| layout | page_title | sidebar_current | description |
|---|---|---|---|
ldap |
LDAP: ldap_query |
docs-ldap-datasource-query |
LDAP query data source. |
Data source for querying LDAP for one or more objects.
The following example return the email address of all developers in a particular group named "org1".
data "ldap_query" "org1" {
base_dn = "dc=acme,dc=com"
filter = "(&(objectClass=inetOrgPerson)(memberOf=cn=developers,ou=org1,ou=pcf,dc=example,dc=org))(mail=callison@example.org))"
attributes = [ "mail", "givenName", "sn" ]
}
index_attribute = "mail"
}This is equivalent to the following query using the ldapsearch cli.
ldapsearch -x -H ldap://myldapserver:389 \
-D "<bind DN>" -w "<bind password>" \
-b "dc=example,dc=org" \
"(&(objectClass=inetOrgPerson)(memberOf=cn=developers,ou=org1,ou=pcf,dc=example,dc=org)(mail=callison@example.org))"base_dn- (Required, String) The base DN for the queryfilter- (Required, String) The LDAP search query filter.
The following arguments declare how the results should be exported so they can be referenced via interpolation.
attributes- (Required, List) The list of the LDAP attributes to be retrieved.index_attribute- (Required, String) The LDAP attribute to use to populate theresultsattribute with. The value of this attribute can be used as the key to lookup a LDAP query result record and its attributes.
The following attributes are exported:
results- A list of the values of theindex_attributefor all entries returned by the query. For example if theindex_attributewas the LDAPmailattribute then all the email addresses returned as a result of the LDAP query will be exported via this resource attribute.results_attr- A map of the LDAP results keyed by the attribute name identified by<index_attribute_value>/<attribute name>. If additional LDAP attributes were requested then their values may be retrieved by looking up this map using the value of theindex_attribute(i.e.<index_attribute_value>) and the LDAP attribute name.