Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Contact Us
  • Home
  • API, CLI, and SDK Documentation
  • REST API Documentation
  • Connections Using REST API

LDAP Account and Group Maps Using REST API

Learn how to create account and group maps using LDAP through the DryvIQ REST API.

Written by Andrea Harvey

Updated at April 29th, 2025

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Insights
    Prebuilt Insights Custom Insights
  • Content
  • Accounts
  • Activity Log
  • Content Scans
  • Migrations
    Migration Jobs Migration Reports Maps Flagged Items Migration Tools
  • Connections
    Supported Platform Connections Creating Connections Connection Maintenance Connection Pools
  • Entity Types
    DryvIQ Available Entity Types Custom Entity Types Entity Type Maintenance
  • Action Sets
    Creating Action Sets Action Sets Maintenance
  • Settings
    License Performance Notifications Extensions Entity Types Settings Display Settings Configuration
  • API, CLI, and SDK Documentation
    REST API Documentation Command-line Interface SDK Development
  • POC Offering
  • Release Notes
+ More

Table of Contents

Overview Test LDAP Connection LDAP Configuration Options Create an Account Map Integrated to LDAP Query the LDAP Configuration for an Account or Group Map Basic Query Query by Map ID Account Map Group Map Query by Job ID Account Map Group Map Query Using Filters Create a User Job Mapping Job That Uses LDAP

Overview

Lightweight Directory Access Protocol (LDAP) is an Internet protocol used to look up data from a server. Using REST API calls, you can create an account map that integrates with LDAP. You can also query DryvIQ to return the LDAP configuration being used for an account map.

Test LDAP Connection

Use the following call to test the LDAP Connection. Replace the values with the information relevant to your server. This should return a status of 200 when a successful connection is made.

POST {{url}}v1/ldap/test
{
  "auth_type": "anonymous",
  "dn": "string",
  "name": "string",
  "password": "string",
  "port": 0,
  "ssl": true,
  "username": "string"
}

LDAP Configuration Options

Below are the available configuration options for LDAP. The following sections provide examples of how to use the information to create an account map and query it to find an existing account map.

Field Type Description Example
Security Map Features
ldap Boolean This field indicates if LDAP is being used. true
LDAP Server Definitions
name String This field identifies the DNS name or IP address for the LDAP server. This is a required field. xx.xx.x.xxx
port Integer This is the port number that should be used if other than 389 (the default).
If you are using SSL set to true, the default port is 636.		 636
dn String

This is the location within AD where you want to search for users. It is optional if you are using the DNS name for the server name rather than the IP Address. (The default should be good.)

  • OU=Organizational Units. You can have multiple OUs, they can be comma separated. OU are containers for users or groups; think of them as folders.
  • DC= Domain Controller. For each dot, you need additional DC.

dc=internal,dc=string,dc=com

 

ou=accounts,dc=internal,dc=string,dc=com
username String This field identifies the username that needs to be used to log on to the server. domain\\joe_user
password String This is the password for the above username. Pa$$w0RdValu3
ssl Booloean Indicates if the LDAP server uses SSL for the connection true
LDAP Search Definitions
server LdapServerDefinition LDAP server name.  
filter String This is the filter that should be applied when requesting users from LDAP.

sn=smith
(filters users whose surname is smith)

 

mapid=5f55f55fff5555f5f5f555ff55555555
(filters by map with the specified ID)

 

jobid=1111111111a11a11111aa1aa11a11111
(filters by job with the specified ID)
account_exclusion_pattern String This field is used to exclude specific accounts based on values in the account name (sAMAccountName). Exclusions are indicated using wild-card patterns. Multiple values must be separated by a semicolon ( ; ). admin
(Excludes accounts that include “admin” in the account name.)

Create an Account Map Integrated to LDAP

The example code below creates a one-to-one matching map from the LDAP server for the connections. Replace the server and connection ID values with those applicable to your server and the connection IDs with the IDs assigned to the connections you are using.

