Load LDAP
With 'apoc.load.ldap' you can execute queries on any LDAP v3 enabled directory, the results are turned into a streams of entries. The entries can then be used to update or create graph structures.
| Qualified Name | Type | Release |
|---|---|---|
|
|
|
|
Parameters
| Parameter | Property | Description |
|---|---|---|
{connectionMap} |
ldapHost |
|
loginDN |
|
|
loginPW |
|
|
ssl |
|
|
{searchMap} |
searchBase |
|
searchScope |
|
|
searchFilter |
|
|
attributes |
|
Load LDAP Example
call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"},
{searchBase : "dc=example,dc=com",searchScope : "SCOPE_SUB"
,attributes : ["uniqueMember","cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*)(uniqueMember=*))"}) yield entry
return entry.dn, entry.uniqueMember| entry.dn | entry.uniqueMember |
|---|---|
"ou=mathematicians,dc=example,dc=com" |
|
|
|
|
|
"ou=italians,ou=scientists,dc=example,dc=com" |
|
|
|
|
call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"},
{searchBase : "dc=example,dc=com",searchScope : "SCOPE_SUB"
,attributes : ["uniqueMember","cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*)(uniqueMember=*))"}) yield entry
merge (g:Group {dn : entry.dn})
on create set g.cn = entry.cn
foreach (member in entry.uniqueMember |
merge (p:Person { dn : member })
merge (p)-[:IS_MEMBER]->(g)
)Credentials
To protect credentials, you can configure aliases in conf/apoc.conf:
apoc.loadldap.myldap.config=<host>:<port> <loginDN> <loginPW>
apoc.loadldap.myldap.config=ldap.forumsys.com:389 cn=read-only-admin,dc=example,dc=com password
Then
call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"}
, {searchBase : "dc=example,dc=com"
,searchScope : "SCOPE_SUB"
,attributes : ["cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*))"
}) yield entry
return entry.dn, entrybecomes
call apoc.load.ldap("myldap"
,{searchBase : "dc=example,dc=com"
,searchScope : "SCOPE_SUB"
,attributes : ["cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*))"
}) yield entry
return entry.dn, entry