LDAP data source

The LDAP bridge connection details section allows you to enter the settings for the LDAP directory to which you want to connect.

The fields in this section are similar to those on the Details screen of an LDAP bridge asset. Read the Details screen information in the LDAP bridge documentation

The use of an LDAP bridge asset section allows you to select an existing LDAP directory connection within your system (through an LDAP bridge asset) rather than configuring the connection within the LDAP data source.

In the LDAP bridge asset field, select an LDAP bridge asset to connect to the external LDAP directory.

The LDAP search filter section allows you to enter the LDAP query to filter the results returned from the LDAP database.

Enter the search filter into the search filter query field and select Save.

Shadow assets will be displayed under the LDAP data source in the asset tree.

Read the Shadow assets documentation for more information on shadow assets.

You can specify how these assets are sorted by entering a value in the sort by field. For example, entering uidnumber would sort any returned LDAP users by their user ID numbers.

The attributes to extract field allows you to specify the attribute information to extract from the connected LDAP directory. These attributes are specified as a comma-separated list, for example:

If no attributes are specified in this field, all attributes will be returned on the LDAP data source.

Similarly, the binary attributes to extract field defines the attribute information to extract from the connected LDAP directory that should be recognized as binary data. These attributes are specified as a comma-separated list in the same manner as the attributes to extract field.

Matrix will identify extracted data from the attributes specified in this field as binary. This information can then be reused within the system through the use of keyword replacements. Read the Available keywords section below for more information.

The record set asset names section allows you to specify the shadow assets that appear under the LDAP data source in the asset tree.

In the record set asset names field, enter the name used for record sets exposed by the LDAP data source. This name can either be a standard string or a combination of strings and keyword replacements. For example, you can enter %data_source_record_set_givenname% to display the given name of the LDAP user/group as the name of your shadow assets.

This section provides a list of available keyword replacements for the shadow assets exposed by the LDAP data source. You can use any combination of these keyword replacements as the name of the shadow assets, as configured in the Record set asset names field. These keyword replacements can also be used to print LDAP information on your site, for example, on an asset listing page.

This section allows you to add variable names for the parameters that you want to add.

Enter the variable name into the name field, enter the default value into the default value field and select Save. The variable will be added to the list.

Once you have added a variable, you can set it up within the data mappings section.

To delete a variable:

To use the variable within the LDAP search filter query string, add double-percentage signs around the variable name. For example, if the variable’s name is variable, add %%variable%% within the search filter query field on the search filter screen.

This section allows you to set up the dynamic variables that have been added in the section above.

Select which variable to edit from the parameter list and select a source from the source list. Read the Asset listing documentation for more information about the options in the list.