COZYROC LDAP components, part of COZYROC SSIS+ suite since 2017, are third-party plug-ins for Microsoft SSIS that make it easy to integrate and migrate Microsoft Active Directory / LDAP data. You can use any application, service or database supported by SQL Server Integration Services (SSIS) or COZYROC’s toolkit as the source or destination for LDAP. The toolkit is easy to use and follows the same guidelines and principles used by the standard out-of-the-box SSIS components. In addition, COZYROC also provides short and informative demonstration videos, providing step-by-step instructions on how to get started.
The LDAP integration package consists of:
- LDAP Connection Manager
- Stores the credentials and functionality for connecting to LDAP server.
- Well documented API for use by user-defined scripts.
- LDAP Source component
- Retrieves data from LDAP object.
- Ability to specify a filter clause.
- The source can be dynamically modified at runtime using an SSIS expression.
- LDAP Destination component
- Inserts or updates data in LDAP object.
- Supports three object actions: Create, Update or Delete
- Provides information about records with errors.
- Reusable scripts
- Unique technology which allows user-defined reusable scripts for additional LDAP integration scenarios.
Overview
LDAP Connection Manager is SSIS Connection Manager for establishing LDAP / Active Directory connections. Use the API to build components based on LDAP Connection Manager.
Quick Start
In this section we will show you how to set up an LDAP Connection Manager to access your LDAP Server.
Parameters
Server
Use the Server page of the LDAP Connection Manager dialog to specify properties for connecting to LDAP service.
- Test Connection
- Confirm connection manager configuration by clicking Test Connection.
Specify the name or IP address of the LDAP server.
Specify the port number on the LDAP server to use for the connection. The default value of this property is 389.
Specify user name to access LDAP.
Specify password to access LDAP.
Specify the number of seconds before timing out session connect. The default value of this property is 100 seconds.
Specify if all clients should use the same connection. This property has the options listed in the following table.
Value Description True All clients use same connection (default). False Every client use different connection.
Advanced
Use the Advanced page of the LDAP Connection Manager dialog to to specify additional properties if your server configuration is different from the default.
Specify authentication type. This parameter has the options listed in the following table.
Value Description Anonymous Indicates that the connection should be made without passing credentials. Basic Indicates that basic authentication should be used on the connection. Digest Indicates that the Digest Access Authentication should be used on the connection. Dpa Indicates that Distributed Password Authentication (DPA) should be used on the connection. External Indicates an external method will be used to authenticate the connection. Kerberos Indicates that Kerberos authentication should be used on the connection. Msn Indicates that it is authenticated by “Microsoft Network Authentication Service”. Negotiate Indicates that Microsoft Negotiate authentication should be used on the connection. This is the default option. Ntlm Indicates that Windows NT Challenge/Response (NTLM) authentication should be used on the connection. Sicily Indicates a negotiation mechanism (Sicily) will be used to choose MSN, DPA or NTLM. This should be used for LDAPv2 servers only.
Knowledge Base
- Where can I find the documentation for the LDAP Connection?
- Error Message: The connection type "xxxx" specified for connection manager "xxxx" is not recognized as a valid connection manager type. This error is returned when an attempt is made to create a connection manager for an unknown connection type. Check the spelling in the connection type name.
What's New
- New: Attributes from auxiliary classes (sAMAccountName, etc) are now included.
- New: Enhancements for compatibility with LDAP servers hosted on Linux.
- New: Introduced connection.
Related documentation
Overview
LDAP Source Component is an SSIS Data Flow Component for consuming data from the LDAP Service. The configuration parameters are provided in the standard Data Flow Component dialogs.
Parameters
Configuration
Use the parameters below to configure the component.
Select an existing LDAP connection manager.
Related Topics: LDAP Connection Manager
Specify the number of rows to be retrieved as a batch.
Select the source LDAP object.
Specify LDAP filter clause. Optional.
The distinguished name of the object at which to start the search.
Knowledge Base
- Where can I find the documentation for the LDAP Source?
- Error message: LDAP Source error: Failed to process {...} for column {Column Name}
- When I'm querying the object Security Principal while using LDAP Source, how can I return the sAMAccountName?
- LDAP Source: How to modify the filter dynamically at runtime
- LDAP Source: How to modify the source object dynamically at runtime
What's New
- New: A new parameter SearchBase.
- New: Introduced component.
Related documentation
Overview
The LDAP Destination Component is an SSIS Data Flow Component for loading data into an LDAP object. The configuration parameters are provided in the standard Data Flow Component dialogs.
Parameters
Configuration
Use the parameters below to configure the component.
Select an existing LDAP connection manager.
