In this article
Table of Contents | ||||
---|---|---|---|---|
|
Overview
Use this Snap to authenticate Active Directory user credentials against an LDAP server through the authentication API. This Snap returns whether a given user entry (Username and Password combination) is valid in the Active Directory instance.
Prerequisites
- Valid account to connect to the Active Directory server.
Support for Ultra Pipelines
Works in Ultra Pipelines.
Limitations and Known Issues
None.
Snap Input and Output
Input/Output | Type of View | Number of Views | Examples of Upstream and Downstream Snaps | Description |
---|---|---|---|---|
Input | Document |
|
| A document with the user's LDAP credentials (username and password). |
Output | Document |
|
| A document containing the authentication result (success or failure). |
Snap Settings
Parameter Name | Data Type | Description | Default Value | Example | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
Label | String |
| Active Directory Authenticate Users | AD Auth User | ||||||||
Username | String/Expression | Required. Username of the user. This value can be passed as a Pipeline parameter or through an input document. | N/A | JohnDoe | ||||||||
Password | String/Expression | Required. The password associated with the username provided. This value can be passed as a Pipeline parameter or through an input document. | N/A | sFispGq@j3o! | ||||||||
Pass through | Check box | Select this check box to specify whether the data in the incoming document must be passed through and merged with the output document. If selected, the input document is passed through to the output view under the key original. | Selected | Selected | ||||||||
Snap Execution | Drop-down list | Select one of the three following modes in which the Snap executes:
| Validate & Execute | Execute only |
Troubleshooting
Error | Reason | Resolution |
---|---|---|
[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580] | The Snap execution is successful, but the value provided as password is not valid. | Ensure that the password provided in the Snap is valid/correct. |
Failed to validate account: Connection error occurred due to invalid credentials or configuration | Connection error occurs due to invalid credentials or configuration. | Ensure that the provided Snap account credentials are valid, and any additional configuration (if required) is completed. |
Examples
Verifying the Username and Password against the Active Directory
There are cases where the Active Directory is used as an authentication server. The Username and Password can be passed from other Pipelines, Ultra, or Triggered Tasks. The following Pipeline verifies user credentials against an Active Directory and returns the details where the authentication result is success. Each entry that fails authentication, also contains the reason and suggested resolution for the error. The Pipeline drops the document when the username and password are not valid.
For purposes of demonstration, the Mapper in this Pipeline sets up a user's AD credentials into the output of the Mapper for passing them to the Authenticate Users Snap. Configure the Mapper Snap to prepare a document input for the Authenticate Users Snap with credentials of multiple users, if it suits your requirements.
Mapper Snap |
---|
Output |
Configure the Authenticate Users Snap to capture the user credentials from the Mapper output and verify them against the LDAP server to which it is connecting.
Authenticate Users Snap |
---|
Output |
Note | ||
---|---|---|
| ||
In certain scenarios, the Snap may be unable to process the entire input due to limitations imposed by the endpoint's API. In such cases, we recommend that you select the Pass through checkbox to ensure that the unprocessed input is not lost. You can process the remaining input data using more of the same Snap in the Pipeline. Alternatively, you can also write the original data into a separate file using a combination of the Mapper Snap and the File Writer Snap. |
The Pipeline uses a Filter Snap to filter the document with "success" authentication result (output from Authenticate Users Snap) and pass it into the downstream Snap. When the username or password is not valid, the Pipeline drops the document with the following response: result = fail.
Filter Snap |
---|
Output |
After the authentication is complete, we can use other Snaps to suit the need. For example:
- Query data from SQL Server database using SQL Server - Select Snap
- Forward the request to another service using REST Post Snap.
Downloads
Note | ||
---|---|---|
| ||
|
Attachments | ||
---|---|---|
|
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
...