This function is only available in CFEngine Enterprise.

Prototype: regldap(uri, dn, filter, record, scope, regex, security)

Return type: boolean

The return value is cached.

Description: Returns whether the regular expression regex matches a value item in the LDAP search.

This function retrieves a single field from all matching LDAP records identified by the search parameters and compares it to the regular expression regex.


  • uri: string - URI - in the range: .*
  • dn: string - Distinguished name - in the range: .*
  • filter: string - Filter - in the range: .*
  • record: string - Record name - in the range: .*
  • scope: - Search scope policy - one of
    • subtree
    • onelevel
    • base
  • regex: regular expression - Regex to match results - in the range: .*
  • security: - Security level - one of
    • none
    • ssl
    • sasl

dn specifies the distinguished name, an ldap formatted name built from components, e.g. "dc=cfengine,dc=com". filter is an ldap search, e.g. "(sn=User)", and record is the name of the single record to be retrieved and matched against regex, e.g. uid. Which security values are supported depends on machine and server capabilities.



   "found" expression => regldap(