Related Topics: LDAP Connection Manager
Select destination object action. This property has the options listed in the following table.
Action Description Create Create new instance in the destination LDAP object. Update Update existing instance in the destination LDAP object. Delete Delete existing instance from the destination LDAP object. After action change, you have to use Refresh command in the 'Column Mappings' tab to reload destination page metadata.Specify the destination LDAP object where the data is loaded.
Specify how to handle rows with errors.
Knowledge Base
- Where can I find the documentation for the LDAP Destination?
- LDAP Destination attribute sAMAccountName for object Group is not initialized in the metadata
- LDAP Destination: How to modify a LDAP destination object dynamically at runtime
What's New
- New: Support for object rename.
- New: Support for setting user passwords.
- New: Improved error reporting.
- Fixed: Update action failed with error "A value in the request is invalid." (Thank you, Doug).
- New: Introduced component.
Related documentation
Overview
These public interfaces are used in LDAP components. They are provided for implementing advanced functionality in your scripts. In order for you to use these interfaces in your project, you have to reference CozyRoc.SSISPlus.dll and System.DirectoryServices.Protocols libraries. Also include CozyRoc.SqlServer.SSIS and System.DirectoryServices.Protocols namespaces.
IConnection
When you call LDAP Connection Manager AcquireConnection method, it returns object implementing IConnection interface. This is the interface used for interaction with LDAP service.
Methods
Connects to LDAP service. The method result is LdapConnection object.
Closes the connection to LDAP service. Use always after you finish working with the service.
Returns true if connected to the service.
Gets objects list .
Get object used to manipulate LDAP object. The method returns IObject object. These are the method parameters:
- name (string) - object name.
Returns IEnumerable access to LDAP data, using paged processing. These are the method parameters:
- request (object) - SearchRequest object.
- batchSize (int) - page size.
Properties
Specify the name or IP address of the LDAP server.
Specify user name to access the LDAP service.
Specify user password to access the LDAP service.
Specify the number of seconds before timing out session connect. The default value of this property is 100 seconds.
Specify if all clients should use the same connection. This property has the options listed in the following table.
Value | Description |
---|---|
True | All clients use same connection (default). |
False | Every client uses different connection. |
Specify authentication type. This parameter has the options listed in the following table.
Value | Description |
---|---|
0 | Indicates that the connection should be made without passing credentials. |
1 | Indicates that basic authentication should be used on the connection. |
2 | Indicates that the Digest Access Authentication should be used on the connection. |
3 | Indicates that Distributed Password Authentication (DPA) should be used on the connection. |
4 | Indicates an external method will be used to authenticate the connection. |
5 | Indicates that Kerberos authentication should be used on the connection. |
6 | Indicates that it is authenticated by “Microsoft Network Authentication Service”. |
7 | Indicates that Microsoft Negotiate authentication should be used on the connection. This is the default option. |
8 | Indicates that Windows NT Challenge/Response (NTLM) authentication should be used on the connection. |
9 | Indicates a negotiation mechanism (Sicily) will be used to choose MSN, DPA or NTLM. This should be used for LDAPv2 servers only. |
Specify protocol version.
This property is true if secure socket layer is enabled or false if it is not.
Specify to use Kerberos sealing.
Specify to use Kerberos signing.
IObject
This interface is used for LDAP object management.
Methods
Get object attributes. The method returns array of IAttribute objects.
Properties
Returns the object name.
IAttribute
This interface is used to retrieve LDAP object attribute information.
Properties
Returns attribute name.
Returns true if attribute is read-only.
Returns attribute type.
Returns attribute length.
Returns attribute precision.
Returns attribute scale.
Knowledge Base
Related documentation
LDAP Connection
- New: Attributes from auxiliary classes (sAMAccountName, etc) are now included.
- New: Enhancements for compatibility with LDAP servers hosted on Linux.
- New: Introduced connection.
LDAP Destination
- New: Support for object rename.
- New: Support for setting user passwords.
- New: Improved error reporting.
- Fixed: Update action failed with error "A value in the request is invalid." (Thank you, Doug).
- New: Introduced component.
Knowledge Base
- Where can I find the documentation for the LDAP Connection?
- Where can I find the documentation for the LDAP Destination?
- Where can I find the documentation for the LDAP Source?
- Error message: LDAP Source error: Failed to process {...} for column {Column Name}
- LDAP Destination attribute sAMAccountName for object Group is not initialized in the metadata
COZYROC SSIS+ Components Suite is free for testing in your development environment.
A licensed version can be deployed on-premises, on Azure-SSIS IR and on COZYROC Cloud.