With LDAP Connector you can perform all active-directory operations on Active-Directory server.
With this document, we will be able to use and work with the LDAP Connector.

Design Aspects

Perform all standard operations related to active directory . Some of them are listed below:

  • Create new user account in AD
  • Details of AD user
  • List AD users
  • Disable AD user
  • Enable AD user
  • Delete AD user
  • Unlock AD user
  • Add user to group in AD
  • Remove user from group in AD
  • list all disabled user in AD
  • Move one user account from one OU to another OU

Connector Configuration


Configuration parameters

ParameterDescriptionRequired
domainDomain name of the active directorytrue: config/request
hostActive directory server nametrue: config/request
nameName of the connectortrue: config/request
usernameUsername of the active directory user who have admin roletrue: config/request
passwordpassword of the user to connect with servertrue: config/request

Example

{
  "domain": "example.com",
  "host": "192.168.2.198",
  "name": "ldap",
  "password": "Example@123",
  "username": "test"
}


Actions

create-user-account

 create new user account in active directory with given details.

Request parameters

 

ParameterDescriptionRequired
connector_nameName of the LDAP connector to be configuredtrue
distinguished-namesdistinguished-names is where you want create the new usertrue
actionContains the name of the operation: create-user-accounttrue
first-nameFirst name of the usertrue
last-nameLast name of the usertrue
user-login-nameUsser login name for the new user which you want to createtrue
passwordpassword for the new user(it should contain one capital letter,one special symbol,and one number)true
Response parameters
ParameterDescription
exit-code and messagereturn exit code 0 and success if user account created successfully, otherwise return other than 0 and failed
Example
 
response = @call.connector("ldap")
                .set('action',"create-user-account")
	            .set('first-name',"example")
		        .set('last-name',"test")
				.set('user-login-name',"emp001")
		        .set('account-password',"Example@123")
		        .set('distinguished-names',"DC=test,DC=com")
                .sync

     @log.info("response:#{response}") # printing full response
     response_exitcode = response.exitcode # Exit status code
     response_message =  response.message   # exit response message
     @log.info("response:#{response_exitcode}") # printing response exit-code
     @log.info("response:#{ response_message}") # printing response message

 

list-users

 List user's present in the given distinguished name.

Request parameters 
ParameterDescriptionRequired
connector_nameName of the LDAP connector to be configuredtrue
actionContains the name of the operation: list-userstrue
distinguished-nameDistinguished-Names is from which you want fetch users listtrue
Response parameters
ParameterDescription
users-listset of users with the details.
Example
 
response = @call.connector("ldap")
                .set('action',"list-users")
		        .set('distinguished-names',@dn)
                .sync

     @log.info("response:#{response}") # printing full response
     response_exitcode = response.exitcode # exit status code
     response_message =  response.message  # exit response message
     @log.info("response:#{response_exitcode}") # printing response exit-code
     @log.info("response:#{ response_message}") # printing response message

 

 

user-details

 Fetch the details of the user using the given distinguished name.


Request parameters 
ParameterDescriptionRequired
connector_nameName of the LDAP connector to be configuredtrue
actionContains the name of the operation: user-detailstrue
username-to-fetch-detailsname of the user for which you want get detailstrue
distinguished-nameDistinguished-Names from which you want to get user detailstrue
Response parameters
ParameterDescription
user-detailsDetails of the user.
Example
 
 response = @call.connector("ldap")
                 .set('action',"user-details")
		         .set('username-to-fetch-details',"example")
		         .set('distinguished-names',"cn=users,DC=example,DC=com")
                 .sync
     @log.info("response:#{response}") # printing full response
     response_exitcode = response.exitcode # exit status code
     response_message =  response.message  # exit response message
     @log.info("response:#{response_exitcode}") # printing response exit-code
     @log.info("response:#{ response_message}") # printing response message

 

enable-user-account

 Enable user account which is disabled by the administrator.

