Active Directory Component
Connect to an Active Directory server.
Component key: ldap
Description
LDAP (Lightweight Directory Access Protocol) is a protocol for accessing and managing directory information. This component provides tools for operations such as authentication, querying, and managing directory entries.
Library Reference
The component was built using the ldapts library.
Connections
LDAP
key: ldapConnectionPrerequisites
- An LDAP server instance (e.g., Active Directory, OpenLDAP)
- Distinguished Name (DN) credentials with appropriate permissions
Configure the Connection
Create a connection of type LDAP and enter:
- URL: The LDAP server URL (e.g.,
ldap://ldap.example.com) - DN: The Distinguished Name (DN) used to bind to the server (e.g.,
uid=example,dc=example,dc=com) - Password: The password associated with the DN
- Certificate (optional): A certificate for secure connections if required by the server
- Use on-prem LDAPS (optional): When enabled, uses LDAPS (LDAP over SSL/TLS) for secure connections to private LDAP servers
On-prem enabled: this connection can be configured to connect to an on-prem resource on a private network. Learn more.
| Input | Notes | Example |
|---|---|---|
| Certificate | The certificate to use for the connection if required by the LDAP server. | -----BEGIN CERTIFICATE----- MIIC0DCCAbigAwIBAgIJA... |
| DN | The Distinguished Name used to bind to the LDAP server. | cn=John Doe,ou=Users,dc=example,dc=com |
| Host | The host of the on-prem service. This input will be hidden from customers | |
| Password | The password used to authenticate the DN. | |
| Port | The port of the on-prem service. This input will be hidden from customers | |
| URL | The LDAP server URL. Required when not using the on-prem connection. | ldap://ldap.example.com |
| Use on-prem LDAPS | When true, uses LDAPS for the connection to the private LDAP server. | false |
Actions
Add Entry
Adds an entry in Active Directory. | key: addEntry
| Input | Notes | Example |
|---|---|---|
| Attributes to Add | The attributes to add to the entry. Must be a JSON object. | |
| Connection | The LDAP connection to use. | |
| DN to Add | The DN of the entry to add. | OU=Users,DC=example,DC=com |
{
"data": "Entry added at CN=New Entry,OU=Users,DC=example,DC=com."
}
Add Group
Adds a group in Active Directory. | key: addGroup
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. | |
| Group DN | The DN of the group to add. | cn=group,ou=groups,dc=example,dc=com |
| Group Name | The name of the group to add. | New Group |
| Group Type | The type of group to add. | -2147483646 |
| sAMAccountName | The sAMAccountName of the group to add. | newgroup |
{
"data": "Group Developers has been added successfully."
}
Add User
Adds a user in Active Directory. | key: addUser
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. | |
| Password | The password of the user to add. | password |
| sAMAccountName | The sAMAccountName of the user to add. | newuser |
| User DN | The DN of the user to add. | cn=user,ou=users,dc=example,dc=com |
| User Name | The name of the user to add. | New User |
| User Principal Name | The user principal name of the user to add. | user@example.com |
{
"data": "User Alice Johnson has been created successfully."
}
Add User to Group
Adds a user to a group in Active Directory. | key: addUserToGroup
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. | |
| Group DN | The DN of the group to add the user to. | cn=group,ou=groups,dc=example,dc=com |
| User DN to Add | The DN of the user to add to the group. | cn=user,ou=users,dc=example,dc=com |
{
"data": "User CN=John Smith,OU=Users,DC=example,DC=com added to group CN=Developers,OU=Groups,DC=example,DC=com."
}
Bind
Tests binding to Active Directory. | key: bind
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. |
{
"data": "Successfully bound to LDAP server."
}
Delete Entry
Deletes an entry in Active Directory. | key: deleteEntry
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. | |
| DN to Delete | The DN of the entry to delete. | OU=Users,DC=example,DC=com |
{
"data": "Successfully deleted entry at CN=Temp User,OU=Users,DC=example,DC=com."
}
Disable User Account
Disables a user account in Active Directory. | key: disableUserAccount
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. | |
| User DN | The DN of the user to disable. | cn=user,ou=users,dc=example,dc=com |
{
"data": "User CN=Bob Wilson,OU=Users,DC=example,DC=com has been disabled."
