Skip to Content

Use LDAP sources and targets in a transformation

LDAP as a source

Mapping from an LDAP Source is similar to mapping from XML, Database or any other type of source in Jitterbit. You can drag and drop from source attributes to the target. You can use conditions, multiple folders, any transformation function etc.


You can load source data from your LDAP server if you are not sure what certain attributes represent. When testing a transformation and LDAP is the target, Jitterbit does not actually write to the LDAP server. It only displays what data would be sent to the LDAP Server. To affect data in LDAP you will need to test operation or run the operation.

LDAP as a target

There are some unique characteristics to using LDAP as a target.

To explain these, it is useful to understand the functions that Harmony has available to access LDAP:

  • LDAPAdd: to add objects, attributes and values to the LDAP Server.

  • LDAPDeleteEntry: to delete entries from the directory. For example, delete a user or a computer.

  • LDAPRemove: to remove an attribute.

  • LDAPRename: to rename an entry. This is the same as the Mod RDN command.

  • LDAPReplace: to replace/update an attribute value.

These are the methods provided by the standards-based LDAP protocol. So with that, when you map to an LDAP target the following will be performed:

Every LDAP object has a unique Distinguished Name (DN). By mapping a value to the object class DN, if the object exists, Jitterbit will execute a series of LDAP Replace statements. It will perform an LDAP Add for any attributes that did not exist on the object even if the object already existed.

If the DN does not exist then Jitterbit adds the object and its mapped attributes.

You can also explicitly set the Entry Command. This will instruct Jitterbit to execute the command you specify either statically or dynamically through a formula. Entry Command include:

  • Add: to add an entry

  • Update: to replace attribute values within an entry. This is analogous to a database update, so if the DN does not exist nothing will happen.

  • Remove: to delete an entry from LDAP.


LDAP has attributes that can include multiple values. In the above example, DepartmentNumber is a multi-value attribute. For multi-valued attributes, Jitterbit lets you perform these operations:

  • Remove Attribute: If you map a value to the "Old Value" attribute only the value with this attribute will be deleted. If you don't map anything to "Old Value" all the instances of the attribute will be removed.

  • Update Attribute: Update a particular attribute. You need to specify the old value to remove.

  • Attribute Replace All: Removes all the existing attributes and replaces them with the values that have been mapped to this attribute.

If Replace All is selected, Jitterbit will not remove the old values unless there are new values to replace them. If you really want to remove all the old values and replace them with new ones — even if you are not creating any new values — you need to create a copy of the node and select Remove Attribute on the copy and Replace All on the original (or the other way around, it does not matter).

Single valued attributes, such as displayName in the above example, are more straightforward. Jitterbit only lets you perform the following operations:

  • Remove Attribute: Removes this attribute. No old value needs to be specified for single instance attributes.

  • Update Attribute: Updates the attribute and discards the old value.

When Jitterbit runs LDAP as a target, Jitterbit will execute the required LDAP commands to create/update the target. If the LDAP API reports errors these will be reported together with the modifications that were attempted.