LDAP Tools

Overview

This Plug-in provides the ability to update Appian user profiles from data retrieved from an LDAP server. The data that can be synchronized include all the default user profile fields except the username (e.g. first name, last name, address, phone, supervisor, title, etc…) as well as the custom fields.

Key Features & Functionality

  • LDAP User Profile Synchronization (Smart Service) - available in the Process Modeler under Integration Services > Connectivity Services
  • LDAP Sync Process Model (Sample Process Model) - will need to be tailored and tested based on identity management requirements
  • ldapSearch() Function - returns an array of LDAP attributes for a specific search query

See the instructions documentation (attached PDF) and https://community.appian.com/w/the-appian-playbook/520/ldap-synchronization for more information.

Anonymous
  • Hello everybody,

    Does anyone have the answer to this request ?

    Best regards,

    Jean-Jacques

  • Hi! It's 7,5 + compatible but LDAP Synch Application is exported on a 20.4.575 version, it's not possible to import it to 20.4 or earlier

    Is it a bug?

  • Dear Appian,

    Any feedback on the SSLHandshakeException several other community members have reported? We have the same issue. See below:

    • [Root exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target].

    Please advise urgently so that we can decide on whether we should continue down this path or not.

    Kind Regards,

    Philip Snyman

  • Question for author: Our security department would like some details about how/if this plug-in encrypts traffic between our cloud instance and our LDAP server.  From other posts there's SSL and a cert...somewhere?  Any way we could get more details on this?

  • Hello All,

    We are facing an issue with  "LDAP User Profile Synchronisation"smart service.

     

    This issue seems to be because of the certificate expiry. Although we couldn't find out any existing certificate configured for that smart service in the system.

     

    We uploaded the new certificate in the admin console - Trusted server certificate tab, (tried uploading the new certificate in the Client certificate tab as well), but the issue still persists. The error is shown as below and the node is getting errored out. Because of this, the user profile sync is not happening which is expected to happen every night as the Nightly job process and it has become a high priority issue in Production right now.

     

    Error Message:

    "com.appiancorp.services.exceptions.ServiceException: javax.naming.CommunicationException: dal1dc03-vm.appian.syniverse.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed]"

     

    Do you have any suggestions on this?

  • Hello All,

    We are facing an issue with  "LDAP User Profile Synchronisation"smart service.

     

    This issue seems to be because of the certificate expiry. Although we couldn't find out any existing certificate configured for that smart service in the system.

     

    We uploaded the new certificate in the admin console - Trusted server certificate tab, (tried uploading the new certificate in the Client certificate tab as well), but the issue still persists. The error is shown as below and the node is getting errored out. Because of this, the user profile sync is not happening which is expected to happen every night as the Nightly job process and it has become a high priority issue in Production right now.

     

    Error Message:

    "com.appiancorp.services.exceptions.ServiceException: javax.naming.CommunicationException: dal1dc03-vm.appian.syniverse.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed]"

     

    Do you have any suggestions on this?

  • Is anyone else having issues with ldapsearch() since upgrading so 21.2?

  • We have proper certificates client and server in the admin console (cloud 21.2) section for integration. how ever it seems that we still need to supply a keystore path in the LDAP tools (V 1.4.0) to properly connect to out ldaps server. Can someone advise on how to get this properly setup?

  • Hi,

    Thanks for the release.
    Any news about the use of deprecated API and the synchronization problem once a directory service group  is empty ?

    Best regards,

    Jean-Jacques

  • v1.4.0 Release Notes
    • Updated the LDAP Sync application to support multi-language