Connection String Options
The connection string properties are the various options that can be used to establish a connection. This section provides a complete list of the options you can configure in the connection string for this provider. Click the links for further details.
For more information on connecting, see Establishing a Connection.
| Property | Description |
| Server | Specifies the domain name or IP address of the LDAP server. This property is required to establish a connection and does not need to include the LDAP:\\\\ prefix, only the server’s domain name or IP address. |
| Port | Specifies the port number on which the LDAP server is running. |
| User | Specifies the distinguished name (DN) of the user account to be used for authentication with the LDAP server. This property is required when the server enforces authentication. |
| Password | Specifies the password associated with the distinguished name (DN) of the user account used for authentication with the LDAP server. This property is required when the server enforces authentication. |
| BaseDN | Specifies the base portion of the distinguished name (DN) to limit LDAP queries to a specific subtree within the directory. Using a base DN helps narrow the search scope and improve query performance, especially on large LDAP servers. |
| UseSSL | Specifies whether SSL is used to secure the connection to the LDAP server. Enabling this property ensures that communication between the client and server is encrypted. |
| LDAPVersion | Specifies the version of the LDAP protocol to use when connecting to the server. The supported values are 2 and 3. |
| AuthMechanism | Specifies the authentication mechanism to use when connecting to the LDAP server. Supported values are SIMPLE for plaintext authentication and NEGOTIATE for NTLM/Negotiate authentication. |
| Scope | Specifies the scope of the LDAP search. This property defines whether the search applies to the entire subtree (BaseDN and all its descendants), a single level (BaseDN and its direct descendants), or just the base object (BaseDN only). |
| DNAttributeFilter | Specifies whether to use distinguishedName or entryDN as the DN attribute in LDAP query filters. This property affects how the distinguished name is referenced during search operations. |
| IntegratedSecurity | Specifies whether the provider should use the current user's context for authentication. |
| Property | Description |
| SSLServerCert | Specifies the certificate to be accepted from the server when connecting using TLS/SSL. |
| Property | Description |
| FirewallType | Specifies the protocol the provider uses to tunnel traffic through a proxy-based firewall. |
| FirewallServer | Identifies the IP address, DNS name, or host name of a proxy used to traverse a firewall and relay user queries to network resources. |
| FirewallPort | Specifies the TCP port to be used for a proxy-based firewall. |
| FirewallUser | Identifies the user ID of the account authenticating to a proxy-based firewall. |
| FirewallPassword | Specifies the password of the user account authenticating to a proxy-based firewall. |
| Property | Description |
| Logfile | Specifes the file path to the log file where the provider records its activities, such as authentication, query execution, and connection details. |
| Verbosity | Specifies the verbosity level of the log file, which controls the amount of detail logged. Supported values range from 1 to 5. |
| LogModules | Specifies the core modules to include in the log file. Use a semicolon-separated list of module names. By default, all modules are logged. |
| MaxLogFileSize | Specifies the maximum size of a single log file in bytes. For example, '10 MB'. When the file reaches the limit, the provider creates a new log file with the date and time appended to the name. |
| MaxLogFileCount | Specifies the maximum number of log files the provider retains. When the limit is reached, the oldest log file is deleted to make space for a new one. |
| Property | Description |
| Location | Specifies the location of a directory containing schema files that define tables, views, and stored procedures. Depending on your service's requirements, this may be expressed as either an absolute path or a relative path. |
| BrowsableSchemas | Optional setting that restricts the schemas reported to a subset of all available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC . |
| Tables | Optional setting that restricts the tables reported to a subset of all available tables. For example, Tables=TableA,TableB,TableC . |
| Views | Optional setting that restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC . |
| Property | Description |
| AutoCache | Specifies whether the content of tables targeted by SELECT queries is automatically cached to the specified cache database. |
| CacheProvider | The namespace of an ADO.NET provider. The specified provider is used as the target database for all caching operations. |
| CacheConnection | The connection string for the specified cache database. |
| CacheLocation | Specifies the path to the cache when caching to a file. |
| CacheTolerance | The tolerance, in seconds, for stale data in the specified cache database. |
| Offline | Get the data from the specified cache database instead of live LDAP data. |
| CacheMetadata | Determines whether the provider caches table metadata to a file-based cache database. |
| Property | Description |
| BatchSize | Specifies the maximum number of rows included in each batch operation. Set to 0 to submit the entire batch as a single request. |
| ConnectionLifeTime | Specifies the maximum lifetime of a connection in seconds. When the specified time elapses, the provider closes the connection. Set to 0 or leave empty for no time limit. |
| FollowReferrals | Specifies whether to follow LDAP referrals returned by the LDAP server. When enabled, the provider retrieves data from the referred servers instead of the original server. |
| FriendlyGUID | Specifies whether GUID attributes, such as objectGUID, are returned in a human-readable string format or as base64-encoded binary objects. When enabled, the property converts GUIDs into a friendly string format. |
| FriendlySID | Specifies whether SID attributes, such as objectSid, are returned in a human-readable string format or as base64-encoded binary objects. When enabled, the property converts SIDs into a friendly string format. |
| MaxRows | Specifies the maximum rows returned for queries without aggregation or GROUP BY. |
| Other | Specifies additional hidden properties for specific use cases. These are not required for typical provider functionality. Use a semicolon-separated list to define multiple properties. |
| PoolIdleTimeout | Specifies the maximum idle time, in seconds, that a connection can remain in the pool before being closed. |
| PoolMaxSize | Specifies the maximum number of connections allowed in the connection pool. The default value is 100. Set to 0 or a negative value to disable pooling. |
| PoolMinSize | Specifies the minimum number of connections maintained in the connection pool. The default value is 1. |
| PoolWaitTime | Specifies the maximum number of seconds a connection request waits for an available connection in the pool. If the wait exceeds this time, an error is returned. The default is 60 seconds. |
| PseudoColumns | Specifies the pseudocolumns to expose as table columns. Use the format 'TableName=ColumnName;TableName=ColumnName'. The default is an empty string, which disables this property. |
| Readonly | Toggles read-only access to LDAP from the provider. |
| RTK | Specifies the runtime key for licensing the provider. If unset or invalid, the provider defaults to the standard licensing method. Use this property only in environments where the standard licensing method is unsupported or requires a runtime key. |
| Timeout | Specifies the maximum time, in seconds, that the provider waits for a server response before throwing a timeout error. The default is 60 seconds. Set to 0 to disable the timeout. |
| UseConnectionPooling | Enables the connection pooling feature, which allows the provider to reuse existing connections instead of creating new ones for each request. |
| UserDefinedViews | Specifies a filepath to a JSON configuration file defining custom views. The provider automatically detects and uses the views specified in this file. |