Load LDAP
With 'apoc.load.ldap' you can execute queries on any LDAP v3 enabled directory, the results are turned into a streams of entries. The entries can then be used to update or create graph structures.
Note this utility requires to have the jldap library to be placed the plugin directory.
Qualified Name | Type | Release |
---|---|---|
|
|
Parameters
Parameter | Property | Description |
---|---|---|
{connectionMap} |
ldapHost |
|
loginDN |
|
|
loginPW |
|
|
{searchMap} |
searchBase |
|
searchScope |
|
|
searchFilter |
|
|
attributes |
|
Load LDAP Example
call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"},
{searchBase : "dc=example,dc=com",searchScope : "SCOPE_SUB"
,attributes : ["uniqueMember","cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*)(uniqueMember=*))"}) yield entry
return entry.dn, entry.uniqueMember
entry.dn | entry.uniqueMember |
---|---|
"ou=mathematicians,dc=example,dc=com" |
|
|
|
|
|
"ou=italians,ou=scientists,dc=example,dc=com" |
|
|
|
|
call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"},
{searchBase : "dc=example,dc=com",searchScope : "SCOPE_SUB"
,attributes : ["uniqueMember","cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*)(uniqueMember=*))"}) yield entry
merge (g:Group {dn : entry.dn})
on create set g.cn = entry.cn
foreach (member in entry.uniqueMember |
merge (p:Person { dn : member })
merge (p)-[:IS_MEMBER]->(g)
)
Credentials
To protect credentials, you can configure aliases in conf/apoc.conf
:
apoc.loadldap.myldap.config=<host>:<port> <loginDN> <loginPW>
apoc.loadldap.myldap.config=ldap.forumsys.com:389 cn=read-only-admin,dc=example,dc=com password
Then
call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"}
, {searchBase : "dc=example,dc=com"
,searchScope : "SCOPE_SUB"
,attributes : ["cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*))"
}) yield entry
return entry.dn, entry
becomes
call apoc.load.ldap("myldap"
,{searchBase : "dc=example,dc=com"
,searchScope : "SCOPE_SUB"
,attributes : ["cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*))"
}) yield entry
return entry.dn, entry