OXN-node-set ldap-query(string url, string rdn, string rdnPassword, string base_dn, string search, string attributes)
The ldap-query() function connects to an LDAP server with the given url, rdn and rdnPassword.
It then performs a query by the given search.
An OXN JSON array is returned with objects containing dn and additional attributes given by attributes of all the entities that were found.
If no entities match the query, an empty node-set is returned.
urlThe ldap URL (string)rdnThe (relative) distinguished name of the connecting user (string)rdnPasswordThe password of the connecting user (string)base_dnThe base distinguished name for the directory, used for the search (string)searchThe filter for searching entities (string)attributesA comma-separated list of attributes to return (string)
In the following example, FLAT connects to the LDAP server with the DN given in the rdn and rdnPassword POST parameters.
The given filter is used to search for an entry of a person which is a member of a group Users and sAMAccountName containing doe.
In addition to the (default) dn, the sAMAccountName, displayName and mail from the found entries are included in the results.
<flow>
<eval out="$search">concat("(&(objectClass=person)(memberOf=CN=Users,ou=People,dc=example,dc=com)(sAMAccountName=*doe*))")</eval>
<eval out="$attributes">"sAMAccountName,displayName,mail"</eval>
<eval out="$ldap_url">"ldap://ad.example.com"</eval>
<eval out="$ldap">ldap-lookup($ldap_url, $request/post/rdn, $request/post/rdnPassword, "dc=example,dc=com", $search, $attributes)</eval>
<error if="not($ldap)">
{
"status": 403,
"message": "ldap-lookup() failed"
}
</error>
</flow>The result is
[
{
"dn": "cn=John Doe,ou=People,dc=example,dc=com",
"sAMAccountName": "john.doe",
"displayName": "John Doe",
"mail": "[email protected]"
},
{
"dn": "cn=Joseph Adoell,ou=People,dc=example,dc=com",
"sAMAccountName": "joseph.adoell",
"displayName": "Joseph Adoell",
"mail": "[email protected]"
}
]