Using LDAP
- Last Updated: August 26, 2025
- 4 minute read
- DataDirect Connectors
- ODBC
- Oracle Database Wire Protocol 8.0
- Documentation
LDAP (Lightweight Directory Access Protocol) is a protocol used to access and manage distributed directory information services over a network.
An LDAP directory is a specialized database specifically designed for searching and retrieving data. In an LDAP directory, data is organized into objects called entries. Each entry has a unique Distinguished Name and contains a set of attributes that define the characteristics of the object the entry represents (like a user, group, or device). The entries are arranged in a hierarchical tree-like structure.
The LDAP directory is hosted on an LDAP server, which provides the LDAP service by responding to LDAP protocol requests.
The driver supports connecting to the LDAP server using the following connection methods. After establishing a connection to the LDAP server, the driver retrieves the necessary connection details from it and then connects to the database server.
- Unencrypted connection
- Encrypted connection: TLS/SSL encryption for server validation
- Encrypted connection: TLS/SSL encryption for server and client validation
Unencrypted connection
To connect to the LDAP server using an unencrypted connection:
- Set the LDAP Distinguished Name (LDAPDistinguishedName)
connection option to specify the fully qualified path of names in the LDAP
directory information tree for the entry containing your connection information.
For example:
cn=DB122,cn=OracleContext,dc=america,dc=yourcompany,dc=com - Set the Host (HostName) connection option to specify the name or IP address of the LDAP server.
- Set the Port Number (PortNumber) connection option to specify
the port number listener of the LDAP server. The default value is
389. - Set the User connection option to specify your user name for the database server.
- Set the Password connection option to specify the password for the database server.
The following connection string and odbc.ini file examples show how to configure the driver for an unencrypted connection to the LDAP server:
Connection string
DRIVER=DataDirect 8.0 Oracle Wire Protocol;HostName=ldap.company.com;
PortNumber=389;LDAPDistinguishedName=cn=MYDB,cn=OracleContext,dc=company,dc=com;
user=dbuser;password=dbpass;odbc.ini
[Oracle Wire Protocol]
Driver=ODBCHOME/lib/ivora28.so
...
Description=DataDirect 8.0 Oracle Wire Protocol
...
HostName=ldap.company.com
...
PortNumber=389
...
LDAPDistinguishedName=cn=MYDB,cn=OracleContext,dc=company,dc=com
...
user=dbuser
...
password=dbpass
...Encrypted connection: TLS/SSL encryption for server validation
To connect to the LDAP server using TLS/SSL encryption for server validation:
- Set the LDAP Encryption Method (LDAPEncryptionMethod) connection option to
1. - Set the LDAP Distinguished Name (LDAPDistinguishedName)
connection option to specify the fully qualified path of names in the LDAP
directory information tree for the entry containing your connection information.
For example:
cn=DB122,cn=OracleContext,dc=america,dc=yourcompany,dc=com - Set the Host (HostName) connection option to specify the name or IP address of the LDAP server.
- Set the Port Number (PortNumber) connection option to specify
the port number listener of the LDAP server. The default value is
636. - Set the LDAP Trust Store (LDAPTrustStore) connection option to specify the absolute path to the truststore file that contains certificates that the client uses to verify the LDAP server's certificate.
- Set the LDAP Validate Server Certificate (LDAPValidateServerCertificate)
connection option to
1. - Set the User connection option to specify your user name for the database server.
- Set the Password connection option to specify the password for the database server.
The following connection string and odbc.ini file examples show how to configure the driver for an encrypted connection to the LDAP server using TLS/SSL encryption for server validation:
Connection string
DRIVER=DataDirect 8.0 Oracle Wire Protocol;
HostName=ldap.company.com;PortNumber=636;LDAPEncryptionMethod=1;
LDAPDistinguishedName=cn=MYDB,cn=OracleContext,dc=company,dc=com;
LDAPTrustStore=C:/certs/truststore.crt;LDAPValidateServerCertificate=1;
user=dbuser;password=dbpassodbc.ini
[Oracle Wire Protocol]
Driver=ODBCHOME/lib/ivora28.so
...
Description=DataDirect 8.0 Oracle Wire Protocol
...
HostName=ldap.company.com
...
PortNumber=636
...
LDAPEncryptionMethod=1
...
LDAPDistinguishedName=cn=MYDB,cn=OracleContext,dc=company,dc=com
...
LDAPTrustStore=C:/certs/truststore.crt
...
LDAPValidateServerCertificate=1
...
user=dbuser
...
password=dbpass
...Encrypted connection: TLS/SSL encryption for both server and client validation
To connect to the LDAP server using TLS/SSL encryption for both server and client validation:
- Set the LDAP Encryption Method (LDAPEncryptionMethod) connection option to
1. - Set the LDAP Distinguished Name (LDAPDistinguishedName)
connection option to specify the fully qualified path of names in the LDAP
directory information tree for the entry containing your connection information.
For example:
cn=DB122,cn=OracleContext,dc=america,dc=yourcompany,dc=com - Set the Host (HostName) connection option to specify the name or IP address of the LDAP server.
- Set the Port Number (PortNumber) connection option to specify
the port number listener of the LDAP server. The default value is
636. - Set the LDAP Trust Store (LDAPTrustStore) connection option to specify the
absolute path to the truststore file that contains certificates that the client
uses to verify the LDAP server's certificate. Note: The driver supports only the .pem file format for the truststore files.The driver supports only the .pem file format for the keystore files.
- Set the LDAP Key Store (LDAPKeyStore) connection option to specify the absolute
path to the keystore file that contains certificates that the client presents in
response to the LDAP server’s certificate request. Note: The driver supports only the .pem file format for the keystore files.
- Set the LDAP Validate Server Certificate (LDAPValidateServerCertificate)
connection option to
1. - Optionally, set the LDAP Crypto Protocol Version (LDAPCryptoProtocolVersion) connection option to specify the cryptographic protocol you want to use for TLS/SSL encryption. If not specified, the cryptographic protocol used depends on the highest protocol version supported by the server. The driver supports TLSv1.3 and TLSv1.2.
- Set the User connection option to specify your user name for the database server.
- Set the Password connection option to specify the password for the database server.
The following example connection string shows how to configure the driver for an encrypted connection to the LDAP server using TLS/SSL encryption for both server and client validation:
Connection string
DRIVER=DataDirect 8.0 Oracle Wire Protocol;
HostName=ldap.company.com;PortNumber=636;LDAPEncryptionMethod=1;
LDAPDistinguishedName=cn=MYDB,cn=OracleContext,dc=company,dc=com;
LDAPTrustStore=C:/certs/truststore.pem;LDAPKeyStore=C:/certs/keystore.pem;
LDAPValidateServerCertificate=1;user=dbuser;password=dbpassodbc.ini
[Oracle Wire Protocol]
Driver=ODBCHOME/lib/ivora28.so
...
Description=DataDirect 8.0 Oracle Wire Protocol
...
HostName=ldap.company.com
...
PortNumber=636
...
LDAPEncryptionMethod=1
...
LDAPDistinguishedName=cn=MYDB,cn=OracleContext,dc=company,dc=com
...
LDAPTrustStore=C:/certs/truststore.pem
...
LDAPKeyStore=C:/certs/keystore.pem
...
LDAPValidateServerCertificate=1
...
user=dbuser
...
password=dbpass
...