Request parameters

 

ParameterDescriptionRequired
connector_nameName of the LDAP connector to be configuredtrue
actionContains the name of the operation: enable-user-accounttrue
distinguished-nameDistinguished-Names contain the username which you want to enable with domain nametrue
Response parameters
ParameterDescription
status code and messagereturn exit code 0 and success if user account enabled successfully, otherwise return other than 0 and failed
Example
 
  response = @call.connector("ldap")
                  .set('action',"enable-user-account")
	              .set('distinguished-names',"CN=john smith,ou=testou,DC=example,DC=com")
                  .sync

     @log.info("response:#{response}") # printing full response
     response_exitcode = response.exitcode # exit status code
     response_message =  response.message  # exit response message
     @log.info("response:#{response_exitcode}") # printing response exit-code
     @log.info("response:#{ response_message}") # printing response message


disable-user-account

 disable user account in active directory.

Request parameters

 

ParameterDescriptionRequired
connector_nameName of the LDAP connector to be configuredtrue
actionContains the name of the operation: disable-user-accounttrue
distinguished-nameDistinguished-Names contain the username which you want to disable and with the domain nametrue
Response parameters
ParameterDescription
status code and messagereturn exit code 0 and success if user account disabled successfully, otherwise return other than 0 and failed
Example
 
  response = @call.connector("ldap")
                  .set('action',"disable-user-account")
	              .set('distinguished-names',"CN=john smith,ou=testou,DC=example,DC=com")
                  .sync

     @log.info("response:#{response}") # printing full response
     response_exitcode = response.exitcode # exit status code
     response_message =  response.message  # exit response message
     @log.info("response:#{response_exitcode}") # printing response exit-code
     @log.info("response:#{ response_message}") # printing response message
 

unlock-user-account

 unlock user account which is locked because of security issues.

Request parameters

 

ParameterDescriptionRequired
connector_nameName of the LDAP connector to be configuredtrue
actionContains the name of the operation: unlock-user-accounttrue
distinguished-nameDistinguished-Names contain the username which you want to unlock with domain nametrue
Response parameters
ParameterDescription
status code and messagereturn exit code 0 and success if user account unlocked successfully, otherwise return other than 0 and failed
Example
 
  response = @call.connector("ldap")
                  .set('action',"unlock-user-account")
	              .set('distinguished-names',"CN=john smith,ou=testou,DC=example,DC=com")
                  .sync

     @log.info("response:#{response}") # printing full response
     response_exitcode = response.exitcode # exit status code
     response_message =  response.message  # exit response message
     @log.info("response:#{response_exitcode}") # printing response exit-code
     @log.info("response:#{ response_message}") # printing response message
delete-user-account

delete-user-account

 unlock user account which is locked because of security issues.

Request parameters

 

ParameterDescriptionRequired
connector_nameName of the LDAP connector to be configuredtrue
actionContains the name of the operation: delete-user-accounttrue
distinguished-nameDistinguished-Names contain the username which you want to delete with domain nametrue
Response parameters
ParameterDescription
status code and messagereturn exit code 0 and success if user account deleted successfully, otherwise return other than 0 and failed
Example
 
  response = @call.connector("ldap")
                  .set('action',"delete-user-account")
	              .set('distinguished-names',"CN=john smith,ou=testou,DC=example,DC=com")
                  .sync

     @log.info("response:#{response}") # printing full response
     response_exitcode = response.exitcode # exit status code
     response_message =  response.message  # exit response message
     @log.info("response:#{response_exitcode}") # printing response exit-code
     @log.info("response:#{ response_message}") # printing response message
 

add-user-to-group

Add user to group specified in the group distinguished name.

Request parameters
ParameterDescriptionRequired
connector_nameName of the LDAP connector to be configuredtrue
actionContains the name of the operation: add-user-to-grouptrue
distinguished-namesThis contain the user distinguished name with domain nametrue
group-distinguished-namesThis contain the group distinguished name with domain nametrue
Response parameters
ParameterDescription
status code and messagereturn exit code 0 and success if user added to the group successfully, otherwise return other than 0 and failed
Example
 
    response = @call.connector("ldap")
                    .set('action',"add-user-to-group")
	                .set('distinguished-names',"CN=john smith,ou=testou,DC=example,DC=com")
		            .set('group-distinguished-names',"cn=Domain Admins,CN=Users,DC=example,DC=com")
                    .sync

     @log.info("response:#{response}") # Printing full response
     response_exitcode = response.exitcode # exit status code
     response_message =  response.message  # exit response message
     @log.info("response:#{response_exitcode}") # printing response exit-code
     @log.info("response:#{ response_message}") # printing response message
  
 

remove-user-from-group

remove user from group specified in the group distinguished name.

