Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.
10-11-2018 10:06 AM
Attempting to perform a nested apoc.load.ldap
1st query (return all domain controllers and their DNS name) (this works fine!)
2nd query take each domain controller, connect to it, and query the lastlogon property for users on that domain controller. (then use this to create [:LOGGED_ON] relationships between LDAP users and domain controllers). I don't think I'm properly parameterizing the resulting values for use in the 2nd apoc.local.ldap call. Here's my code:
call apoc.load.ldap({ldapHost:'edc-dc3.mydomain.com',loginDN:'cn=_queryuser,cn=Managed Service Accounts,DC=mydomain,DC=com',loginPW:'MyPassw0rd'},
{searchBase:'ou=Domain Controllers,dc=mydomain,dc=com',searchScope:'SCOPE_SUB',
attributes:['dn','dNSHostName'],
searchFilter:'(&(objectCategory=computer)(objectClass=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))'})
yield entry as dc
with dc
:params {ldapprops: [{ldapHost: dc.dNSHostName, loginDN: "n=_queryuser,cn=Managed Service Accounts,DC=mydomain,DC=com", loginPW: "MyPassw0rd"}]}
call apoc.load.ldap(ldapprops,{searchBase:'ou=Hosted,dc=mydomain,dc=com',searchScope:'SCOPE_SUB',attributes:['userPrincipalName','LastLogon','userAccountControl'],
searchFilter:'(&(samAccountType=805306368))'})
yield entry as user
return user
The error I'm getting is:
Neo.ClientError.Statement.SyntaxError: Invalid input 'c': expected whitespace, comment or a relationship pattern (line 8, column 1 (offset: 580))
"call apoc.load.ldap(ldapprops,{searchBase:'ou=Hosted,dc=mydomain,dc=com',searchScope:'SCOPE_SUB',attributes:['userPrincipalName','LastLogon','userAccountControl'],"
^
10-11-2018 05:20 PM
The params line in between is wrong, you have to call params in its own separate browser command:
Note that what you pass there is JSON. (There is an alternative syntax where you pass Cypher expressions instead).
:params {"ldapprops": {"ldapHost":"edc-dc3.mydomain.com", "loginDN":"cn=_queryuser,cn=Managed Service Accounts,DC=mydomain,DC=com","loginPW":"MyPassw0rd"}}
alternative:
:param ldapprops => {ldapHost:'edc-dc3.mydomain.com',loginDN:'cn=_queryuser,cn=Managed Service Accounts,DC=mydomain,DC=com',loginPW:'MyPassw0rd'}
and only after use them in your query with $ldapprops
What you're probably looking for is to declare a new variable within the query with WITH
. See below.
call apoc.load.ldap($ldapprops,
{searchBase:'ou=Domain Controllers,dc=mydomain,dc=com',searchScope:'SCOPE_SUB',
attributes:['dn','dNSHostName'],
searchFilter:'(&(objectCategory=computer)(objectClass=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))'})
yield entry as dc
WITH {ldapHost: dc.dNSHostName, loginDN: "n=_queryuser,cn=Managed Service Accounts,DC=mydomain,DC=com", loginPW: "MyPassw0rd"} as dcConnection
call apoc.load.ldap(dcConnection, {searchBase:'ou=Hosted,dc=mydomain,dc=com',searchScope:'SCOPE_SUB',attributes:['userPrincipalName','LastLogon','userAccountControl'], searchFilter:'(&(samAccountType=805306368))'})
yield entry as user
return user
11-10-2018 04:19 PM
I'm using Neo4j Desktop 1.1.9 and Neo4j 3.4.4 and I'm unable to set multiple params in the same query. I used to be able to do this. I have numerous params that affect all of my queries. How do I do this? I tried Michael's suggestion above and unable to get this to work. The only way I can make this work is to create and save individual :param queries which is extremely inefficient and inconvenient. Any ideas or is this no longer possible?
Thanks!
11-12-2018 10:22 AM
It's possible, just there's something weird going on with the parsing. If you remove the outermost brackets it should work:
:params "ldapprops": {"ldapHost":"edc-dc3.mydomain.com", "loginDN":"cn=_queryuser,cn=Managed Service Accounts,DC=mydomain,DC=com","loginPW":"MyPassw0rd"}
11-12-2018 02:16 PM
Update on this, it has been fixed with browser version 3.2.11, so if you're using the browser that comes with Neo4j Desktop you should be up to date (or be able to update the app so you use the latest browser version).
However the browser that comes with Neo4j 3.4.9 is only 3.2.10, so if you're just using the browser provided by this version (or prior) then it's still affected.
All the sessions of the conference are now available online