Adding an LDAP resource allows you to query your LDAP servers in a similar way to database connections.
Use an LDAP resource to:
Validate that a username provided in a custom field is a member of an LDAP group.
Write a REST endpoint to list office addresses.
In aLeaversworkflow, use a post function to mark a user as having left the company.
To set up an LDAP connection, and make the connection available to scripts:
Navigate toScriptRunner>Resources>Add New Item>LDAP Connection.
Provide a name for the connection inPool Name.
Enter theHost.
Optionally, checkUse TLSto use TLS/SSL encryption.
Enter thePortthe LDAP connection is using.
Enter the base dn into theBasefield.
Add theUser dn.
Enter the LDAPPassword.
Contact your directory services administrator for LDAP details. If you have set up an LDAP server as an applicationUser Directory, and it’s the same LDAP server, you can copy and paste the values.
ClickAdd.
ClickingPreviewvalidates that a successful connection and query can be made to the LDAP server.
Use LDAP Resources in Scripts
Having set up an LDAP connection, you can use it in a script as follows:
This example uses the LDAP connection with thePool Namecorporate.
import com.onresolve.scriptrunner.ldap.LdapUtil
import org.springframework.ldap.core.AttributesMapper
import javax.naming.directory.SearchControls
def cnList = LdapUtil.withTemplate('corporate') { template ->
template.search("", "(sn=Smi*)", SearchControls.SUBTREE_SCOPE, { attributes ->
attributes.get('cn').get()
} as AttributesMapper<String>)
}
// cnList now contains the list of common names of users whose surnames begin with "Smi"...
GROOVY
LdapUtil.withTemplatetakes two arguments:
The name of the connection as defined by you in thePool Nameparameter when adding the connection (in this examplecorporate),
Seespring ldapfor more information on querying. Where the documentation refers to anLdapTemplate, this is equivalent to the above-mentionedLdapOperations.