This function is only available in CFEngine Enterprise.

Prototype: regldap(uri, dn, filter, record, scope, regex, security)

Return type: boolean

The return value is cached.

Description: Returns whether the regular expression regex matches a value item in the LDAP search.

This function retrieves a single field from all matching LDAP records identified by the search parameters and compares it to the regular expression regex.


  • uri: string, in the range: .*
  • dn: string, in the range: .*
  • filter: string, in the range: .*
  • record: string, in the range: .*
  • scope: one of
    • subtree
    • onelevel
    • base
  • regex: regular expression, in the range: .*
  • security: one of
    • none
    • ssl
    • sasl

dn specifies the distinguished name, an ldap formatted name built from components, e.g. "dc=cfengine,dc=com". filter is an ldap search, e.g. "(sn=User)", and record is the name of the single record to be retrieved and matched against regex, e.g. uid. Which security values are supported depends on machine and server capabilities.



   "found" expression => regldap(