Crate simple_ldap

Expand description

§simple-ldap

This is a high-level LDAP client library created by wrapping the rust LDAP3 clinet. This provides high-level functions that helps to interact with LDAP.

§Features

All the usual LDAP operations
Search result deserialization
Connection pooling
Streaming search with native rust Streams

§Usage

Adding simple_ldap as a dependency to your project:

cargo add simple-ldap

Most functionalities are defined on the LdapClient type. Have a look at the docs.

§Example

Examples of individual operations are scattered throughout the docs, but here’s the basic usage:

use simple_ldap::{
    LdapClient, LdapConfig,
    filter::EqFilter,
    ldap3::Scope
};
use url::Url;
use serde::Deserialize;

// A type for deserializing the search result into.
#[derive(Debug, Deserialize)]
struct User {
    uid: String,
    cn: String,
    sn: String,
}


#[tokio::main]
async fn main(){
    let ldap_config = LdapConfig {
        bind_dn: String::from("cn=manager"),
        bind_password: String::from("password"),
        ldap_url: Url::parse("ldaps://localhost:1389/dc=example,dc=com").unwrap(),
        dn_attribute: None,
        connection_settings: None
    };
    let mut client = LdapClient::new(ldap_config).await.unwrap();
    let name_filter = EqFilter::from("cn".to_string(), "Sam".to_string());
    let user: User = client
        .search::<User>(
        "ou=people,dc=example,dc=com",
        Scope::OneLevel,
        &name_filter,
        &vec!["cn", "sn", "uid"],
    ).await.unwrap();
}

§Deserialization

Search results are deserialized into user provided types using serde. Define a type that reflects the expected results of your search, and derive Deserialize for it. For example:

use serde::Deserialize;

// A type for deserializing the search result into.
#[derive(Debug, Deserialize)]
struct User {
    // DN is always returned as single value string, whether you ask it or not.
    dn: String,
    cn: String,
    // LDAP and Rust naming conventions differ.
    // You can make up for the difference by using serde's renaming annotations.
    #[serde(rename = "mayNotExist")]
    may_not_exist: Option<String>,
    multivalued_attribute: Vec<String>
}

Take care to actually request for all the attribute fields in the search. Otherwise they won’t be returned, and the deserialization will fail (unless you used an Option).

§String attributes

Most attributes are returned as strings. You can deserialize them into just Strings, but also into anything else that can supports deserialization from a string. E.g. perhaps the string represents a timestamp, and you can deserialize it directly into chrono::DateTime.

§Binary attributes

Some attributes may be binary encoded. (Active Directory especially has a bad habit of using these.) You can just capture the bytes directly into a Vec<u8>, but you can also use a type that knows how to deserialize from bytes. E.g. uuid::Uuid

§Multi-valued attributes

Multi-valued attributes should be marked as #[serde_as(as = “OneOrMany<_>”)] using serde_with. Currently, there is a limitation when handing binary attributes. This will be fixed in the future. As a workaround, you can use search_multi_valued or Record::to_multi_valued_record_. To use those method all the attributes should be multi-valued.

§Compile time features

tls-native - (Enabled by default) Enables TLS support using the systems native implementation.
tls-rustls - Enables TLS support using rustls. Conflicts with tls-native so you need to disable default features to use this.
pool - Enable connection pooling

Re-exports§

pub extern crate ldap3;

Modules§

filter: Filter

Structs§

LdapClient: High-level LDAP client wrapper ontop of ldap3 crate. This wrapper provides a high-level interface to perform LDAP operations including authentication, search, update, delete
LdapConfig: Configuration and authentication for LDAP connection
Record: The Record struct is used to map the search result to a struct. The Record struct has a method to_record which will map the search result to a struct. The Record struct has a method to_multi_valued_record which will map the search result to a struct with multi valued attributes.
Stream: The Stream struct is used to iterate through the search results. The stream will return a Record object. The Record object can be used to map the search result to a struct. After the stream is finished, the cleanup method should be called to cleanup the stream.

Enums§

Error: The error type for the LDAP client
StreamResult

Crate simple_ldapCopy item path