search

LDAP Search

Valve for searching LDAP v3 directories

hashtag
Introduction

hashtag
Prerequisites

Before using this valve the LdapClientarrow-up-right module must be configured and deployed.

hashtag
Configuration

circle-info

Valve name: LDAPSearch

Common LDAP valve configuration can be found here.

Name
Description
Default value
Mandatory
Expanded

base_dn

Search base DN.

scope

Search scope.

"SUB"

filter

Search filter.

attributes

Specification of attributes to include in search response.

("*" = all attributes)

"*"

filter_allow_wildcard

Allow filters with wildcard (*)

false

filter_escape

If special characters in the filter should be escaped.

true

expected_item_count

The valve will fail if this value is set (integer) and the result count differs from this value.

merge_with_current_item

Merge the search result to current item.

false

hashtag
Search scopes

The following search scopes are supported:

  • BASE

  • SUB

  • SUBORDINATE_SUBTREE

  • ONE

hashtag
Filter

hashtag
Attributes specification

The attributes specification is used for defining the entry attributes to include in the search response. If not specified; all non-operational attributes will returned.

The specification can be a comma separated list or an array of attribute names:

"uid,cn,mail,userCertificate;binary"

["uid","cn","mail","userCertificate;binary"]

To enable control of multi value and single value attributes the specification must be an array of attribute spec objects:

circle-info

All attributes are treated as single values (string) if the result is only 1 value, unless the attribute is configured as multi value (array) specifically.

For correct treatment of binary attributes, they must be tagged as binary either by using the binary attribute option "attribute;binary" or by setting "binary": true in the attribute spec.

circle-info

Binary attributes are encoded in base 64. To use them in another representation they must explicitly be converted.

PreviousLDAPNextLDAP Group Filter