Skip to main content
Announcements
Qlik Connect 2025: 3 days of full immersion in data, analytics, and AI. May 13-15 | Orlando, FL: Learn More
cancel
Showing results for 
Search instead for 
Did you mean: 
mg_gsi_da
Creator
Creator

Moving from LDAP to LDAPS for loading User Data into an app

Hi,

I'm using a OLE DB data connection to retrieve User data from Windows AD. See below example. Now Microsoft announces the withdraw of LDAP and move to LDAPS.

How to change our connections and scripts?

 

This setup works well for LDAP

mg_gsi_da_0-1623063071965.png

mg_gsi_da_1-1623063163929.png

I already tried changing the Address in the data connection to

LDAPS://hostname:636

This also establishs a working connection.

 

In our app we use the following script to pull the data:

 

LIB CONNECT TO 'AD-Connector'

Load
*
,'ACTIVE' as UserFlag
,cn as name
,sAMAccountName as "userid"
,'group' as "type"
,'$(vGroupName)' as "value";
SQL SELECT distinguishedName,cn,displayName,sAMAccountName,objectCategory,objectClass,mail,department FROM 'LDAP://hostname'
WHERE memberOf='cn=$(vGroupName),ou=xxx_yy,ou=vvv_ww,dc=campus,dc=xxx,dc=de' and 'userAccountControl:1.2.840.113556.1.4.803:'<>2;

 

Now the questions:

  1. Is it sufficient to only change the address in the Data Connection called 'AD-Connector' to LDAPS://hostname:636? And keep the SQL statement as is.
  2. If not, how to change the address in the SQL Select statement marked in red? I already tried to change this the same way as in the Data Connection above but it does not work (Connector reply error, without further details)

 

Any help is welcome

Labels (1)
1 Reply
amitghaste
Contributor II
Contributor II

This is more for anyone else who stumbles into this.

The LDAP data connection should be changed to LDAPS:/host-name:port as specified by your IT.

note the user-id and password should be empty, and if you have a current connection with one, just create a new

one without the user id and password.


The SQL should preferably the OUs for that LDAP, check with your LDAP admin for the value

for ex:
SELECT
SAMAccountName
From 'LDAP://OU=ID Users,DC=corp,DC=comp,DC=test'

it can also remain just LDAP://server-name as well, but check with your LDAP admin