Actions3
Overview
This node performs LDAP queries on an Active Directory server, supporting both manual LDAP filters and natural language queries converted to LDAP filters using OpenAI's API. It is useful for retrieving user or object information from an LDAP directory, creating new users, or moving objects between organizational units. For example, it can find users by department or create a new user with specified attributes.
Use Case Examples
- Query LDAP using a manual filter to find all persons with a specific attribute.
- Use natural language to find a user by name and department, leveraging AI to generate the LDAP filter.
- Create a new user in a specified organizational unit with given attributes.
- Move an LDAP object to a different organizational unit.
Properties
| Name | Meaning |
|---|---|
| Query Mode | Selects whether to use natural language queries (requires OpenAI API) or manual LDAP filters for the query. |
| Natural Language Query | The natural language query string to be converted into an LDAP filter (required if Query Mode is Natural Language). |
| Manual Search Filter | The LDAP search filter string to use directly (required if Query Mode is Manual). |
| Search Base | The base distinguished name (DN) in the LDAP directory from which to start the search. |
| Attributes (comma separated) | Comma-separated list of LDAP attributes to retrieve for each entry. |
| AI System Prompt | The prompt sent to OpenAI to guide the conversion of natural language queries into LDAP filters (used only in Natural Language mode). |
| Page Size | Maximum number of results to return per page. |
| Query Timeout (seconds) | Maximum time to wait for LDAP query results, between 1 and 300 seconds. |
| Disable Certificate Validation | If enabled, disables SSL/TLS certificate verification (not recommended for production). |
Output
JSON
results- Array of LDAP query results or operation outcomes.note- Optional note or additional information returned from the query operation.
Dependencies
- LDAP server credentials (URL, bind DN, password)
- OpenAI API key (required for natural language query mode)
Troubleshooting
- LDAP Authentication Failed (Error 80090308): Indicates invalid credentials or authentication method. Verify bind DN format, password correctness, account status, permissions, and domain controller reachability.
- LDAP Authentication Failed (Data 52e): Indicates invalid credentials. Check username/password, account status, and authentication method.
- LDAP Connection Failed (ECONNREFUSED or ENOTFOUND): Cannot reach LDAP server. Verify server URL, port accessibility, network/firewall settings, and DNS resolution.
- LDAP Operation Timeout: Query took too long. Increase timeout, refine search filters, reduce page size, or check network latency.