LDAP (Input Agent Cron)

Introduction: Phase 1.

The Lightweight Directory Access Protocol (LDAP) is a network protocol for querying and modifying information on distributed directory services over an IP network. See also section LDAP (Add-on).

images/download/attachments/36575638/LDAP_EN-version-2-modificationdate-1561518103000-api-v2.png

(1) Selection of a defined LDAP alias. See also section LDAP (Resources).

(2) A fitting source structure can be generated automatically and the LDAP query can be tested.

(3) The Base DN defines where the downwards search for specific objects should start in the directory tree (DN = distinguished name).

(4) The scope of the search: Object (exactly this object), One layer (the layer below the Base DN) or Tree (this object and everything below).

(5) The search filter (in LDAP syntax).

(6) The attributes to be returned can be specified explicitly. If left blank, all attributes are returned.

(7) Here you can limit the maximum number of results to be returned. Value 0 means no restriction. Important note: Please note that the maximum number of results (the number of found objects) is often limited on the server itself, i.e if you specify a larger value in (7), it does not apply. This can be handled with the so-called paging. To use paging, you have to set the option <Set name="pageSize">500</Set> in configuration file ./etc/ldap.xml for each desired alias (the value 500 is just an example). Searches are then handled similarly to a database cursor. If, for example, 1200 results are found, pages with 500, 500 and 200 objects are reported. The LdapService will retrieve pages until there are none left. As a result, more results than the maximum number specified on the server can be picked up.