In this article

Overview

Use this Snap to authenticate Active Directory user credentials against an LDAP server through the authentication API. This Snap returns whether a given user entry (Username and Password combination) is valid in the Active Directory instance.

Prerequisites

Valid account to connect to the Active Directory server.

Support for Ultra Pipelines

Works in Ultra Pipelines.

Limitations and Known Issues

None.

Snap Input and Output

Input/Output	Type of View	Number of Views	Examples of Upstream and Downstream Snaps	Description
Input	Document	Min: 0 Max: 1	Mapper JSON Generator	A document with the user's LDAP credentials (username and password).
Output	Document	Min: 1 Max: 1	Router Filter Mapper REST Post SQL Server - Select	A document containing the authentication result (success or failure).

Snap Settings

Parameter Name	Data Type	Description	Default Value	Example
Label	String	Specify a name for the Snap. You can modify this to be more specific, especially if you have more than one of the same Snap in your Pipeline.	Active Directory Authenticate Users	AD Auth User
Username	String/Expression	Required. Username of the user. This value can be passed as a Pipeline parameter or through an input document.	N/A	JohnDoe
Password	String/Expression	Required. The password associated with the username provided. This value can be passed as a Pipeline parameter or through an input document.	N/A	sFispGq@j3o!
Pass through	Check box	Select this check box to specify whether the data in the incoming document must be passed through and merged with the output document. If selected, the input document is passed through to the output view under the key original.	Selected	Selected
Snap Execution	Drop-down list	Select one of the three following modes in which the Snap executes: Validate & Execute. Performs limited execution of the Snap and generates a data preview during Pipeline validation, then performs full execution of the Snap (unlimited records) during Pipeline runtime. Execute only. Performs full execution of the Snap during Pipeline execution without generating preview data. Disabled. Disables the Snap and all Snaps downstream from it.	Validate & Execute	Execute only

Troubleshooting

Error

Reason

Resolution

[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580]

The Snap execution is successful, but the value provided as password is not valid.

Ensure that the password provided in the Snap is valid/correct.

Failed to validate account: Connection error occurred due to invalid credentials or configuration

Connection error occurs due to invalid credentials or configuration.

Ensure that the provided Snap account credentials are valid, and any additional configuration (if required) is completed.

Examples

Verifying the Username and Password against the Active Directory

There are cases where the Active Directory is used as an authentication server. The Username and Password can be passed from other Pipelines, Ultra, or Triggered Tasks. The following Pipeline verifies user credentials against an Active Directory and returns the details where the authentication result is success. Each entry that fails authentication, also contains the reason and suggested resolution for the error. The Pipeline drops the document when the username and password are not valid.

For purposes of demonstration, the Mapper in this Pipeline sets up a user's AD credentials into the output of the Mapper for passing them to the Authenticate Users Snap. Configure the Mapper Snap to prepare a document input for the Authenticate Users Snap with credentials of multiple users, if it suits your requirements.

Mapper Snap

Output

Configure the Authenticate Users Snap to capture the user credentials from the Mapper output and verify them against the LDAP server to which it is connecting.

Authenticate Users Snap

Output

Using the pass-through functionality

In certain scenarios, the Snap may be unable to process the entire input due to limitations imposed by the endpoint's API. In such cases, we recommend that you select the Pass through checkbox to ensure that the unprocessed input is not lost. You can process the remaining input data using more of the same Snap in the Pipeline. Alternatively, you can also write the original data into a separate file using a combination of the Mapper Snap and the File Writer Snap.

The Pipeline uses a Filter Snap to filter the document with "success" authentication result (output from Authenticate Users Snap) and pass it into the downstream Snap. When the username or password is not valid, the Pipeline drops the document with the following response: result = fail.

Filter Snap

Output

After the authentication is complete, we can use other Snaps to suit the need. For example:

Query data from SQL Server database using SQL Server - Select Snap
Forward the request to another service using REST Post Snap.

Download this Pipeline.

Downloads

Important Steps to Successfully Reuse Pipelines

Download and import the Pipeline into SnapLogic.
Configure Snap accounts as applicable.
Provide Pipeline parameters as applicable.

	File	Modified
Labels No labels View	File ActiveDirectory_AuthenticateUsers_Pipeline_Example.slp	Oct 30, 2020 by Anand Vedam

