LDAP Modify Entry activity
Introduction
An LDAP Modify Entry activity modifies entries in an LDAP endpoint and is intended to be used as a target to consume data in an operation. After configuring an LDAP connection, you can configure as many LDAP activities as you like for each LDAP connection.
Create an LDAP activity
An instance of an activity is created from a connection using an activity type.
To create an instance of an activity, drag the activity type to the design canvas or copy the activity type and paste it on the design canvas. For details, see Create an activity or tool instance in Component reuse.
An existing activity can be edited from these locations:
- The design canvas (see Component actions menu in Design canvas).
- The project pane's Components tab (see Component actions menu in Project pane Components tab).
Configure an LDAP Modify Entry activity
Follow these steps to configure an LDAP Modify Entry activity:
Step 1: Enter a name and specify settings
-
Name: Enter a name to use to identify the LDAP Modify Entry activity. The name must be unique for each LDAP Modify Entry activity and must not contain forward slashes (
/
) or colons (:
). -
Operation: Specify the way in which to modify the entry, one of Add_Attribute, Remove_Attribute, or Replace_Attribute:
-
Add_Attribute: Add an attribute and values to an entry.
-
Remove_Attribute: Remove an attribute and values from an entry.
-
Replace_Attribute: Replace existing values in an entry.
-
-
Select Object Class: This section displays structural object classes available in the LDAP endpoint. When reopening an existing activity configuration, only the selected object class is displayed instead of reloading the entire object class list.
-
Selected Object Class: After an object class is selected, it is listed here.
-
Search: Enter any column's value into the search box to filter the list of object classes. The search is not case-sensitive. If object classes are already displayed within the table, the table results are filtered in real time with each keystroke. To reload object classes from the endpoint when searching, enter search criteria and then refresh, as described below.
-
Refresh: Click the refresh icon or the word Refresh to reload object classes from the LDAP endpoint. This may be useful if you have recently added object classes to the LDAP endpoint. This action refreshes all metadata used to build the table of object classes displayed in the configuration.
-
Selecting an Object Class: Within the table, click anywhere on a row to select an object class. Only one object class can be selected. The information available for each object class is fetched from the LDAP endpoint:
- Name: The object class name from the LDAP endpoint.
- Description: The object class description from the LDAP endpoint.
Tip
If the table does not populate with available object classes, the LDAP connection may not be successful. Ensure you are connected by reopening the connection and retesting the credentials.
-
-
Continue on Error: Select to continue the activity execution if an error is encountered for a dataset in a batch request. If any errors are encountered, they are written to the operation log.
-
Save & Exit: If enabled, click to save the configuration for this step and close the activity configuration.
-
Next: Click to temporarily store the configuration for this step and continue to the next step. The configuration will not be saved until you click the Finished button on the last step.
-
Discard Changes: After making changes, click to close the configuration without saving changes made to any step. A message asks you to confirm that you want to discard changes.
Step 2: Review the data schemas
-
Data Schema: The request and response data schemas for LDAP are displayed. If the operation uses a transformation, the data schemas are displayed again later during the transformation mapping process, where you can map to target fields using source objects, scripts, variables, custom values, and more.
The LDAP connector uses the Apache Directory LDAP API version 1.0.1. This API supports all types of LDAP servers, not just ApacheDS. Refer to the Apache LDAP API 1.0.1 Documentation and documentation on the specific LDAP server for information on the schema fields.
These are the schema fields shown in the example screenshot above:
-
Request:
Request Schema Field/Node Notes json The format of the request schema modifyEntry-request The Directory Services Markup Language (DSML) request request The request to the LDAP server item A request item dn The distinguished name representing a position in a hierarchy attributes Attributes of the LDAP entry userPassword User password removeAll A boolean indicating whether passwords are to be removed values User password values item The user password item #text Value of the user password item -
Response:
Response Schema Field/Node Notes json The format of the response schema modifyEntry-response The Directory Services Markup Language (DSML) response response The response from the LDAP server item The response item success A boolean indicating if the request was successful errorDetails The error details errorMsg An error message returned by the LDAP server
-
-
Refresh: Click the refresh icon or the word Refresh to regenerate schemas from the LDAP endpoint. This action also regenerates the schema in other locations throughout the project where the same schema is referenced, such as in an adjacent transformation.
-
Back: Click to temporarily store the configuration for this step and return to the previous step.
-
Finished: Click to save the configuration for all steps and close the activity configuration.
-
Discard Changes: After making changes, click to close the configuration without saving changes made to any step. A message asks you to confirm that you want to discard changes.
Next steps
After configuring an LDAP Modify Entry activity, complete the configuration of the operation by adding and configuring other activities, transformations, or scripts as operation steps. You can also configure an operation's operation settings, which include the ability to chain operations together that are in the same or different workflows.
After an LDAP activity has been created, menu actions for that activity are accessible from the project pane in either the Workflows or the Components tabs, and from the design canvas. See Activity actions menu for details.
LDAP Modify Entry activities can be used as a target with these operation patterns:
- Transformation pattern
- Two-transformation pattern (as the first or second target)
Other patterns are not valid using LDAP Modify Entry activities. See the validation patterns on the Operation validity page.
To use the activity with scripting functions, write the data to a temporary location and then use that temporary location in the scripting function.
When ready, deploy and run the operation and validate behavior by checking the operation logs.