regldap
This function is only available in CFEngine Enterprise.
Prototype: regldap(uri, dn, filter, record, scope, regex, security)
Return type: boolean
The return value is cached.
Description: Returns whether the regular expression regex
matches a
value item in the LDAP search.
This function retrieves a single field from all matching LDAP records
identified by the search parameters and compares it to the regular
expression regex
.
Arguments:
uri
:string
- URI - in the range:.*
dn
:string
- Distinguished name - in the range:.*
filter
:string
- Filter - in the range:.*
record
:string
- Record name - in the range:.*
scope
: - Search scope policy - one ofsubtree
onelevel
base
regex
: regular expression - Regex to match results - in the range:.*
security
: - Security level - one ofnone
ssl
sasl
dn
specifies the distinguished name, an ldap formatted name built from
components, e.g. "dc=cfengine,dc=com". filter
is an ldap search, e.g.
"(sn=User)", and record
is the name of the single record to be retrieved
and matched against regex
, e.g. uid
. Which security
values are supported
depends on machine and server capabilities.
Example:
classes:
"found" expression => regldap(
"ldap://ldap.example.org",
"dc=cfengine,dc=com",
"(sn=User)",
"uid",
"subtree",
"jon.*",
"none"
);