Request parameters
ParameterDescriptionRequired
connector_nameName of the LDAP connector to be configuredtrue
actionContains the name of the operation: remove-user-from-grouptrue
distinguished-namesThis contain the user distinguished name with domain nametrue
group-distinguished-namesThis contain the group distinguished name with domain nametrue
Response parameters
ParameterDescription
status code and messagereturn exit code 0 and success if user removed from group successfully, otherwise return other than 0 and failed
Example
 
    response = @call.connector("ldap")
                    .set('action',"remove-user-from-group")
	                .set('distinguished-names',"CN=john smith,ou=testou,DC=example,DC=com")
		            .set('group-distinguished-names',"cn=Domain Admins,CN=Users,DC=example,DC=com")
                    .sync

     @log.info("response:#{response}") # printing full response
     response_exitcode = response.exitcode # exit status code
     response_message =  response.message  # exit response message
     @log.info("response:#{response_exitcode}") # printing response exit-code
     @log.info("response:#{ response_message}") # printing response message
  
 

 

reset-password

Change the  password of user account specified in the  distinguished names.

Request parameters
ParameterDescriptionRequired
connector_nameName of the ldap connector to be configured.true
actionContains the name of the operation: reset-passwordtrue
distinguished-namesThis contain the user distinguished names with domain nametrue
new-passwordNew password for given user accounttrue
Response parameters
ParameterDescription
status code and messagereturn exit code 0 and success if user account password changed successfully, otherwise return other than 0 and failed
Example
 
    response = @call.connector("ldap")
                    .set('action',"reset-password")
	                .set('distinguished-names',"CN=john smith,ou=testou,DC=example,DC=com")
		            .set('new-password',"Example@123")
                    .sync

     @log.info("response:#{response}") # printing full response
     response_exitcode = response.exitcode # exit status code
     response_message =  response.message  # exit response message
     @log.info("response:#{response_exitcode}") # printing full response
     @log.info("response:#{ response_message}") # printing full response
  
 

 

list-disabled-users

List all disabled users in active directory.

Request parameters

 

ParameterDescriptionRequired
connector_nameName of the LDAP connector to be configuredtrue
actionContains the name of the operation: list-disabled-userstrue
distinguished-nameDistinguished-Names contain the domain name of active directorytrue
Response parameters
ParameterDescription
disabled-users-listThis list contain the disabled users of active directory.
Example
 
  response = @call.connector("ldap")
                  .set('action',"list-disabled-users")
	              .set('distinguished-names',"DC=example,DC=com")
                  .sync

     @log.info("response:#{response}") # printing full response
     response_exitcode = response.exitcode # exit status code
     response_message =  response.message  # exit response message
     @log.info("response:#{response_exitcode}") # printing response exit-code
     @log.info("response:#{ response_message}") # printing response message

 

move-user

move user account from one OU to another OU.

Request parameters
ParameterDescriptionRequired
connector_nameName of the LDAP connector to be configuredtrue
actionContains the name of the operation: move-usertrue
user-current-distinguished-namesThis contain the users current distinguished name with domain nametrue
user-new-distinguished-namesThis contain the users new distinguished name with domain name in which user want to movetrue
Response parameters
ParameterDescription
status code and messagereturn exit code 0 and success if user moved to specified OU successfully, otherwise return other than 0 and failed
Example
 
    response = @call.connector("ldap")
                    .set('action',"move-user")
	                .set('user-current-distinguished-names',"cn=john smith,CN=Users,DC=example,DC=com")
		            .set('user-new-distinguished-names',"CN=john smith,ou=testou,DC=example,DC=com")
                    .sync

     @log.info("response:#{response}") # Printing full response
     response_exitcode = response.exitcode # exit status code
     response_message =  response.message  # exit response message
     @log.info("response:#{response_exitcode}") # printing response exit-code
     @log.info("response:#{ response_message}") # printing response message
  
 

 

 

 

 

On this page: