Pipes
2024.40 Pipes
2024.40 Pipes
  • Introduction
  • Configuration
  • Valves
    • API
      • HTTP Response Format Valve
    • Debug
      • Dump Request
      • Dump Session
      • Dump State
      • Wait
    • EntraID
      • Create User
      • Get User
      • List Users
      • Add User Groups
    • Flow
      • Flow Fail
      • Flow State Add
      • Assert Value
      • Pipe Exec
      • Pipe Call
    • Item
      • Item Create
      • Item Merge
      • Item Remove
      • Items Remove
      • Item Property Add
      • Item Property Split
      • Item Property Rename
      • Item Property Token Replace
      • MV Property To Items
      • JSON To Items
      • MV Property Join
    • Freja
    • BankID
      • BidOperation
      • BidToItems
    • DateTime
      • Instant Generator
      • Instant Transformer
    • HTTP
      • GET
      • PUT
      • POST
      • DELETE
    • JWT
      • CreateJwt
      • ParseJwt
    • JSON
      • JsonObjectCreate
    • LDAP
      • LDAP Search
      • LDAP Group Filter
      • LDAP Bind
      • LDAP Add
      • LDAP Delete
      • LDAP Modify
      • LDAP Move
      • DN Parse
    • JDBC Query
    • Cef event
    • Request
      • RequestParameterExist
      • RequestParameterRename
    • Session
      • Session Put
      • Session Create
      • CopyFromSession
    • ScriptEval
    • Codecs
      • Base64 Encode
      • Base64 Decode
    • Tokens
      • Token Authentication
    • PKI
      • X509 Certificate Extractor
      • Passcode Generator
      • X509 Certificate Validator
    • Delivery
      • Clean Mobile Valve
      • SMS Valve
      • Voice Valve
      • SMTP Valve
    • OTP
      • OTP Generation
      • OTP Validation
    • Misc
      • Basic Auth
Powered by GitBook
On this page
  • Introduction
  • Prerequisites
  • Configuration
  • Search scopes
  • Filter
  • Attributes specification
  1. Valves
  2. LDAP

LDAP Search

Valve for searching LDAP v3 directories

PreviousLDAPNextLDAP Group Filter

Introduction

Prerequisites

Before using this valve the module must be configured and deployed.

Configuration

Valve name: LDAPSearch

Common LDAP valve configuration can be found .

Name
Description
Default value
Mandatory
Expanded

base_dn

Search base DN.

scope

Search scope.

"SUB"

filter

Search filter.

attributes

Specification of attributes to include in search response.

"*"

filter_allow_wildcard

Allow filters with wildcard (*)

false

filter_escape

If special characters in the filter should be escaped.

true

expected_item_count

The valve will fail if this value is set (integer) and the result count differs from this value.

{
  "name" : "LDAPSearch",
  "config" : {
    "destination" : "default",
    "base_dn" : "dc=example,dc=com",
    "scope" : "SUB",
    "attributes" : [ {
      "name" : "uid",
      "multivalue" : false
    }, {
      "name" : "cn",
      "multivalue" : false
    }, {
      "name" : "mail",
      "multivalue" : true
    } ],
    "expected_item_count" : 1
  }
}

Search scopes

The following search scopes are supported:

  • BASE

  • SUB

  • SUBORDINATE_SUBTREE

  • ONE

Filter

{
    "filter": "uid=*"
}

Attributes specification

The attributes specification is used for defining the entry attributes to include in the search response. If not specified; all non-operational attributes will returned.

For single valued attributes, the specification can be a comma separated list ("uid,cn,mail") or an array (["uid","cn","mail"]) of attribute names.

To enable multi value attributes the specification must be an array of attribute spec objects:

{
    "attributes": [
        {
            "name": "uid",
            "multivalue": false
        },
        {
            "name": "cn",
            "multivalue": false
        },
        {
            "name": "mail",
            "multivalue": true
        }
    ]
}

All attributes are treated as single valued unless specifically configured as multi valued. If an attribute configured as single valued has multiple values in the directory; only the first value will be used.

here
LdapClient