Skip to Content

LDAP Modify Entry Activity

Introduction

An LDAP Modify Entry activity modifies entries in an LDAP endpoint and is intended to be used as a target to consume data in an operation. After configuring an LDAP connection, you can configure as many LDAP activities as you like for each LDAP connection.

Create an LDAP Activity

An instance of an activity is created from a connection using an activity type.

To create an instance of an activity, drag the activity type to the design canvas or copy the activity type and paste it on the design canvas. For details, see Creating an Activity Instance in Component Reuse.

An existing activity can be edited from these locations:

Configure an LDAP Modify Entry Activity

Follow these steps to configure an LDAP Modify Entry activity:

Step 1: Enter a Name and Specify Settings

LDAP Modify Entry Activity Configuration Step 1

  • Name: Enter a name to use to identify the LDAP Modify Entry activity. The name must be unique for each LDAP Modify Entry activity and must not contain forward slashes (/) or colons (:).

  • Operation: Specify the way in which to modify the entry, one of Add_Attribute, Remove_Attribute, or Replace_Attribute:

    • Add_Attribute: Add an attribute and values to an entry.

    • Remove_Attribute: Remove an attribute and values from an entry.

    • Replace_Attribute: Replace existing values in an entry.

  • Select Object Class: This section displays structural object classes available in the LDAP endpoint. When reopening an existing activity configuration, only the selected object class is displayed instead of reloading the entire object class list.

    • Selected Object Class: After an object class is selected, it is listed here.

    • Search: Enter any part of the object class name into the search box to filter the list of object classes. The search is not case-sensitive. If object classes are already displayed within the table, the table results are filtered in real time with each keystroke. To reload object classes from the endpoint when searching, enter search criteria and then refresh, as described below.

    • Refresh: Click the refresh icon Refresh icon or the word Refresh to reload object classes from the LDAP endpoint. This may be useful if you have recently added object classes to the LDAP endpoint. This action refreshes all metadata used to build the table of object classes displayed in the configuration.

    • Selecting an Object Class: Within the table, click anywhere on a row to select an object class. Only one object class can be selected. The information available for each object class is fetched from the LDAP endpoint:

      • Name: The object class name from the LDAP endpoint.
      • Description: The object class description from the LDAP endpoint.

    Tip

    If the table does not populate with available object classes, the LDAP connection may not be successful. Ensure you are connected by reopening the connection and retesting the credentials.

  • Continue on Error: Select to continue the activity execution if an error is encountered for a dataset in a batch request. If any errors are encountered, they are written to the operation log.

  • Save & Exit: If enabled, click to save the configuration for this step and close the activity configuration.

  • Next: Click to temporarily store the configuration for this step and continue to the next step. The configuration will not be saved until you click the Finished button on the last step.

  • Discard Changes: After making changes, click to close the configuration without saving changes made to any step. A message asks you to confirm that you want to discard changes.

Step 2: Review the Data Schemas

LDAP Modify Entry Activity Configuration Step 2

  • Data Schema: The request and response data schemas for LDAP are displayed. If the operation uses a transformation, the data schemas are displayed again later during the transformation mapping process, where you can map to target fields using source objects, scripts, variables, custom values, and more.

    The LDAP connector uses the Apache Directory LDAP API version 1.0.1. This API supports all types of LDAP servers, not just ApacheDS. Refer to the Apache LDAP API 1.0.1 Documentation and documentation on the specific LDAP server for information on the schema fields.

    These are the schema fields shown in the example screenshot above:

    • Request:

      Request Schema Field/Node Notes
      json The format of the request schema
      modifyEntry-request The Directory Services Markup Language (DSML) request
      request The request to the LDAP server
      item A request item
      dn The distinguished name representing a position in a hierarchy
      attributes Attributes of the LDAP entry
      userPassword User password
      removeAll A boolean indicating whether passwords are to be removed
      values User password values
      item The user password item
      #text Value of the user password item
    • Response:

      Response Schema Field/Node Notes
      json The format of the response schema
      modifyEntry-response The Directory Services Markup Language (DSML) response
      response The response from the LDAP server
      item The response item
      success A boolean indicating if the request was successful
      errorDetails The error details
      errorMsg An error message returned by the LDAP server
  • Refresh: Click the refresh icon Refresh icon or the word Refresh to regenerate schemas from the LDAP endpoint. This action also regenerates the schema in other locations throughout the project where the same schema is referenced, such as in an adjacent transformation.

  • Back: Click to temporarily store the configuration for this step and return to the previous step.

  • Finished: Click to save the configuration for all steps and close the activity configuration.

  • Discard Changes: After making changes, click to close the configuration without saving changes made to any step. A message asks you to confirm that you want to discard changes.

Next Steps

After configuring an LDAP Modify Entry activity, complete the configuration of the operation by adding and configuring other activities, transformations, or scripts as operation steps. You can also configure an operation's operation settings, which include the ability to chain operations together that are in the same or different workflows.

After an LDAP activity has been created, menu actions for that activity are accessible from the project pane in either the Workflows or the Components tabs, and from the design canvas. See Activity Actions Menu for details.

LDAP Modify Entry activities can be used as a target with these operation patterns:

Other patterns are not valid using LDAP Modify Entry activities. See the validation patterns on the Operation Validity page.

A typical use case is to use an LDAP Modify Entry activity in the Two-transformation Pattern. In this example, the first transformation (LDAP Modify Entry Request) creates a request structure that is passed to the LDAP Modify Entry activity. The second transformation (LDAP Modify Entry Response) receives the response structure, which is then written to a variable by a Variable Write activity (Write LDAP Modify Entry Response) and a message is then logged by the Write to Operation Log script:

LDAP Modify Entry operation

To use the activity with scripting functions, write the data to a temporary location and then use that temporary location in the scripting function.

When ready, deploy and run the operation and validate behavior by checking the operation logs.