ldaplist
Table of contents
This function is only available in CFEngine Enterprise.
Prototype: ldaplist(uri, dn, filter, record, scope, security)
Return type: slist
The return value is cached.
Description: Returns a list with all named values from multiple ldap records.
This function retrieves a single field from all matching LDAP records identified by the search parameters.
Arguments:
uri:string- URI - in the range:.*dn:string- Distinguished name - in the range:.*filter:string- Filter - in the range:.*record:string- Record name - in the range:.*scope: - Search scope policy - one ofsubtreeonelevelbase
security: - Security level - one ofnonesslsasl
dn specifies the distinguished name, an ldap formatted name built from
components, e.g. "dc=cfengine,dc=com". filter is an ldap search, e.g.
"(sn=User)", and record is the name of the single record to be retrieved,
e.g. uid. Which security values are supported depends on machine and
server capabilities.
Example:
code
vars:
# Get all matching values for "uid" - should be a single record match
"list" slist => ldaplist(
"ldap://ldap.example.org",
"dc=cfengine,dc=com",
"(sn=User)",
"uid",
"subtree",
"none"
);