v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Steampipe logo 
Hub
Plugins
turbot/ldap
Overview
3Tables
Versions
GitHub
steampipe plugin install ldap

Table: ldap_organizational_unit - Query LDAP Organizational Units using SQL

An LDAP Organizational Unit represents a container that can hold users, groups, and other organizational units within an LDAP directory. It is a crucial component in creating an organized structure in LDAP directories, allowing for efficient user and resource management. Organizational units can be nested within each other, creating a hierarchical structure that reflects the organization's structure.

Table Usage Guide

The ldap_organizational_unit table provides insights into the structure and hierarchy of LDAP directories. As a system administrator, explore details about organizational units through this table, including their distinguished names, attributes, and associated metadata. Utilize it to understand the organization's structure, manage resources efficiently, and implement access control effectively.

Important Notes

  • This table supports optional quals. Queries with optional quals in a where clause are optimised to use LDAP search filters.
  • If filter is provided, other optional quals will not be used when searching.
  • Optional quals are supported for the following columns:
    • description
    • filter - Allows use of an explicit filter. Please refer to LDAP filter language.
    • ou
    • when_changed
    • when_created

Examples

Basic info

Explore the organizational units within your network, including when they were created and who manages them. This can help you understand your network's structure and identify areas for potential reorganization or management changes.

select
  dn,
  ou,
  when_created,
  managed_by
from
  ldap_organizational_unit;
select
  dn,
  ou,
  when_created,
  managed_by
from
  ldap_organizational_unit;

List organizational units that have been created in the last 30 days

Discover the segments that have been recently added to your organization within the past month. This can help keep track of organizational growth and changes.

select
  dn,
  ou,
  when_created
from
  ldap_organizational_unit
where
  when_created > current_timestamp - interval '30 days';
select
  dn,
  ou,
  when_created
from
  ldap_organizational_unit
where
  when_created > datetime('now', '-30 days');

Filter Examples

List organizational units that are critical system objects

Determine the areas in which organizational units are deemed as critical system objects. This can be used to identify key system components that require special attention or stricter security measures.

select
  dn,
  ou,
  managed_by,
  attributes -> 'isCriticalSystemObject' as is_critical_system_object
from
  ldap_organizational_unit
where
  filter = '(isCriticalSystemObject=TRUE)';
select
  dn,
  ou,
  managed_by,
  json_extract(attributes, '$.isCriticalSystemObject') as is_critical_system_object
from
  ldap_organizational_unit
where
  json_extract(attributes, '$.isCriticalSystemObject') = 'TRUE';

Schema for ldap_organizational_unit

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
attributesjsonbAll attributes that have been returned from LDAP.
base_dntextThe Base DN on which the search was performed.
descriptiontext=Description of the organizational unit.
dntext=Distinguished Name of the organizational unit.
filtertext=Optional search filter.
host_nametext=, !=, ~~, ~~*, !~~, !~~*The name of the host.
managed_bytextThe distinguished name of the user that is assigned to manage this organizational unit.
object_classjsonbObject classes of the organizational unit.
outext=Name of the organizational unit.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
titletextTitle of the organizational unit.
when_changedtimestamp with time zone>, >=, =, <, <=Date when the organizational unit was last changed.
when_createdtimestamp with time zone>, >=, =, <, <=Date when the organizational unit was created.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- ldap

You can pass the configuration to the command with the --config argument:

steampipe_export_ldap --config '<your_config>' ldap_organizational_unit