LDAP Use Case

Document created by sheng_liao462475 Employee on Oct 18, 2016Last modified by chris_stevens on Oct 25, 2016
Version 2Show Document
  • View in full screen mode

Use Case 

Build a simple process to query LDAP users.


Approach 1 - Query ALL Users

Create LDAP Connection.

Server Name: The LDAP/Active Directory (AD) server name.

Port Number: The LDAP/AD server port, such as 389 or 636 (SSL).

If the port number is invalid or it's not open, you will get "socket closed" error message when you run the process.

Use SSL: (Optional) Turn on this check box if the server requires SSL connection. You cannot set a user password in AD without an SSL connection.

Also, if you use SSL, please make sure to have SSL certificate added to java keystore.

Certificate error : SSLHandshakeException ... ValidatorException: PKIX path building failed: ... unable to find valid certification path to requested target 

User Name: The user Distinguished Name (DN) that the connector uses to access the LDAP/AD.

Password: The user's password.

LDAP Properties file: (Optional) Specify the LDAP properties file (e.g., LDAPMethods.properties) if you want the connector to generate the schema based on the attributes that you have specified. See the sample Active Directory and OpenLDAP properties files for more information. If no file is specified, the connector loads the default properties file inside the connector.

Create Query Users Operation by using QUERY action. You will first need to import [Query a User] object. The atom you select in import wizard will have to be the the atom that is installed on the same AD server.



For QUERY operation, [base Object to search from] field is mandatory. You can set it on Operation page as a connection property or pass it into the query using the searchBase parameter of the Query profile (dynamic).




Approach 2 - Query A User

We can use the LDAP connection from Approach 1. 

We will need to create an operation by using GET action. On the import wizard, select [Get user details] from the Object Type list.


For GET action, you will need to supply an ID.

4 people found this helpful