LDAP Source Node
Quick Reference
LDAP URL
The URL of your LDAP or Active Directory server.
ex: ldap://ldap.example.com:389 or ldaps://ldap.example.com:636
Use Credentials Username (bind DN) and password used to authenticate with the LDAP server.
Base DN
The starting point in the directory tree for your search.
ex: dc=example,dc=com
Search Filter
The filter that determines which entries to return.
ex: (objectClass=person)
Attributes
The specific fields to retrieve from each entry. Leave blank to return all attributes.
ex: cn, mail, uid
Search Scope
How deep to search from the Base DN. Default: SUBTREE (searches all levels below).
Page Size
Number of entries to fetch per request. Default: 1000.
Time Limit (ms)
Maximum time in milliseconds to wait for the search to complete. Default: 30000.
Overview
The LDAP Source node reads entries from an LDAP directory or Active Directory server and passes each matching entry as a record into your workflow. Common use cases include importing user accounts, group memberships, and device records from a corporate directory.
The node runs the search once and stops when all matching entries have been read.
Configuration
| Field | Description | Required | Default |
|---|---|---|---|
| LDAP URL | The address of your LDAP server. Use ldap:// for unencrypted connections or ldaps:// for SSL. Include the port (commonly 389 for LDAP, 636 for LDAPS). | Yes | — |
| Use Credentials | Select or create a Username/Password credential. The username should be the full bind DN (e.g. cn=readonly,dc=example,dc=com). Leave blank to attempt an anonymous bind. | No | — |
| Base DN | The location in the directory tree where the search starts (e.g. ou=Users,dc=example,dc=com). All results will be within this subtree. | Yes | — |
| Search Filter | Defines which entries to return. For example, (objectClass=person) returns all person entries. (objectClass=*) returns everything. | Yes | — |
| Attributes | A comma-separated list of attribute names to include in the results (e.g. cn, mail, uid). Leave blank to return all available attributes. | No | — |
| Search Scope | Controls how deep to search from the Base DN. SUBTREE searches all levels (most common). ONELEVEL searches only direct children. OBJECT returns only the Base DN entry itself. | No | SUBTREE |
| Page Size | How many entries to retrieve per request. Reduce this if the server rejects requests for being too large. | No | 1000 |
| Time Limit (ms) | Maximum time in milliseconds allowed for the search operation before it times out. | No | 30000 |
Search Scope Options
| Scope | Description |
|---|---|
SUBTREE | Search the Base DN and all entries below it (full recursive search) |
ONELEVEL | Search only the direct children of the Base DN |
OBJECT | Return only the Base DN entry itself |
Output Format
Each LDAP entry is output as a record where each key is an attribute name. Single-valued attributes appear as a string; multi-valued attributes appear as a list of strings.
Related Nodes
- JDBC Sink: Write directory entries to a relational database
- Kafka Sink: Stream entries to a Kafka topic