LDAPClient data type is a GeneXus type that allows connecting to LDAP servers. It can be used to authenticate users or retrieve attributes under a specified context.
Creates the connection to the LDAP server at the specified host and port, using the specified authentication method. Optionally if the user and password are specified, they will be used to create the connection.
&ret = &LDAPCliente.Connect()
Numeric: 1 means it successfully connected, 0 means it could not connect to the server.
&ldapClient.Host = 'myServer'
&ldapClient.Port = 389
&ldapClient.AuthenticationMethod = 'simple'
&ldapClient.User = 'myUser'
&ldapClient.Password = 'myPassword'
&ret = &ldapClient.Connect()
Terminates the connection with the server.
Through this method, the queues to the LDAP directory are achieved. It returns the values of the AttName attribute, which is defined by the context (related to the domain or one of its branches) and fulfills the filters set by Properties.
&LDAPClient.GetAttribute( AttName, context, properties )
Is the name of the attribute
Is a string
Properties data type.
Returns the values of the "AttName" attribute defined by a context and a set of attributes.
&MatchAtts -> Properties data type
&MatchAtts .set("uid", "John")
for &auxString in &ldapClient.GetAttribute("mail", "ou=People, o=myserver", &MatchAtts)
See Properties Data Type.
- Java: Information about SASL Authentication: http://java.sun.com/products/jndi/tutorial/ldap/security/sasl.html.
- Java: For information about LDAP Authentication, see: http://java.sun.com/products/jndi/tutorial/ldap/security/auth.html
- Java: To use the LDAPClient data type in Java, Sun Virtual Machine must be used.
- Java: Microsoft Virtual Machine does not have native support for it. However, it is possible to use LDAPClient (*just authenticate users) with Microsoft VM, if JNDI 1.1.2 is downloaded (JNDI 1.1.2 Class Libraries, LDAP Service Provider, 1.0.3) (http://java.sun.com/products/jndi/downloads/index.html). After that, jndi.jar, ldap.jar, providerutil.jar must be added to the classpath. When using Microsoft VM, it is possible to authenticate users but it is not possible to retrieve attributes.
- When specifying a context (when retrieving attributes, for example) it is important to take into account that contexts are different depending on the directory tree structure and depending on the LDAP. For example, when using Netscape Server a possible context could be:
uid = John, ou = People, dc = myCompany, dc = com
When using Active Directory an example could be:
cn = John, ou = Users , dc = myCompany, dc = com
So it is very important to know that the context being used matches the server's directory tree structure in order to get correct results.