# LDAP **LDAP** makes operations on a LDAP server. ## Parameters Take a look at the configuration parameters of the component. Parameters supported by [Double Braces expressions](/documentation/connectors-and-triggers/double-braces/overview.md) are marked with `(DB)`.

Parameter	Description	Default value	Data type
Account	Account to be used by the component.	N/A	String
Operation	Commands available (Search, Add, Delete, or Modify).	Search	String
Search Operation	Object, One level, or Sub trees.	Object	String
Modify Operation	Commands available (Add Attribute, Remove Attribute, Replace Attribute, or Increment Attribute).	Add Attribute	String
Host Name	Name or IP of LDAP.	199.199.199.1	String
Port	Port of LDAP.	389	Integer
Authentication DN	Distinguished Name (DN) used to connect the LDAP server.	CN=Users,DC=digibee,DC=io	String
Operation DN `(DB)`	Distinguished Name (DN) used for operations. This field supports Double Braces expressions.	{{message.$.dnOperation}}	String
Filter `(DB)`	Filter expressions.	{{message.$.dnOperation}}	String
Entries `(DB)`	JSON expression representing the entries that will be added or modified. This field supports Double Braces expressions.	N/A	String
SSL	If the option is activated, an SSL security protocol can be configured through the Custom SSL Certificate parameter.	False	Boolean
Custom SSL certificate	Specifies the custom account that is used for the secure connection.	N/A	String
Fail On Error	If the option is enabled, the execution of the pipeline with an error will be interrupted; otherwise, the pipeline execution proceeds, but the result will show a false value for the “success” property.	False	Boolean

## Parameters additional information ### Authentication DN The **Authentication DN** parameter must be configured with the full path to the aimed user. With that, if **Distinguished Name** is equal to `"CN=UserExample,OU=FOLDER1,DC=abc,DC=com,DC=br"`, the Authentication DN parameter will be configured with `"OU=FOLDER1,DC=abc,DC=com,DC=br"`. The "CN=UserExample" configuration must be used in the username of the account configured in the component, which means that the username receives the "UserExample" value. ## LDAP in Action You can: * use a fixed value: ***(dnOperation = "ou=system,cn=users")*** * get some JSON of the message, that will search the "data" object of the message: ***(dnOperation = "{{ message.$.dn }}*** * combine both examples: ***(dnOperation = " ou={{ message.$.dn }}")*** * **searchOperation:** integrates between 0 and 2 used to search, as: 0 -> Base Object 1 -> One Level 2 -> Full Subtree * **modifyOperation:** integrates between 0 and 3 used to modify, as: 0 -> Add attribute 1 -> Exclude attribute 2 -> Substitute attribute 3 -> Increment attribute * **filter:** filters configurations for the same search operation. #### Example: filter "(objectClass=)" You can: * use a fixed value: ***filter = ("objectClass=)"*** * get some JSON of the message, that will search the 'data' object: ***filter = "{{ message.$.filter }}*** * combine both examples: ***filter = "objectClass={{ message.$.filter }}"*** * **entries:** the object used to add or modify the entries in LDAP server. You can: * used a fixed value: ***filter = ("objectClass":\["top","person"],"cn":"test\_ad","sn":"test\_sn"}*** * get some JSON of the message, that will search the 'data' object of the message: ***entries = "{{ message.$.entries }}*** * combine both examples: ***entries = {"objectClass":\["top","person"],"cn":"{{ message.$.entries }}","sn":"test\_sn"}"*** * **operation:** the operation you want to execute in LDAP server: SEARCH / ADD / MODIFY / DELETE * **useSsl:** if true, it will be connected using SSL (safe connection); otherwise, it won't be connected * **failOnError:** if true, an error will suspend the execution of the pipeline ***LDAP*** needs authentication. For that, you must create an account with administrator privileges (BASIC type) and use it in the component. {% hint style="info" %} **Important:** the username to be used in the account must be the field "name" configured in the LDAP server. {% endhint %} To convert Double Braces, we use JSON Path specifications. [Click here to know more.](https://github.com/json-path/JsonPath) ## Messages flow ### Operation Search #### **Input** ``` { "type": "connector", "name": "ldap-connector", "accountLabel": "ldap", "stepName": "ldap", "params": { "operation": "SEARCH", "host": "LDAP_IP", "port": 389, "dnAuthentication": "DC=digibee,DC=io", "dnOperation": "DC=digibee,DC=io", "filter": "(objectClass=)", "searchOperation": 0, "useSsl": false, "failOnError": false } } ``` #### **Output** ``` { "result": [ { "pwdhistorylength": "24" }, { "msds-alluserstrustquota": "1000" }, { "otherwellknownobjects": [ "B:32:683A24E2E8164BD3AF86AC3C2CF3F981:CN=Keys,DC=digibee,DC=io", "B:32:1EB93889E40C45DF9F0C64D23BBB6237:CN=Managed Service Accounts,DC=digibee,DC=io" ] } ] } ``` ### Operation Add #### **Input** ``` { "type": "connector", "name": "ldap-connector", "accountLabel": "ldap", "stepName": "ldap", "params": { "operation": "ADD", "host": "LDAP_IP", "port": 389, "dnAuthentication": "DC=digibee,DC=io", "entries": "{{ message.$.entries }}", "dnOperation": "DC=digibee,DC=io", "useSsl": false, "failOnError": false } } ``` #### **Payload** ``` { "entries": { "objectClass": ["top", "person"], "cn": "test_ad", "sn": "test_sn" } } ``` #### **Output** ``` { "message": "Entry added successfully", "success": true } ``` ### Operation Modify #### **Input** ``` { "type": "connector", "name": "ldap-connector", "accountLabel": "ldap", "stepName": "ldap", "params": { "operation": "MODIFY", "host": "LDAP_IP", "port": 389, "dnAuthentication": "DC=digibee,DC=io", "entries": "{{ message.$.entries }}", "dnOperation": "DC=digibee,DC=io", "modifyOperation": 0, "useSsl": false, "failOnError": false } } ``` #### **Payload** ``` { "entries": { "objectClass": ["top", "person"], "cn": "test_ad", "sn": "test_sn" } } ``` #### **Output** ``` { "message": "Entry modified successfully", "success": true } ``` ### Operation Delete #### **Input** ``` { "type": "connector", "name": "ldap-connector", "accountLabel": "ldap", "stepName": "ldap", "params": { "operation": "DELETE", "host": "LDAP_IP", "port": 389, "dnAuthentication": "DC=digibee,DC=io", "dnOperation": "DC=digibee,DC=io", "useSsl": false, "failOnError": false } } ``` #### **Output** ``` { "message": "Entry modified successfully", "success": true } ``` ***LDAP*** supports static Double Braces in the following parameters previously specified: * operation * host * dnAuthentication * port * modifyOperation * searchOperation * useSsl --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.digibee.com/documentation/connectors-and-triggers/connectors/security/ldap.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.