Active Directory Component

Connect to an Active Directory server.

Component key: ldap

Description

Active Directory for LDAP (Lightweight Directory Access Protocol) is a protocol for accessing and managing directory information. This component provides tools for operations such as authentication, querying, and managing directory entries.

Library Reference

The component was built using the ldapts library.

Connections

LDAP Connection

To connect to an Active Directory server, you must provide the following details:

URL: The Active Directory server URL (e.g., ldap://ldap.example.com).
DN: The Distinguished Name (DN) used to bind to the server (e.g., uid=example,dc=example,dc=com).
Password: The password associated with the DN.
Certificate (optional): A certificate for secure connections if required by the server.

Ensure these details are correctly configured in the connection settings to establish a successful connection.

On-prem enabled: this connection can be configured to connect to an on-prem resource on a private network. Learn more.

Input	Notes	Example
Certificate	Certificate to use for the connection if required by the LDAP server.	-----BEGIN CERTIFICATE----- MIIC0DCCAbigAwIBAgIJA...
DN	LDAP server Distinguished Name to bind to.	cn=John Doe,ou=Users,dc=example,dc=com
Host	The host of the on-prem service. This input will be hidden from customers
Password	Password for the DN to bind to.
Port	The port of the on-prem service. This input will be hidden from customers
URL	LDAP server URL. Required when not using the on-prem connection.	ldap://ldap.example.com
Use on-prem LDAPS	Turn this On if your private LDAP server requires an LDAPS connection.	false

Actions

Add Entry

Add entry in Active Directory. | key: addEntry

Input	Notes	Example
Attributes to Add	The attributes to add to the entry. Must be a JSON object.
Connection
Debug Request	Enabling this flag will log out the current request.	false
DN to Add	The DN of the entry to add.	OU=Users,DC=example,DC=com

{
  "data": "Entry added at OU=Users,DC=example,DC=com."
}

Add Group

Add group in Active Directory. | key: addGroup

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false
Group DN	The DN of the group to add.	cn=group,ou=groups,dc=example,dc=com
Group Name	The name of the group to add.	New Group
Group Type	The type of group to add.	-2147483646
sAMAccountName	The sAMAccountName of the group to add.	newgroup

{
  "data": "Group group has been added successfully."
}

Add User

Add a user in Active Directory. | key: addUser

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false
Password	The password of the user to add.	password
sAMAccountName	The sAMAccountName of the user to add.	newuser
User DN	The DN of the user to add.	cn=user,ou=users,dc=example,dc=com
User Name	The name of the user to add.	New User
User Principal Name	The user principal name of the user to add.	user@example.com

{
  "data": "User user has been created successfully."
}

Add User to Group

Add a user to a group in Active Directory. | key: addUserToGroup

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false
Group DN	The DN of the group to add the user to.	cn=group,ou=groups,dc=example,dc=com
User DN to Add	The DN of the user to add to the group.	cn=user,ou=users,dc=example,dc=com

{
  "data": "User CN=user,OU=Users,DC=example,DC=com added to group CN=group,OU=Groups,DC=example,DC=com."
}

Bind

Bind test in Active Directory. | key: bind

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false

{
  "data": "Successfully bound to LDAP server."
}

Delete Entry

Delete an entry in Active Directory. | key: deleteEntry

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false
DN to Delete	The DN of the entry to delete.	OU=Users,DC=example,DC=com

{
  "data": "Successfully deleted entry at OU=Users,DC=example,DC=com."
}

Disable User Account

Disable a user in Active Directory. | key: disableUserAccount

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false
User DN	The DN of the user to disable.	cn=user,ou=users,dc=example,dc=com

{
  "data": "User CN=user,OU=Users,DC=example,DC=com has been disabled."
}

Extended Operation

Perform an extended operation in Active Directory. | key: extendedOperation

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false
OID	The OID of the extended operation to perform.	1.3.6.1.4.1.4203.1.11.3
Value	The value to send with the extended operation.	test

{
  "data": {
    "oid": "1.3.6.1.4.1.4203.1.11.3",
    "value": ""
  }
}

Is Authenticated

Check if the connection is authenticated. | key: isAuthenticated

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false

{
  "data": true
}

Move User to Organizational Unit

Move user to Organizational unit in Active Directory. | key: moveUserToOrganizationalUnit

