Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

In this article

Table of Contents
maxLevel2
absoluteUrltrue

Overview

Use this Snap to authenticate Active Directory user credentials against an LDAP server through the authentication API. This Snap returns whether a given user entry (Username and Password combination) is valid in the Active Directory instance.

Image Added

Prerequisites

  • Valid account to connect to the Active Directory server.

Support for Ultra Pipelines

Works in Ultra Pipelines

Limitations and Known Issues

None.

Snap Input and Output

Input/OutputType of ViewNumber of ViewsExamples of Upstream and Downstream SnapsDescription
Input 

Document

  • Min: 0
  • Max: 1
  • Mapper
  • JSON Generator
A document with the user's LDAP credentials (username and password).
Output

Document

  • Min: 1
  • Max: 1
  • Router
  • Filter
  • Mapper
  • REST Post
  • SQL Server - Select

A document containing the authentication result (success or failure).

Snap Settings

Parameter NameData TypeDescriptionDefault ValueExample 
LabelString
Insert excerpt
File Writer
File Writer
nopaneltrue
Active Directory Authenticate UsersAD Auth User
UsernameString/Expression

Required. Username of the user. This value can be passed as a Pipeline parameter or through an input document.

N/AJohnDoe
PasswordString/ExpressionRequired. The password associated with the username provided. This value can be passed as a Pipeline parameter or through an input document.N/AsFispGq@j3o!
Pass throughCheck boxSelect this check box to specify whether the data in the incoming document must be passed through and merged with the output document. If selected, the input document is passed through to the output view under the key original.SelectedSelected
Snap ExecutionDrop-down list

Select one of the three following modes in which the Snap executes:

  • Validate & Execute. Performs limited execution of the Snap and generates a data preview during Pipeline validation, then performs full execution of the Snap (unlimited records) during Pipeline runtime.
  • Execute only. Performs full execution of the Snap during Pipeline execution without generating preview data.
  • Disabled. Disables the Snap and all Snaps downstream from it.

Validate & ExecuteExecute only

Troubleshooting

ErrorReasonResolution

[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580]

The Snap execution is successful, but the value provided as password is not valid.

Ensure that the password provided in the Snap is valid/correct.

Failed to validate account: Connection error occurred due to invalid credentials or configurationConnection error occurs due to invalid credentials or configuration.Ensure that the provided Snap account credentials are valid, and any additional configuration (if required) is completed.

Examples

Verifying the Username and Password against the Active Directory

There are cases where the Active Directory is used as an authentication server. The Username and Password can be passed from other Pipelines, Ultra, or Triggered Tasks. The following Pipeline verifies user credentials against an Active Directory and returns the details where the authentication result is success. Each entry that fails authentication, also contains the reason and suggested resolution for the error. The Pipeline drops the document when the username and password are not valid.

Image Added

For purposes of demonstration, the Mapper in this Pipeline sets up a user's AD credentials into the output of the Mapper for passing them to the Authenticate Users Snap. Configure the Mapper Snap to prepare a document input for the Authenticate Users Snap with credentials of multiple users, if it suits your requirements.

Mapper Snap

Image Added

Output
Image Added

Configure the Authenticate Users Snap to capture the user credentials from the Mapper output and verify them against the LDAP server to which it is connecting. 

Authenticate Users Snap

Image Added

Output

Image Added


Note
titleUsing the pass-through functionality

In certain scenarios, the Snap may be unable to process the entire input due to limitations imposed by the endpoint's API. In such cases, we recommend that you select the Pass through checkbox to ensure that the unprocessed input is not lost. You can process the remaining input data using more of the same Snap in the Pipeline. Alternatively, you can also write the original data into a separate file using a combination of the Mapper Snap and the File Writer Snap. 

The Pipeline uses a Filter Snap to filter the document with "success" authentication result (output from Authenticate Users Snap) and pass it into the downstream Snap. When the username or password is not valid, the Pipeline drops the document with the following response: result = fail.

Filter Snap

Image Added

Output

Image Added

After the authentication is complete, we can use other Snaps to suit the need. For example:

  • Query data from SQL Server database using SQL Server - Select Snap
  • Forward the request to another service using REST Post Snap.

Download this Pipeline

Downloads

Note
titleImportant Steps to Successfully Reuse Pipelines
  1. Download and import the Pipeline into SnapLogic.
  2. Configure Snap accounts as applicable.
  3. Provide Pipeline parameters as applicable.

Attachments
patterns*.slp, *.zip

Insert excerpt
Active Directory Snap Pack
Active Directory Snap Pack
nopaneltrue

...

See Also