Moving from LDAP to LDAPS for loading User Data in... - Qlik Community

mg_gsi_da · ‎2021-06-07

Hi,

I'm using a OLE DB data connection to retrieve User data from Windows AD. See below example. Now Microsoft announces the withdraw of LDAP and move to LDAPS.

How to change our connections and scripts?

This setup works well for LDAP

I already tried changing the Address in the data connection to

LDAPS://hostname:636

This also establishs a working connection.

In our app we use the following script to pull the data:

LIB CONNECT TO 'AD-Connector'

Load
*
,'ACTIVE' as UserFlag
,cn as name
,sAMAccountName as "userid"
,'group' as "type"
,'$(vGroupName)' as "value";
SQL SELECT distinguishedName,cn,displayName,sAMAccountName,objectCategory,objectClass,mail,department FROM 'LDAP://hostname'
WHERE memberOf='cn=$(vGroupName),ou=xxx_yy,ou=vvv_ww,dc=campus,dc=xxx,dc=de' and 'userAccountControl:1.2.840.113556.1.4.803:'<>2;

Now the questions:

Is it sufficient to only change the address in the Data Connection called 'AD-Connector' to LDAPS://hostname:636? And keep the SQL statement as is.
If not, how to change the address in the SQL Select statement marked in red? I already tried to change this the same way as in the Data Connection above but it does not work (Connector reply error, without further details)

Any help is welcome

amitghaste · ‎2023-09-27

This is more for anyone else who stumbles into this.

The LDAP data connection should be changed to LDAPS:/host-name:port as specified by your IT.

note the user-id and password should be empty, and if you have a current connection with one, just create a new

one without the user id and password.

The SQL should preferably the OUs for that LDAP, check with your LDAP admin for the value

for ex:
SELECT
SAMAccountName
From 'LDAP://OU=ID Users,DC=corp,DC=comp,DC=test'

it can also remain just LDAP://server-name as well, but check with your LDAP admin

Moving from LDAP to LDAPS for loading User Data into an app

Data Prep