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false
New OU User DN	The new DN for the user.	cn=user,ou=admins,dc=example,dc=com
OU User DN	The DN of the user to move.	cn=user,ou=users,dc=example,dc=com

{
  "data": "Successfully moved user to CN=user,OU=Admins,DC=example,DC=com."
}

Remove User From Group

Remove a user from group in Active Directory. | key: removeUserFromGroup

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false
Group DN	The DN of the group to remove the user from.	cn=group,ou=groups,dc=example,dc=com
User DN to Remove	The DN of the user to remove from the group.	cn=user,ou=users,dc=example,dc=com

{
  "data": "User CN=user,OU=Users,DC=example,DC=com removed from group CN=group,OU=Groups,DC=example,DC=com."
}

Rename Entry

Rename an entry in Active Directory. | key: renameEntry

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false
New Relative DN	The new relative DN for the entry.	CN=Jane Doe
Entry to Rename	The DN of the entry to rename.	CN=John Doe,OU=Users,DC=example,DC=com

{
  "data": "Successfully renamed entry to CN=newUser,OU=Users,DC=example,DC=com."
}

Search Entries

Search entries in Active Directory. | key: search

Input	Notes	Example
Attributes	The attributes to retrieve from the search operation. Leave empty to retrieve all attributes.	name
Connection
Debug Request	Enabling this flag will log out the current request.	false
Filter	The filter to apply to the search operation.	(objectClass=*)
Include References	Include references in the search results.	false
Scope	The scope of the search operation.	sub
Search Base	The base DN to start the search operation from.	OU=Users,DC=example,DC=com

{
  "data": {
    "entries": [
      {
        "dn": "OU=Users,DC=example,DC=com",
        "ou": "Users",
        "name": "Users"
      }
    ],
    "references": []
  }
}

Search Groups

Search groups in Active Directory. | key: searchGroups

Input	Notes	Example
Additional Attributes	Additional attributes to include in the search results.	sAMAccountName
Connection
Debug Request	Enabling this flag will log out the current request.	false

{
  "data": {
    "groups": [
      {
        "dn": "CN=Administrators,CN=Builtin,DC=example,DC=com",
        "cn": "Administrators",
        "name": "Administrators"
      }
    ]
  }
}

Search Users

Search users in Active Directory. | key: searchUsers

Input	Notes	Example
Additional Attributes	Additional attributes to include in the search results.	sAMAccountName
Connection
Debug Request	Enabling this flag will log out the current request.	false

{
  "data": {
    "users": [
      {
        "dn": "CN=user,OU=Users,DC=example,DC=com",
        "cn": "user",
        "mail": []
      }
    ]
  }
}

Set Password to User

Set user password in Active Directory. | key: setPasswordToUser

Input	Notes	Example
Connection
Debug Request	Enabling this flag will log out the current request.	false
New Password	The new password for the user.	newpassword
User DN	The DN of the user to set the password for.	cn=user,ou=users,dc=example,dc=com

{
  "data": "Password set successfully for user CN=user,OU=Users,DC=example,DC=com."
}

Update Entry

Update entry in Active Directory. | key: updateEntry

Input	Notes	Example
Changes	The changes to apply to the entry. Must be an array of operations.
Connection
Debug Request	Enabling this flag will log out the current request.	false
Entry to Update	The DN of the entry to update.	cn=entry,ou=users,dc=example,dc=com

{
  "data": "Successfully updated entry at CN=entry,OU=Users,DC=example,DC=com."
}

Update User

Update user in Active Directory. | key: updateUser

Input	Notes	Example
Changes	The changes to apply to the user. Must be an array of operations.
Connection
Debug Request	Enabling this flag will log out the current request.	false
User to Update	The DN of the user to update.	cn=user,ou=users,dc=example,dc=com

{
  "data": "Successfully updated user at CN=user,OU=Users,DC=example,DC=com."
}

Changelog

2025-04-14

Added On Prem Agent support for Active Directory LDAP integration with enhanced user management capabilities.

Connect to an Active Directory server.

Description​

Library Reference​

Connections​

LDAP Connection​

Actions​

Add Entry​

Add Group​

Add User​

Add User to Group​

Bind​

Delete Entry​

Disable User Account​

Extended Operation​

Is Authenticated​

Move User to Organizational Unit​

Remove User From Group​

Rename Entry​

Search Entries​

Search Groups​

Search Users​

Set Password to User​

Update Entry​

Update User​

Changelog​

2025-04-14​