# LDAP

### Connecting to LDAP <a href="#connecting-to-ldap" id="connecting-to-ldap"></a>

The connector for the LDAP supports connecting to LDAP server objects. To connect, set the required properties.

#### Required Properties <a href="#required-properties" id="required-properties"></a>

* Server: The domain name or IP of the LDAP server.
* Port: The port setting defaults to port=389. Specifying the port to a different setting is optional.
* BaseDN: This property is used for limiting results to specific subtrees. Specifying a narrow BaseDN (Base Distinguished Name) may greatly increase performance. For example, a value of cn=users,dc=domain only returns results contained within cn=users and its children.

#### Optional Properties <a href="#optional-properties" id="optional-properties"></a>

Optional properties can be used to further refine control of the returned results.

* FollowReferrals: This property follows referrals when TRUE. The returned response then becomes read only. To modify data returned by a referral server, open a new connection to the server by specifying server and port.
* Scope: This property enables more control over the search depth of the LDAP tree, starting with BaseDN. Limiting the Scope can greatly improve search performance. Set the Scope to one of the following values:
  * WholeSubtree: Limit the scope of the search to the BaseDN and all of its descendants.
  * SingleLevel: Limit the scope of the search to the BaseDN and its direct descendants.
  * BaseObject: Limit the scope of the search to the base object only.
* LDAPVersion: The LDAP version used to connect to and communicate with the server. Set this property to 2.

### Authenticating to LDAP <a href="#authenticating-to-ldap" id="authenticating-to-ldap"></a>

To authenticate requests, set the User and Password properties to valid LDAP credentials. For example: set User to Domain\\\BobF or cn=Bob F,ou=Employees,dc=Domain.

The AuthMechanism properties for the provider are as follows:

* SIMPLE: The default plaintext value of the authentication mechanism to login to the server.
* DIGESTMD5: Authenticates to the LDAP server using DIGESTMD5 authentication.
* NEGOTIATE: Negotiates whether to use NTLN or Kerberos when authenticating to the server.

#### SSL Configuration <a href="#ssl-configuration" id="ssl-configuration"></a>

By default, the driver uses plaintext when communicating with the server set to port=389. The driver automatically switches to use SSL when talking to the LDAP on port=636. You can force the connection to use the SSL connection property when set to SSL=TRUE.

### &#x20;<a href="#customizing-tables" id="customizing-tables"></a>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.appstrategy.com/apprules-r-documentation/platform/platform-features/system-settings/data-sources/connection-settings/services/ldap.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.