Snap Pack History

Click to view/expand

Release	Snap Pack Version	Date	Type	Updates
4.27	main12833	13 Nov 2021	Stable	Enhanced the Active Directory Search Snap with a new field set, Returning Attributes, to define attributes that you want the Snap to return in the search results.
4.26 Patch	426patches11280	03 Sep 2021	Latest	Fixed an issue with the Active Directory Add Member Snap that failed when using forward slash "/" in the Distinguished name field.
4.26	main11181	14 Aug 2021	Stable	Upgraded with the latest SnapLogic Platform release.
4.25	main9554	09 May 2021	Stable	Upgraded with the latest SnapLogic Platform release.
4.24	main8556	13 Feb 2021	Stable	Upgraded with the latest SnapLogic Platform release.
4.23 Patch	423patches8210	20 Jan 2021	Latest	Fixes an issue of fetching search records in the Active Directory Search Snap by adding a new field, Limit, to specify the number of search records to be fetched from the Active Directory. Previously the Page Size field worked similar to the Limit field, that is, it sets the limit on fetching records instead of fetching all the records. The Active Directory Search Snap output now displays the number of records that you specify in the Limit field under Settings. If your Pipelines use the Snap with the Page Size field, they may fail to execute if the downstream Snap expects the same count. To retrieve all the records, configure the Snap with default settings, that is, Limit: 0 and Page Size: 1000.
4.23 Patch	423patches7454	20 Jan 2021	Latest	Adds the Pass through check box in all the Snaps to include pass-through functionality. Select this check box to embed the upstream input documents under the `original` field of the output document along with other records.
4.23	main7430	14 Nov 2020	Stable	Enhances the Active Directory Search Snap by adding a new field, Group results, to group the output result in a single array. Active Directory Authenticate Users Snap: A new Snap in the Active Directory Snap Pack that enables you to use SnapLogic Platform to authenticate Active Directory (AD) users against the configured AD server.
4.22	422patches6531	20 Sep 2020	Latest	Enhances the Active Directory Create Entry and Active Directory Update Entry Snaps by adding Attribute Value Delimiter field to separate multiple values entered in the Attribute value field.
4.22	main6403	12 Oct 2020	Stable	Upgraded with the latest SnapLogic Platform release.
4.21	snapsmrc542	09 May 2020	Stable	Upgraded with the latest SnapLogic Platform release.
4.20 Patch	activedirectory8789	02 Apr 2020	Latest	Fixes the Active Directory Snaps to successfully read special characters in the Existing distinguished name and Distinguished name Snap settings without requiring escape characters.
4.20	snapsmrc535	08 Feb 2020	Stable	Fixes the Search Snap and the List Users Snap wherein the Snaps displayed only the first element of an array field. Now, the Snaps display all the elements of an array field.
4.19 Patch	activedirectory8506	16 Jan 2020	Latest	Fixes the Search Snap and the List Users Snap wherein the Snaps displayed only the first element of an array field. Now, the Snaps display all the elements of an array field.
4.19	snapsmrc528	14 Nov 2019	Stable	Upgraded with the latest SnapLogic Platform release.
4.18	snapsmrc523	10 Aug 2019	Stable	Upgraded with the latest SnapLogic Platform release.
4.17 Patch	ALL7402		Latest	Pushed automatic rebuild of the latest version of each Snap Pack to SnapLogic UAT and Elastic servers.
4.17	snapsmrc515	11 Jun 2019	Stable	Added the Snap Execution field to all Standard-mode Snaps. In some Snaps, this field replaces the existing Execute during preview check box.
4.16	snapsmrc508	16 Feb 2019	Stable	Upgraded with the latest SnapLogic Platform release.
4.15	snapsmrc500	15 Dec 2018	Stable	Upgraded with the latest SnapLogic Platform release.
4.14	snapsmrc490	11 Aug 2018	Stable	Upgraded with the latest SnapLogic Platform release.
4.13	snapsmrc486	12 May 2018	Stable	Upgraded with the latest SnapLogic Platform release.
4.12	snapsmrc480	17 Feb 2018	Stable	Upgraded with the latest SnapLogic Platform release.
4.11 Patch	activedirectory4630	07 Feb 2018	Latest	Resolved an issue with the Active Directory Search Snap that Ignored PartialResultException and did not handle the slashes and backslashes in the search function: Added the original exception to SnapdataException for the Active Directory Snaps. Improved the error message.
4.11	snapsmrc465	11 Nov 2017	Stable	Upgraded with the latest SnapLogic Platform release.
4.10	snapsmrc414	12 Aug 2017	Stable	Upgraded with the latest SnapLogic Platform release.
4.9	snapsmrc405	13 May 2017	Stable	Upgraded with the latest SnapLogic Platform release.
4.8	snapsmrc398	11 Feb 2017	Stable	Upgraded with the latest SnapLogic Platform release.
4.7	snapsmrc382	23 Nov 2016	Stable	Upgraded with the latest SnapLogic Platform release.
4.6 Patch	activedirectory2056	10 Nov 2016	Latest	Resolved an issue with modifying the "unicodePwd" attribute using the Active Directory - Update Entry Snap.
4.6	rcmsf233	13 Aug 2016	Stable	Extended support for a der encoded representation of Anaplan Certificate for Anaplan account validation. Resolved an issue in Create Entry, Search, and Update Entry Snaps that caused certain attributes to not appear in suggestions.
4.5.1	rcmsf231	18 May 2016	Stable	Upgraded with the latest SnapLogic Platform release.
4.5	rcmsf231	14 May 2016	Stable	Upgraded with the latest SnapLogic Platform release.
4.3.2			Stable	Resolved an issue in Active Directory Search resulting in an error using a port value in the server URI.
4.3.0			Stable	The Update Snap now populates all attributes during Suggest. The Search Snap now shows those attributes that have values.
4.2.2			Stable	Resolved an issue with the account failing to validate after the last Snap release. Resolved an issue with the Active Directory Search Snap failing to throw an exception for an invalid search. Resolved an issue with the Active Directory Search Snap not routing an error to the error view for a null search. Resolved an issue with the Active Directory Search Snap adding a blank space on all strings. Updated the tooltips within the Active Directory Snap Pack.
4.2.1			Stable	Resolved "Pass through only supported for Map data." message showing in Active Directory Rename Snap.

Active Directory Authenticate Users