Configuring the LDAP Query node

  1. Select the LDAP Query "start" node. On the General tab, specify this information:
    Configuration name

    Select the configuration that you want to be used for this activity. If you want to use an existing configuration, select a name from the list. If you leave the field blank, the default configuration will be used.

    Search Scope

    Select from these options:

    • Object level: this scope will search only Search DN object level and will always return one value

    • One level: this scope will go down only one level deep of the search DN object

    • Sub-tree level: this scope will search all the sub-levels of the search DN object

    Search DN

    Specify the top level object which needs to be searched. The LDAP Query node will go down the levels and search objects based on the search scope chosen. This field cannot be empty.

    Search Filter

    Specify the filter value for the search. The LDAP Query node will select the records based on the given search filter. This field cannot be empty.

    The default value is (objectClass=*), which would select all the records.

    Return Attributes

    Specify the attributes which need to be selected from the LDAP server. Multiple attributes can be selected using a comma-separated list. The default empty value would be all attributes from the server.

    If the given attribute is not found on the server, the value for that attribute will be displayed as "undefined".

    Binary Attributes (to be converted)

    The binary attributes on server would be in binary format. If those attributes need to be selected then it will still be in binary format on the process flow. Binary attributes list which are specified here will be converted into bytes array format.

    Note: 

    ObjectGUID and ObjectSID will be converted into readable string format if they are selected. These attributes are added to binary attributes list by default and do not need to be added explicitly.

    The string value format of ObjectGUID and ObjectSID can be used in search filter directly, and they do not need to be modified before using that in search filter.

    ObjectSID format: S-1-468115865-1864075116-4034292107-1253497497-2497756855-826951027

    ObjectGUID format: {100364A1-D728-4CB9-9CBB-919F5140B2BC}

  2. On the On Error tab, specify this information:
    What should happen on an error?

    Select from the available options.

    Notify

    Select the check box if you want to send a notification when an error occurs. If this option is selected, you must fill out the notification details.

    Custom log entry

    Select the check box if you want a custom log entry in addition to the system-generated log entry.

  3. Select the LDAP Query "end" node. On the Break Condition tab, specify any valid true/false conditions that must be satisfied if you want to end the iteration.
    Note: 

    If a variable is used as part of the condition, you must remove the surrounding brackets ("<!" and ">").