}
Extended Operation
Performs an extended operation in Active Directory. | key: extendedOperation
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. | |
| OID | The OID of the extended operation to perform. | 1.3.6.1.4.1.4203.1.11.3 |
| Value | The value to send with the extended operation. | test |
{
"data": {
"oid": "1.3.6.1.4.1.4203.1.11.3",
"value": "dn:CN=Administrator,CN=Users,DC=example,DC=com"
}
}
Is Authenticated
Check if the connection is authenticated. | key: isAuthenticated
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. |
{
"data": true
}
Move User to Organizational Unit
Moves a user to an organizational unit in Active Directory. | key: moveUserToOrganizationalUnit
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. | |
| New OU User DN | The new DN for the user. | cn=user,ou=admins,dc=example,dc=com |
| OU User DN | The DN of the user to move. | cn=user,ou=users,dc=example,dc=com |
{
"data": "Successfully moved user to CN=Jane Doe,OU=Admins,DC=example,DC=com."
}
Remove User From Group
Removes a user from a group in Active Directory. | key: removeUserFromGroup
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. | |
| Group DN | The DN of the group to remove the user from. | cn=group,ou=groups,dc=example,dc=com |
| User DN to Remove | The DN of the user to remove from the group. | cn=user,ou=users,dc=example,dc=com |
{
"data": "User CN=John Smith,OU=Users,DC=example,DC=com removed from group CN=Developers,OU=Groups,DC=example,DC=com."
}
Rename Entry
Renames an entry in Active Directory. | key: renameEntry
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. | |
| New Relative DN | The new relative DN for the entry. | CN=Jane Doe |
| Entry to Rename | The DN of the entry to rename. | CN=John Doe,OU=Users,DC=example,DC=com |
{
"data": "Successfully renamed entry to CN=Alice Johnson-Smith,OU=Users,DC=example,DC=com."
}
Search Entries
Searches for entries in Active Directory. | key: search
| Input | Notes | Example |
|---|---|---|
| Attributes | The attributes to retrieve from the search operation. Leave empty to retrieve all attributes. | name |
| Connection | The LDAP connection to use. | |
| Filter | The filter to apply to the search operation. | (objectClass=*) |
| Include References | When true, includes references in the search results. | false |
| Scope | The scope of the search operation. | sub |
| Search Base | The base DN to start the search operation from. | OU=Users,DC=example,DC=com |
{
"data": {
"entries": [
{
"dn": "OU=Users,DC=example,DC=com",
"ou": "Users",
"name": "Users"
}
],
"references": []
}
}
Search Groups
Searches for groups in Active Directory. | key: searchGroups
| Input | Notes | Example |
|---|---|---|
| Additional Attributes | Additional attributes to include in the search results. | sAMAccountName |
| Connection | The LDAP connection to use. |
{
"data": {
"groups": [
{
"dn": "CN=Administrators,CN=Builtin,DC=example,DC=com",
"cn": "Administrators",
"name": "Administrators"
}
]
}
}
Search Users
Searches for users in Active Directory. | key: searchUsers
| Input | Notes | Example |
|---|---|---|
| Additional Attributes | Additional attributes to include in the search results. | sAMAccountName |
| Connection | The LDAP connection to use. |
{
"data": {
"users": [
{
"dn": "CN=John Smith,OU=Users,DC=example,DC=com",
"cn": "John Smith",
"mail": [
"john.smith@example.com"
]
}
]
}
}
Set Password to User
Sets a user password in Active Directory. | key: setPasswordToUser
| Input | Notes | Example |
|---|---|---|
| Connection | The LDAP connection to use. | |
| New Password | The new password for the user. | newpassword |
| User DN | The DN of the user to set the password for. | cn=user,ou=users,dc=example,dc=com |
{
"data": "Password set successfully for user CN=Jane Doe,OU=Users,DC=example,DC=com."
}
Update Entry
Updates an entry in Active Directory. | key: updateEntry
| Input | Notes | Example |
|---|---|---|
| Changes | The changes to apply to the entry. Must be an array of operations. | |
| Connection | The LDAP connection to use. | |
| Entry to Update | The DN of the entry to update. | cn=entry,ou=users,dc=example,dc=com |
{
"data": "Successfully updated entry at CN=John Smith,OU=Users,DC=example,DC=com."
}
Update User
Updates a user in Active Directory. | key: updateUser
| Input | Notes | Example |
|---|---|---|
| Changes | The changes to apply to the user. Must be an array of operations. | |
| Connection | The LDAP connection to use. | |
| User to Update | The DN of the user to update. | cn=user,ou=users,dc=example,dc=com |
{
"data": "Successfully updated user at CN=Jane Doe,OU=Users,DC=example,DC=com."
}
Changelog
2026-02-06
Improved debug logging across all actions
2025-04-14
Added On Prem Agent support for Active Directory LDAP integration with enhanced user management capabilities