Load LDAP
With 'apoc.load.ldap' you can execute queries on any LDAP v3 enabled directory, the results are turned into a streams of entries. The entries can then be used to update or create graph structures.
Note this utility requires to have the jldap library to be placed the plugin directory.
Parameters
| Parameter | Property | Description |
|---|---|---|
{connectionMap} |
ldapHost |
|
loginDN |
|
|
loginPW |
|
|
{searchMap} |
searchBase |
|
searchScope |
|
|
searchFilter |
|
|
attributes |
|
Load LDAP Example
call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"},
{searchBase : "dc=example,dc=com",searchScope : "SCOPE_SUB"
,attributes : ["uniqueMember","cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*)(uniqueMember=*))"}) yield entry
return entry.dn, entry.uniqueMember| entry.dn | entry.uniqueMember |
|---|---|
"ou=mathematicians,dc=example,dc=com" |
|
|
|
|
|
"ou=italians,ou=scientists,dc=example,dc=com" |
|
|
|
|
call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"},
{searchBase : "dc=example,dc=com",searchScope : "SCOPE_SUB"
,attributes : ["uniqueMember","cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*)(uniqueMember=*))"}) yield entry
merge (g:Group {dn : entry.dn})
on create set g.cn = entry.cn
foreach (member in entry.uniqueMember |
merge (p:Person { dn : member })
merge (p)-[:IS_MEMBER]->(g)
)Credentials
To protect credentials, you can configure aliases in conf/apoc.conf:
apoc.loadldap.myldap.config=<host>:<port> <loginDN> <loginPW>
apoc.loadldap.myldap.config=ldap.forumsys.com:389 cn=read-only-admin,dc=example,dc=com password
Then
call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"}
, {searchBase : "dc=example,dc=com"
,searchScope : "SCOPE_SUB"
,attributes : ["cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*))"
}) yield entry
return entry.dn, entrybecomes
call apoc.load.ldap("myldap"
,{searchBase : "dc=example,dc=com"
,searchScope : "SCOPE_SUB"
,attributes : ["cn","uid","objectClass"]
,searchFilter: "(&(objectClass=*))"
}) yield entry
return entry.dn, entry