Skip to main content

LDAP Source Connector

The LDAP source connector lets DataSync retrieve data from LDAP (Lightweight Directory Access Protocol) server and load it into your data warehouse. It supports both unencrypted connections and secure connections over TLS/SSL. Once your source connection is ready, configure your destination connection to finish the setup.

important

The LDAP connector supports only the Truncate and Load option for running extractions.

Create the source connection in DataSync

  1. Log in to DataSync.
  2. From the welcome screen, select Connections.
  3. Next to Source Connections, click New.
  4. Select LDAP.
  5. Enter all required connection properties.
  6. (Optional) In the Additional Connection Properties panel, click Add property and enter any extra parameters you need.
  7. Configure the advanced settings to match your environment, including Tracking Type.
  8. Click Save.

Connection properties

PropertyWhat to enter
DescriptionUnique name for the connection. Example: LDAP.
ServerDomain name of the LDAP server, without the LDAP:// prefix. Example: ldapserver.mydomain.local.
PortPort the LDAP server is running on. Default: 389. If you enable Enable LDAP over TLS/SSL, use port 636 instead.
Enable LDAP over TLS/SSLSecures the connection using TLS/SSL encryption.
UsernameLogin account in domain format. Example: DOMAIN\\jdoe.
PasswordPassword for this account.
Search baseBase distinguished name (DN) for queries. Set to the root directory or a specific subtree. Example: DC=mydomain,DC=local or OU=Users,OU=Canada,DC=mydomain,DC=local.
Maximum number of recordsMaximum number of records returned. Set to -1 for no limit.
ScopeDepth of the directory search.
  • Whole Subtree searches the base and all descendants. This is the default.
  • Single Level searches the base and direct descendants only.
  • Base Object searches the root of the search base only.
TimeoutTime in seconds to wait before a connection attempt or query execution times out.
Follow ReferralsFollows referrals returned by the LDAP server to retrieve data from other directory partitions.
Friendly GUIDControls how GUID attributes such as objectGUID are returned. When enabled, values are returned as readable strings. Example: 708d9374-d64a-49b2-97ea-489ddc717703. When disabled, values are returned as base64-encoded strings.
Friendly SIDControls how SID attributes such as objectSID are returned. When enabled, values are returned as readable strings. Example: S-1-5-21-4272240814-246508344-1325542772-12464. When disabled, values are returned as base64-encoded strings.
VerbosityControls how much detail the connector writes to the log. Each level includes everything from the level below it, plus additional detail.

  • 1 logs queries, row counts, execution start and end times, and errors.
  • 2 adds cache queries and HTTP headers.
  • 3 adds request and response bodies.
  • 4 adds transport-level communication.
  • 5 adds all interface commands.
Enable PoolingEnables connection pooling, which keeps a set of database connections open and reuses them across extractions instead of opening a new connection each time. This reduces overhead and improves performance when multiple extractions run at the same time.
Pool idle timeoutTime in seconds a connection can stay idle before returning to the pool.
Max Pool SizeMaximum number of connections allowed in the pool at the same time.
Pool wait timeTime in seconds DataSync waits for an available connection before throwing an error.

Additional connection properties

Use this panel to enter connection string properties not available in the Connection Properties panel. For sensitive values such as passwords, set the type to Encrypted. The value is hidden in the interface and stored encrypted in the back end.

PropertyWhat to enter
SSLServerCertCertificate used to validate the TLS/SSL connection. If not specified, any certificate trusted by the machine is accepted. Accepted formats:
  • PEM certificate: -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----
  • File path: C:\cert.cer
  • Public key: -----BEGIN RSA PUBLIC KEY----- ... -----END RSA PUBLIC KEY-----
  • MD5 thumbprint: ecadbdda5a1529c58a1e9e09828d70e4
  • SHA1 thumbprint: 34a929226ae0819f2ec14b4a3d904f801cbb150d
AuthMechanismAuthentication mechanism used for the connection.
  • SIMPLE for standard plain text authentication. This is the default.
  • DIGESTMD5 for challenge and response authentication.
  • NEGOTIATE for NTLM authentication.

Advanced settings

These settings control how the connector tracks data changes, handles time and regional configuration, and processes records during extraction. Configure them to match your LDAP environment so that results stay accurate and consistent.

SettingWhat to select
Batch SizeNumber of records processed per batch during extraction. Larger batches can improve performance but use more memory. Default is 2000, maximum is 10000. Adjust based on your network speed and disk performance. The default works well in most cases.

Example setup

LDAP source connection in DataSync
Completed LDAP source connection in DataSync, with all properties and settings filled in.