On this Page
Snap type: | Read | |||||||
---|---|---|---|---|---|---|---|---|
Description: | This Snap lets you search Active Directory and provides options to select the scope and the filter table to effectively return search results as compared to the List Users Snap which returns all the entries. The attributes of table will create on suggest based on the existing distinguished name into Active Directory. The table consists of all the fields that can be used as filter attributes to perform search and effectively return the results. To generate the suggested filter attributes into the table the existing distinguished name is required.
| |||||||
Prerequisites: | [None] | |||||||
Support and limitations: | Works in Ultra Task Pipelines. Behavior Change
| |||||||
Account: | This Snap uses account references created on the Accounts page of SnapLogic Manager to handle access to this endpoint. See Active Directory Basic Auth Account for information on setting up this type of account. | |||||||
Views: |
| |||||||
Settings | ||||||||
Label* | Specify the name for the Snap. You can modify this to be more specific, especially if you have more than one of the same Snap in your pipeline. | |||||||
Existing distinguished name* | Specify the LDAP API references an LDAP object by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas. An RDN is an attribute with an associated value in the form attribute=value, normally expressed in a UTF-8 string format. The typical RDN attribute types include: DC = domainComponent, CN = commonName, OU = organizationalUnitName,O = organizationName, STREET = streetAddress, L = localityName,ST = stateOrProvinceName, C = countryName, UID = userid. This field is applicable only to existing users. If the user does not exist, create an entry using the Create Entry Snap first. Default Value: [None] Example: A distinguished name for an LDAP entry can be represented as: CN=AbcUser,CN=Users,DC=server,DC=company,DC=com. In this example, to refer to the entire user list, you can remove the initial attribute, CN=AbcUser. You can also use special characters in the distinguished name. See the section Using Special Characters in Distinguished Name below. | |||||||
Page size* | Specify the size of the page to receive search results. The maximum value accepted by Active Directory is 1000. See https://msdn.microsoft.com/en-us/library/ms180880(v=vs.80).aspx for more information. Default Value: 1000 A new field Limit is introduced in a 4.23 dot release (423patches8210). Your Pipelines created prior to this release, which use Page Size for limiting records may fail to execute. Hence, modify your Pipelines using the Limit field below. | |||||||
Limit | Specify the number of search records to be fetched from the Active Directory.
Default Value: 0 | |||||||
Scope type | Specify the scope type to search against. The options available include:
Default Value: SUBTREE_SCOPE | |||||||
Filter Attributes | Specify the key-value pairs to filter the search results. The filter keys generated by suggesting can be modified, that is:
| |||||||
Filter keys | The suggested filter attributes based on the provided Existing distinguished name property. | |||||||
Filter values | The corresponding values of the suggested filter key to perform an effective search. | |||||||
Returning Attributes | Use this field set to define the attributes that should return in the search results. This field set contains the Attribute Keys field. Click to add a row for defining the attribute key. | |||||||
Attribute Keys | Specify the attribute keys that should return in the search results. When using this Snap to search by a distinguished name, the Snap only returns up to 1500 members if the total member in the group is greater than 1500.
| |||||||
Group results | Select to group the output result in a single array. When Group result is checked, the documents will now be grouped inside an array instead of individual documents. Default Value: Not selected. | |||||||
Pass through | Select to include the entire input data in the Snap's output. The Snap includes this data within the $original field in the output. Default Value: Not selected | |||||||
Snap execution | Page lookup error: page "Anaplan Read" not found. If you're experiencing issues please see our Troubleshooting Guide. This option must be enabled to see preview content. |
Examples
Distinguished name value | Returns |
---|---|
CN=groupname,CN=Users,DC=server,DC=company,DC=com | Details about that group. |
CN=Users,DC=server,DC=company,DC=com | Details about all items in Users under that domain. |
DC=server,DC=company,DC=com | Details about all objects on that server domain. |
Using Special Characters in Distinguished Name
You can include special characters in the Distinguished name and Existing distinguished name fields. As of Patch activedirectory8789, the fields do not require the following special characters to be prefixed with an escape character:
- Forward slash (/)
- Backward slash (\)
- Plus (+)
- Double-quote (")
- Less than symbol (<)
- Greater than symbol (>)
- Semi-colon (;)
If an escape character is prefixed, the Snap reads it, else, it prefixes it to the special character to correctly process the data.
Comma (,) and Equals (=) have a special meaning in the distinguished name, as comma (,) is used to separate RDNs and equals (=) is used for designating key value pairs (key=value). Therefore, these must still be prefixed with an escape character to be passed as special characters. For example,
\,
or \=
.
Example: Using Special Characters
Let us say you need to specify a distinguished name like CN=man/eesh,CN=Users,DC=ad1,DC=clouddev,DC=snaplogic,DC=com, where the common name man/eesh contains a special character.
The Snap supports both scenarios:
- If the special character is prefixed with an escape character. For example, CN=man\/eesh.
- If no escape character is used. For example, CN=man/eesh,
In both cases, the Snap generates the same output during Pipeline validation, as shown in the image below. This ensures existing Pipelines do not break in either case.
Using the pass-through functionality
In certain scenarios, the Snap may be unable to process the entire input due to limitations imposed by the endpoint's API. In such cases, we recommend that you select the Pass through checkbox to ensure that the unprocessed input is not lost. You can process the remaining input data using more of the same Snap in the Pipeline. Alternatively, you can also write the original data into a separate file using a combination of the Mapper Snap and the File Writer Snap.