LDAP Connector
Properties Configuration Settings
The LDAP Component enables your MuleSoft to perform operations against any LDAP directory server.
Remarks
The LDAP Connector can be used to perform a variety of operations on any LDAP directory server.
LDAP Send Connector
The Send Connector will make a request to an LDAP server then listen for the response. The result is returned in the message payload and attributes.
Some operations require a message that adheres to a schema while others to not place any restrictions on the message content and rely solely on the connector property values.
The operation performed by the adapter is controlled by the Operation property. To begin, specify the connection information in Server, and Port. SSL may be enabled via the SSLStartMode property.
To perform an authenticated bind, set BindDN to your username and Password.
All operations will populate the ResultCode, ResultDescription, and ResultSuccess attributes. These should be checked to determine the result of the operation that was requested.
Below is an overview of the available operations.
Add
Adds an entry specified by DN to the directory server using the type and value attributes defined in the message. The message must adhere to the schema defined in "LDAPAdd.xsd" that is located in the "schemas" folder of the installation. Note that instead of including the Value attribute in the message, Base64 encoded data may be included in the LDAPAttribute element text. To add attributes to an existing entry use the Modify operation instead.
To get started, set the message payload to an XML-formatted LDAPAdd message before it arrives at the LDAP Send Connector. For example, add a Set Payload Transformer and set the value to the following message:
<LDAPAdd><LDAPAttribute Type="objectClass" Value="top" /><LDAPAttribute Value="person"/><LDAPAttribute Value="organizationalPerson" /></LDAPAdd>
Then add a LDAP Send Connector behind the Set Payload Transformer and configure the connection settings. Set the Operation to Add and that's it. The results are available in the ResultCode, ResultDescription, and ResultSuccess attributes.
Authenticate
Binds with the user specified by BindDN. This is only used to validate the user can bind successfully to the LDAP server. No other action is performed.
Add the LDAP Send Connector to your flow and configure the connection settings. This operation does not require a message which adheres to a schema. Simply configure the connection settings and set the Operation to Authenticate. The results are available in the ResultCode, ResultDescription, and ResultSuccess attributes.
ChangePassword
Changes the password for the user specified by DN with the value specified in NewPassword.
Add the LDAP Send Connector to your flow and configure the connection settings. This operation does not require a message which adheres to a schema. Simply configure the connection settings and set the Operation to ChangePassword. The results are available in the ResultCode, ResultDescription, and ResultSuccess attributes.
Delete
Deletes the entry specified by DN.
Add the LDAP Send Connector to your flow and configure the connection settings. This operation does not require a message which adheres to a schema. Simply configure the connection settings and set the Operation to Delete. The results are available in the ResultCode, ResultDescription, and ResultSuccess attributes.
Modify
Modifies an existing entry specified by DN. The message must adhere to the schema defined in "LDAPModify.xsd" that is located in the "schemas" folder of the installation. Note that instead of including the Value attribute in the message, Base64 encoded data may be included in the LDAPAttribute element text.
To get started, set the message payload to an XML-formatted LDAPModify message before it arrives at the LDAP Send Connector. For example, add a Set Payload Transformer and set the value to the following message:
<LDAPModify><LDAPAttribute Type="telephoneNumber" Value="phoneNumber1" ModifyOperation="add"/></LDAPModify>
Then add a LDAP Send Connector behind the Set Payload Transformer and configure the connection settings. Set the Operation to Modify and that's it. The results are available in the ResultCode, ResultDescription, and ResultSuccess attributes.
Search
Performs a search using the criteria specified in the message. The message must adhere to the schema defined in "LDAPSearch.xsd" that is located in the "schemas" folder of the installation. The response message will adhere to the schema defined in "LDAPSearchResult" and provide the search results.
To get started, set the message payload to an XML-formatted LDAPSearch message before it arrives at the LDAP Send Connector. For example, add a Set Payload Transformer and set the value to the following message:
<LDAPSearch SearchFilter="sAMAccountName=bob"></LDAPSearch>
Then add a LDAP Send Connector behind the Set Payload Transformer and configure the connection settings. Set the Operation to Search and that's it. The results are available in the ResultCode, ResultDescription, and ResultSuccess attributes.
Sender Property List
The following is the full list of the properties of the sender connector with short descriptions. Click on the links for further details.
BindDN | The Distinguished Name used as the base for the LDAP bind. |
DN | The Distinguished Name used as the base for LDAP operations. |
LogFile | The file to write logging information to at runtime. |
LogMode | What information gets logged during component execution. |
LogType | How information gets logged during component execution. |
NewPassword | The value of the new password. |
Operation | Specifies the operation the component will perform. |
Other | Defines a set of configuration settings to be used by the component. |
PageSize | The maximum number of results per page. |
Password | The password used to authenticate to the LDAP server. |
Port | The server port for the LDAP connection (default is 636). |
ResultCode | The result code returned in the last server response. |
ResultDescription | The descriptive text returned in the last server response (if any). |
ResultSuccess | Whether or not the operations completed successfully. |
RuntimeLicense | Specifies the component runtime license key. |
Server | The name or address of the LDAP server. |
SSLAcceptServerCert | Instructs the component to unconditionally accept the server certificate that matches the supplied certificate. |
SSLCert | The certificate to use for client authentication during the SSL handshake. |
SSLStartMode | Determines how the component starts the SSL negotiation. |
Timeout | A timeout for the component. |
Version | The version of LDAP used. |
Configuration Settings
The following is a list of configuration settings for the connector with short descriptions. Click on the links for further details.
BinaryAttributes | A comma separated list of attributes that are expected to be in binary form. |
RepeatAttributeTypes | Whether to include the type name in the LDAPAttribute for repeated types returned from a search. |
ReuseSSLSession | Determines if the SSL session is reused. |
SSLCipherStrength | The minimum cipher strength used for bulk encryption. |
SSLEnabledCipherSuites | The cipher suite to be used in an SSL negotiation. |
SSLEnabledProtocols | Used to enable/disable the supported security protocols. |
SSLIncludeCertChain | Whether the entire certificate chain is included in the SSLServerAuthentication event. |
SSLSecurityFlags | Flags that control certificate verification. |
TLS12SignatureAlgorithms | Defines the allowed TLS 1.2 signature algorithms when UseInternalSecurityAPI is True. |
TLS12SupportedGroups | The supported groups for ECC. |
TLS13KeyShareGroups | The groups for which to pregenerate key shares. |
TLS13SignatureAlgorithms | The allowed certificate signature algorithms. |
TLS13SupportedGroups | The supported groups for (EC)DHE key exchange. |
AbsoluteTimeout | Determines whether timeouts are inactivity timeouts or absolute timeouts. |
LocalHost | The name of the local host or user-assigned IP interface through which connections are initiated or accepted. |
TcpNoDelay | Whether or not to delay when sending packets. |
UseInternalSecurityAPI | Tells the component whether or not to use the system security libraries or an internal implementation. |