In this article

1 Overview
- 1.1 Prerequisites
- 1.2 Support for Ultra Pipelines
- 1.3 Limitations and Known Issues
2 Snap Input and Output
3 Snap Settings
4 Troubleshooting
5 Examples
- 5.1 Verifying the Username and Password against the Active Directory
- 5.2 Downloads

Overview

Use this Snap to authenticate Active Directory user credentials against an LDAP server through the authentication API. This Snap returns whether a given user entry (Username and Password combination) is valid in the Active Directory instance.

Prerequisites

Valid account to connect to the Active Directory server.

Support for Ultra Pipelines

Works in Ultra Pipelines.

Limitations and Known Issues

None.

Snap Input and Output

Input/Output	Type of View	Number of Views	Examples of Upstream and Downstream Snaps	Description

Input/Output	Type of View	Number of Views	Examples of Upstream and Downstream Snaps	Description
Input	Document	Min: 0 Max: 1	Mapper JSON Generator	A document with the user's LDAP credentials (username and password).
Output	Document	Min: 1 Max: 1	Router Filter Mapper REST Post SQL Server - Select	A document containing the authentication result (success or failure).

Snap Settings

Parameter Name	Data Type	Description	Default Value	Example

Parameter Name	Data Type	Description	Default Value	Example
Label	String		Active Directory Authenticate Users	AD Auth User
Username	String/Expression	Required. Username of the user. This value can be passed as a Pipeline parameter or through an input document.	N/A	JohnDoe
Password	String/Expression	Required. The password associated with the username provided. This value can be passed as a Pipeline parameter or through an input document.	N/A	sFispGq@j3o!
Pass through	Check box	Select this check box to specify whether the data in the incoming document must be passed through and merged with the output document. If selected, the input document is passed through to the output view under the key original.	Selected	Selected
Snap Execution	Drop-down list	Select one of the three following modes in which the Snap executes: Validate & Execute. Performs limited execution of the Snap and generates a data preview during Pipeline validation, then performs full execution of the Snap (unlimited records) during Pipeline runtime. Execute only. Performs full execution of the Snap during Pipeline execution without generating preview data. Disabled. Disables the Snap and all Snaps downstream from it.	Validate & Execute	Execute only

Troubleshooting

Error	Reason	Resolution

Error

Reason

Resolution

[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580]

The Snap execution is successful, but the value provided as password is not valid.

Ensure that the password provided in the Snap is valid/correct.

Failed to validate account: Connection error occurred due to invalid credentials or configuration

Connection error occurs due to invalid credentials or configuration.

Ensure that the provided Snap account credentials are valid, and any additional configuration (if required) is completed.

Examples

Verifying the Username and Password against the Active Directory

There are cases where the Active Directory is used as an authentication server. The Username and Password can be passed from other Pipelines, Ultra, or Triggered Tasks. The following Pipeline verifies user credentials against an Active Directory and returns the details where the authentication result is success. Each entry that fails authentication, also contains the reason and suggested resolution for the error. The Pipeline drops the document when the username and password are not valid.

For purposes of demonstration, the Mapper in this Pipeline sets up a user's AD credentials into the output of the Mapper for passing them to the Authenticate Users Snap. Configure the Mapper Snap to prepare a document input for the Authenticate Users Snap with credentials of multiple users, if it suits your requirements.

Mapper Snap

Mapper Snap

Output

Configure the Authenticate Users Snap to capture the user credentials from the Mapper output and verify them against the LDAP server to which it is connecting.

Authenticate Users Snap

Authenticate Users Snap

Output

Using the pass-through functionality

In certain scenarios, the Snap may be unable to process the entire input due to limitations imposed by the endpoint's API. In such cases, we recommend that you select the Pass through checkbox to ensure that the unprocessed input is not lost. You can process the remaining input data using more of the same Snap in the Pipeline. Alternatively, you can also write the original data into a separate file using a combination of the Mapper Snap and the File Writer Snap.

The Pipeline uses a Filter Snap to filter the document with "success" authentication result (output from Authenticate Users Snap) and pass it into the downstream Snap. When the username or password is not valid, the Pipeline drops the document with the following response: result = fail.

Filter Snap

Filter Snap

Output

After the authentication is complete, we can use other Snaps to suit the need. For example:

Query data from SQL Server database using SQL Server - Select Snap
Forward the request to another service using REST Post Snap.

.

Downloads

Important Steps to Successfully Reuse Pipelines

Download and import the Pipeline into SnapLogic.
Configure Snap accounts as applicable.
Provide Pipeline parameters as applicable.

	File	Modified
Labels No labels Preview View	File ActiveDirectory_AuthenticateUsers_Pipeline_Example.slp	Oct 30, 2020 by Anand Vedam

Active Directory Authenticate Users