POST {{url}}v1/account_maps
{
  "name":"name assigned to the map you are creating",
  "type": "account_map",
  "unmapped_policy": "warn",
   "map_by": {
        "ldap": true,
        "email": true
    },
    "ldap": {
        "server": {
            "name": "00.00.0.00",
            "username": "domain\\user",
            "password": "password"
        }
   },
   "source": {
        "connection": {
            "id": "connection ID"
        }
   },
   "destination": {
        "connection": {
            "id": "connection ID"
        }
   }
}

Query the LDAP Configuration for an Account or Group Map

The example code below shows how to query to return the LDAP configuration being used for an account map.

Basic Query

The example code below is a basic query to view the LDAP configurations being used for an account map.

GET {{url}}v1/ldap/query/accounts

The example code below is a basic query to view the LDAP configurations being used for a group map.

GET {{url}}v1/ldap/query/groups

Query by Map ID

The example code below shows a query to view the LDAP configuration used for a specific account map or group map.

Account Map

GET {{url}}v1/ldap/query/accounts?mapid=5f55f55fff5555f5f5f555ff55555555

Group Map

GET {{url}}v1/ldap/query/groups?mapid=5f55f55fff5555f5f5f555ff55555555

Query by Job ID

The example code below shows a query to view the LDAP configuration used for a specific account map or group map in a particular job.

Account Map

GET {{url}}v1/ldap/query/accounts?jobid=1111111111a11a11111aa1aa11a11111

Group Map

GET {{url}}v1/ldap/query/groups?jobid=1111111111a11a11111aa1aa11a11111

Query Using Filters

The example below shows a query that uses a filter for the surname. Substitute additional filters as needed.

POST: {{url}}v1/ldap/query/accounts
{
	"filter": "(sn=smith)",
	"server": {
		"name": "ldap server IP/DNS name",
		"port": "636",
		"username": "domain\\user",
		"password": "password",
		"dn": "DC=internal,DC=string,DC=com",
		"SSL": "true"
	}
}

Create a User Job Mapping Job That Uses LDAP

When you want to use LDAP with a User Job Mapping job, you have to create the LDAP map when creating the job. This must be done through the REST API; LDAP mappings cannot be made through the user interface currently. Example code is provided below to show how you can add the LDAP map information to the CREATE job call.

POST: {{url}}v1/jobs
{
    "name": "User Job Mapping Job",
    "kind": "personal_drive",
    "transfer": {
        "audit_level": "trace",
        "transfer_type": "copy",
        "source": {
            "connection": {
                "id": "31de9f3f875247968cf9b4c685334111"
            }
        },
        "destination": {
            "connection": {
                "id": "e065f176b3014b34b3f2dd12f307a006"
            },
            "target": {
                "path": "/"
            }
        },
        "schedule": {
            "mode": "manual"
        }
    },
    "schedule": {
        "mode": "manual"
    },
    "convention": {
        "match": "ldap",
        "users": "ldap",
        "map_by": {
            "email": true
        },
        "path_conventions": [
            {
                "source": "/"
            },
            {
                "destination": "/"
            }
        ],
        "account_map": {
            "name": "LDAP Map",
            "type": "account_map",
            "unmapped_policy": "warn",
            "map_by": {
                "ldap": true,
                "email": true
            },
            "ldap": {
                "server": {
                    "name": "00.00.0.00",
                    "username": "nfs\\username",
                    "password": "password",
                    "dn": "DC=nfs,dc=local"
                },
                "attributes": {
                    "home_directory": "homeDirectory"
                }
            },
            "source": {
                "connection": {
                    "id": "31de9f3f875247968cf9b4c685334111"
                }
            },
            "destination": {
                "connection": {
                    "id": "e065f176b3014b34b3f2dd12f307a006"
                }
            }
        },
        "type": "personal_drive"
    }
}

 

ldap mapping ldap mapping account group rest api api

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Connection Management Using REST API
  • Connection Pools Using REST API
  • Configuring the SMTP Server Using REST API

Copyright 2025 – DryvIQ, Inc.

Knowledge Base Software powered by Helpjuice

Expand