Creating the Data Source Name
This section describes how to edit the DSN configuration and then authenticate and connect to LDAP APIs.
DSN Configuration
You can use the Microsoft ODBC Data Source Administrator to edit the DSN configuration. Note that the installation process creates a both a user DSN and a system DSN, as described in Installing the Connector.
Note: The connector stores connection information in the Windows registry. To ensure that the connector can write to the registry, either run Power BI as an administrator or use a User DSN for your connection instead of a System DSN.
User DSN
Complete the following steps to edit the DSN configuration:
- Select Start > Search, and enter ODBC Data Sources in the Search box.
- Choose the version of the ODBC Administrator that corresponds to the bitness of your Power BI Desktop installation (32-bit or 64-bit).
- Select the system data source and click Configure.
- Edit the information on the Connection tab and click OK.
System DSN
Configure the system DSN the same way as the user DSN, except you will need to switch to the System DSN tab before performing Step 3.
Connecting to LDAP
The CData driver for the LDAP supports connecting to LDAP server objects. To connect, set the required properties.
Required Properties
- Server: The domain name or IP of the LDAP server.
- Port: The port setting defaults to port=389. Specifying the port to a different setting is optional.
- BaseDN: This property is used for limiting results to specific subtrees. Specifying a narrow BaseDN (Base Distinguished Name) may greatly increase performance. For example, a value of cn=users,dc=domain only returns results contained within cn=users and its children.
Optional Properties
Optional properties can be used to further refine control of the returned results.
- FollowReferrals: This property follows referrals when TRUE. The returned response then becomes read only. To modify data returned by a referral server, open a new connection to the server by specifying server and port.
- Scope: This property enables more control over the search depth of the LDAP tree, starting with BaseDN. Limiting the Scope can greatly improve search performance. Set the Scope to one of the following values:
- WholeSubtree: Limit the scope of the search to the BaseDN and all of its descendants.
- SingleLevel: Limit the scope of the search to the BaseDN and its direct descendants.
- BaseObject: Limit the scope of the search to the base object only.
- LDAPVersion: The LDAP version used to connect to and communicate with the server. Set this property to 2.
Authenticating to LDAP
To authenticate requests, set the User and Password properties to valid LDAP credentials. For example: set User to Domain\\BobF or cn=Bob F,ou=Employees,dc=Domain.
The AuthMechanism properties for the connector are as follows:
- SIMPLE: The default plaintext value of the authentication mechanism to login to the server.
- NEGOTIATE: Negotiates whether to use NTLN or Kerberos when authenticating to the server.
SSL Configuration
By default, the driver uses plaintext when communicating with the server set to port=389. The driver automatically switches to use SSL when talking to the LDAP on port=636. You can force the connection to use the SSL connection property when set to SSL=TRUE.
Customizing Tables
The connector surfaces the columns most often needed from LDAP entities. However, if you need to work with other data, the tables are easy to modify. Tables are defined in schema files, which have a simple format.
See Working with LDAP Tables for a guide to extending the default schemas or writing your own. To use custom schemas, set the Location property to the folder containing the schema files. For more on tables and views, see Data Model.