1,DC=abc,DC=com,DC=br".

The "CN=UserExample" configuration must be used in the username of the account configured in the component, which means that the username receives the "UserExample" value.

LDAP in Action

You can:

  • use a fixed value:

(dnOperation = "ou=system,cn=users")

  • get some JSON of the message, that will search the "data" object of the message:

(dnOperation = "{{ message.$.dn }}

  • combine both examples:

(dnOperation = " ou={{ message.$.dn }}")

  • searchOperation: integrates between 0 and 2 used to search, as:

0 -> Base Object

1 -> One Level

2 -> Full Subtree

  • modifyOperation: integrates between 0 and 3 used to modify, as:

0 -> Add attribute

1 -> Exclude attribute

2 -> Substitute attribute

3 -> Increment attribute

  • filter: filters configurations for the same search operation.

Example: filter "(objectClass=)"

You can:

  • use a fixed value:

filter = ("objectClass=)"

  • get some JSON of the message, that will search the 'data' object:

filter = "{{ message.$.filter }}

  • combine both examples:

filter = "objectClass={{ message.$.filter }}"

  • entries: the object used to add or modify the entries in LDAP server.

You can:

  • used a fixed value:

filter = ("objectClass":["top","person"],"cn":"test_ad","sn":"test_sn"}

  • get some JSON of the message, that will search the 'data' object of the message:

entries = "{{ message.$.entries }}

  • combine both examples:

entries = {"objectClass":["top","person"],"cn":"{{ message.$.entries }}","sn":"test_sn"}"

  • operation: the operation you want to execute in LDAP server: SEARCH / ADD / MODIFY / DELETE

  • useSsl: if true, it will be connected using SSL (safe connection); otherwise, it won't be connected

  • failOnError: if true, an error will suspend the execution of the pipeline

LDAP needs authentication. For that, you must create an account with administrator privileges (BASIC type) and use it in the component.

Important: the username to be used in the account must be the field "name" configured in the LDAP server.

To convert Double Braces, we use JSON Path specifications. Click here to know more.

Messages flow

Operation Search

Input

{
  "type": "connector",
  "name": "ldap-connector",
  "accountLabel": "ldap",
  "stepName": "ldap",
  "params": {
    "operation": "SEARCH",
    "host": "LDAP_IP",
    "port": 389,
    "dnAuthentication": "DC=digibee,DC=io",
    "dnOperation": "DC=digibee,DC=io",
    "filter": "(objectClass=)",
    "searchOperation": 0,
    "useSsl": false,
    "failOnError": false
  }
}

Output

{
    "result": [
        {
            "pwdhistorylength": "24"
        },
        {
            "msds-alluserstrustquota": "1000"
        },
        {
            "otherwellknownobjects": [
                "B:32:683A24E2E8164BD3AF86AC3C2CF3F981:CN=Keys,DC=digibee,DC=io",
                "B:32:1EB93889E40C45DF9F0C64D23BBB6237:CN=Managed Service Accounts,DC=digibee,DC=io"
            ]
        }
    ]
}

Operation Add

Input

{
  "type": "connector",
  "name": "ldap-connector",
  "accountLabel": "ldap",
  "stepName": "ldap",
  "params": {
    "operation": "ADD",
    "host": "LDAP_IP",
    "port": 389,
    "dnAuthentication": "DC=digibee,DC=io",
    "entries": "{{ message.$.entries }}",
    "dnOperation": "DC=digibee,DC=io",
    "useSsl": false,
    "failOnError": false
  }
} 

Payload

{
     "entries": {
            "objectClass": ["top", "person"],
            "cn": "test_ad",
            "sn": "test_sn"

     }
 }

Output

{  
    "message": "Entry added successfully",  
    "success": true
}

Operation Modify

Input

{
  "type": "connector",
  "name": "ldap-connector",
  "accountLabel": "ldap",
  "stepName": "ldap",
  "params": {
    "operation": "MODIFY",
    "host": "LDAP_IP",
    "port": 389,
    "dnAuthentication": "DC=digibee,DC=io",
    "entries": "{{ message.$.entries }}",
    "dnOperation": "DC=digibee,DC=io",
    "modifyOperation": 0,
    "useSsl": false,
    "failOnError": false
  }
}

Payload

{
     "entries": {
            "objectClass": ["top", "person"],
            "cn": "test_ad",
            "sn": "test_sn"

     }
}

Output

{  
    "message": "Entry modified successfully",  
    "success": true
}

Operation Delete

Input

{  
    "type": "connector",  
    "name": "ldap-connector",  
    "accountLabel": "ldap",  
    "stepName": "ldap",  
    "params": {    
        "operation": "DELETE",    
        "host": "LDAP_IP",    
        "port": 389,    
        "dnAuthentication": "DC=digibee,DC=io",    
        "dnOperation": "DC=digibee,DC=io",    
        "useSsl": false,    
        "failOnError": false  
    }
}

Output

{  
    "message": "Entry modified successfully",  
    "success": true
}

LDAP supports static Double Braces in the following parameters previously specified:

  • operation

  • host

  • dnAuthentication

  • port

  • modifyOperation

  • searchOperation

  • useSsl

Last updated