This function is only available in CFEngine Enterprise.

Prototype: ldapvalue(uri, dn, filter, record, scope, security)

Return type: string

The return value is cached.

Description: Returns the first matching named value from ldap.

This function retrieves a single field from a single LDAP record identified by the search parameters. The first matching value it taken.

Arguments:

  • uri: string - URI - in the range: .*
  • dn: string - Distinguished name - in the range: .*
  • filter: string - Filter - in the range: .*
  • record: string - Record name - in the range: .*
  • scope: - Search scope policy - one of
    • subtree
    • onelevel
    • base
  • security: - Security level - one of
    • none
    • ssl
    • sasl

dn specifies the distinguished name, an ldap formatted name built from components, e.g. "dc=cfengine,dc=com". filter is an ldap search, e.g. "(sn=User)", and record is the name of the single record to be retrieved, e.g. uid. Which security values are supported depends on machine and server capabilities.

Example:

code
vars:

   # Get the first matching value for "uid" in schema

  "value" string => ldapvalue(
                             "ldap://ldap.example.org",
                             "dc=cfengine,dc=com",
                             "(sn=User)",
                             "uid",
                             "subtree",
                             "none"
                             );