The LDAP Adapter is an adapter that is installed into Kinetic Bridgehub that allows data from LDAP to be pulled back using bridging.
Note: Check to ensure that this adapter isn't already installed into your bridgehub as part of the base installation before undertaking the installation tasks.
- Download the kinetic-bridges-adapter-ldap.jar file and it's dependencies here
- Put all of the downloaded files into the WEB-INF/lib folder for you kinetic-bridgehub installation
- Restart the tomcat that your kinetic-bridgehub installation is located in
|Server||Location of the server|
|Port||Port number of the server|
|Use SSL||'Yes' to use SSL; 'No' to not|
|Anonymous Authentication||'Yes' to use anonymous authentication; 'No' to not|
|Security Principal||Security principal to search with|
|Security Credentials||Security credentials|
|Search Base||Search base to search against|
|Page Size||Amount of records to pull pack at one time|
|Maximum Pages||Maximum number of pages to retrieve|
Structures, Fields, and Queries
- The structures for the LDAP Bridge are equivalent to LDAP Object Classes.
- The fields for the LDAP Bridge are equivalent to LDAP Entity Attributes.
LDAP query qualifications are referred to as "filters." You can construct filters based on some fairly simple syntax rules.
|Equals||=||Creates a filter that requires a specific value.|
|Any||*||A wildcard that means the value can be anything except null.|
|Parentheses||()||Logically separates discrete parts of the filter.|
|And||&||Joins two filters. Each part of the joined filter must be true.|
|Or|||||Joins two filters. At least one part of the filter must be true.|
|Not||!||Excludes any object that matches the filter|
The examples below show some of the most common LDAP queries.
All objects (this unrestricted filter could cause load problems):
All user objects that are designated as a “person”
Mailing Lists only
Public Folders only
All users who are members of the group identified by the DN of “CN=GRoup,OU=Users,DC=Domain,DC=com”:
Active Directory LDAP: All users
Active Directory LDAP: All email users (alternate)
Active Directory LDAP: All active users
OpenLDAP: All users
Lotus Domino LDAP: All users
Lotus Domino LDAP: All objects with a mail address defined that are designated as a “person “or “group”:
All user objects except for ones with primary email addresses that begin with “test”
All user objects except for ones with primary email addresses that end with “test”
All user objects except for ones with primary email addresses that contain the word “test”
All user objects (users and aliases) that are designated as a “person” and all group objects (distribution lists)
All user objects that are designated as a “person”, all group objects and all contacts, except those with any value defined for extensionAttribute9:
Adding Values to the Search Base using the Query
In LDAP Bridge version 1.1.0, the ability to append values to the search base was added. Because of this, slightly new syntax was added onto the old query syntax. Query syntax now follows the form of <search base addition>(<filter>). The search base addition is not necessary to have a valid query, so all of the previous query examples work. But, if you want to use a search base query to speed up your searches, you can prepend a specific UID to the search base by doing UID=2001(ObjectClass=*).
- UID=20001(ObjectClass=*) -- Adds UID=20001 to the beginning of the Search Base
- UID=2076,CN=Users(ObjectClass=*) -- Adds UID=2076,CN=Users to the beginning of the Search Base
- (UID=1) -- A regular filter, keeps the Search Base the same
- UID=204 -- Adds UID=204 to the Search Base and performs an empty query
A Tutorial for bridging with LDAP is available here.
- Added default configuration values
- Changed Security Credentials to a sensitive property
- Initial Version