Pipes
2025.9 Pipes
2.1.0 Pipes2024.7 Pipes2024.40 Pipes2024.80 Pipes2024.101 Pipes2024.108 Pipes2024.120 Pipes2025.9 Pipes
2025.9 Pipes
2.1.0 Pipes2024.7 Pipes2024.40 Pipes2024.80 Pipes2024.101 Pipes2024.108 Pipes2024.120 Pipes2025.9 Pipes
  • Introduction
  • Configuration
  • Valves
    • API
      • HTTP Response Format Valve
    • Azure
      • Get User
      • Get User Role
      • Is User in Group
    • BankID
      • BidOperation
      • BidToItems
    • Cef event
    • Codecs
      • Base64 Encode
      • Base64 Decode
      • Base64 Converter
    • DateTime
      • Instant Generator
      • Instant Transformer
      • MS Date to Instant Transformer
      • Instant to MS Date Transformer
    • Debug
      • Dump Exports
      • Dump Request
      • Dump Session
      • Dump State
      • Wait
    • Delivery
      • Clean Mobile Valve
      • SMS Valve
      • Voice Valve
      • SMTP Valve
    • EntraID
      • Users
        • Create User
        • Update User
        • Delete User
        • Get User
        • List Users
        • Get Groups
        • List Groups
        • List Direct Reports
        • List Owned Objects
        • Reset Password
      • Groups
        • Create Group
        • Update Group
        • Delete Group
        • List Groups
        • Add Group To Users
        • Remove Group From Users
        • Add User To Groups
        • Remove User From Groups
        • Add Group Owner
        • Remove Group Owner
      • Directory
        • Restore Deleted Item
    • Exports
      • Exports Put
      • Exports Remove
    • Flow
      • Flow Fail
      • Flow State Add
      • Assert Value
      • Pipe Exec
      • Pipe Call
    • Freja
    • HTTP
      • GET
      • PUT
      • POST
      • DELETE
    • Item
      • Item Create
      • Item Merge
      • Item Match Merge
      • Item Remove
      • Items Remove
      • Item Property Add
      • Item Property Copy
      • Item Property Replace
      • Item Property Split
      • Item Property Rename
      • Item Property Hash
      • Item Property Token Replace
      • MV Property To Items
      • JSON To Items
      • MV Property Join
    • JDBC Query
    • JSON
      • JsonObjectCreate
    • JWT
      • CreateJwt
      • ParseJwt
    • LDAP
      • LDAP Search
      • LDAP Group Filter
      • LDAP Bind
      • LDAP Add
      • LDAP Delete
      • LDAP Modify
      • LDAP Move
      • DN Parse
    • Microsoft AD
      • Add Member To Groups
      • Remove Member From Groups
      • Add Group To Members
      • Remove Group From Members
      • GUID to string
    • Misc
      • Basic Auth
    • OTP
      • OTP Generation
      • OTP Validation
    • PKI
      • X509 Certificate Extractor
      • X509 Certificate Validator
      • Passcode Generator
    • PDF
      • Html2Pdf
      • PDFMerge
    • Request
      • RequestParameterExist
      • RequestParameterRename
    • ScriptEval
    • MobilSITHS
    • Session
      • Session Put
      • Session Create
      • CopyFromSession
    • Tokens
      • Token Authentication
    • WorkOrders
      • WorkOrderCreate
Powered by GitBook
On this page
  • Introduction
  • Prerequisites
  • Configuration
  • Search scopes
  • Filter
  • Attributes specification
  1. Valves
  2. LDAP

LDAP Search

Valve for searching LDAP v3 directories

PreviousLDAPNextLDAP Group Filter

Introduction

Prerequisites

Before using this valve the module must be configured and deployed.

Configuration

Valve name: LDAPSearch

Common LDAP valve configuration can be found .

Name
Description
Default value
Mandatory
Expanded

base_dn

Search base DN.

scope

Search scope.

"SUB"

filter

Search filter.

attributes

Specification of attributes to include in search response.

("*" = all attributes)

"*"

filter_allow_wildcard

Allow filters with wildcard (*)

false

filter_escape

If special characters in the filter should be escaped.

true

expected_item_count

The valve will fail if this value is set (integer) and the result count differs from this value.

{
  "name" : "LDAPSearch",
  "config" : {
    "destination" : "default",
    "base_dn" : "dc=example,dc=com",
    "scope" : "SUB",
    "attributes" : [ {
      "name" : "uid",
      "multivalue" : false
    }, {
      "name" : "cn",
      "multivalue" : false
    }, {
      "name" : "mail",
      "multivalue" : true
    } ],
    "expected_item_count" : 1
  }
}

Search scopes

The following search scopes are supported:

  • BASE

  • SUB

  • SUBORDINATE_SUBTREE

  • ONE

Filter

{
    "filter": "uid=*"
}

Attributes specification

The attributes specification is used for defining the entry attributes to include in the search response. If not specified; all non-operational attributes will returned.

For single valued attributes, the specification can be a comma separated list or an array of attribute names:

"uid,cn,mail,userCertificate;binary"

["uid","cn","mail","userCertificate;binary"]

To enable multi value attributes the specification must be an array of attribute spec objects:

{
    "attributes": [
        {
            "name": "uid",
            "multivalue": false
        },
        {
            "name": "cn",
            "multivalue": false
        },
        {
            "name": "mail",
            "multivalue": true
        },
        {
            "name": "jpegPhoto",
            "multivalue": false,
            "binary": true
        }
    ]
}

All attributes are treated as single valued unless specifically configured as multi valued. If an attribute configured as single valued has multiple values in the directory; only the first value will be used.

For correct treatment of binary attributes, they must be tagged as binary either by using the binary attribute option "attribute;binary" or by setting "binary": true in the attribute spec.

Binary attributes are encoded in base 64. To use them in another representation they must explicitly be converted.

here
LdapClient