Skip to content

LdapQuery#

Ldap_Query#

Author: Florian Perret @cyber_pescadito
License: AGPL-V3
Version: 2.0
Supported observables types:
- username
- mail
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Query your LDAP server to harvest informations about an user of your organization

Configuration#

LDAP_address Should contain the protocol. Eg: ldaps://myldap.myorg.com
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
LDAP_port Should contain the ldap port. Eg: 389 or 636
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
LDAP_username Usernae of the account that will be used to bind to LDAP server. The Account should have permissions to read ldap objects and attributes.
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
LDAP_password Password of the account used to bind to LDAP server.
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
base_DN The base DN to use in your LDAP. Eg: dc=myorg,dc=com
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
uid_search_field Specify here the field to use when searching by username. Eg: uid or sAMAccountName
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
attributes Specify here the attributes you want to harvest. Eg: mail
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values True
Is required True

Templates samples for TheHive#

No template samples to display.