MCP server for LDAP directory operations

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for rackerhacker from gravatar.com rackerhacker
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Major Hayden
  • Tags mcp , ldap , directory , model-context-protocol
  • Requires: Python >=3.13
Classifiers
Report project as malware

Project description

ldap-mcp

CI PyPI Python License

MCP server for read-only LDAP directory operations.

Installation

uv add ldap-mcp
# or
pip install ldap-mcp

Configuration

Set environment variables before running:

export LDAP_URI="ldaps://ldap.example.com:636"
export LDAP_BASE_DN="dc=example,dc=com"
export LDAP_BIND_DN="cn=readonly,dc=example,dc=com"
export LDAP_BIND_PASSWORD="secret"

# Optional: only return employee accounts in all searches
export LDAP_DEFAULT_FILTER="(employeeType=employee)"

All Environment Variables

Variable Required Default Description
LDAP_URI Yes - Server URI (ldap:// or ldaps://)
LDAP_BASE_DN Yes - Default search base DN
LDAP_BIND_DN No - Bind DN (empty = anonymous)
LDAP_BIND_PASSWORD No - Bind password
LDAP_DEFAULT_FILTER No - Filter ANDed to all searches
LDAP_AUTH_METHOD No simple simple or anonymous
LDAP_USE_STARTTLS No false Upgrade to TLS on port 389
LDAP_TLS_VERIFY No true Verify TLS certificates
LDAP_CA_CERT No - Path to CA certificate
LDAP_TIMEOUT No 30 Connection timeout (seconds)

Usage

Run the server:

uvx ldap-mcp                    # stdio transport (default)
uvx ldap-mcp --transport sse    # SSE transport

Or if installed in a project:

uv run ldap-mcp
Claude Desktop

Add to claude_desktop_config.json (macOS: ~/Library/Application Support/Claude/, Windows: %APPDATA%\Claude\):

{
  "mcpServers": {
    "ldap": {
      "command": "uvx",
      "args": ["ldap-mcp"],
      "env": {
        "LDAP_URI": "ldaps://ldap.example.com:636",
        "LDAP_BASE_DN": "dc=example,dc=com",
        "LDAP_BIND_DN": "cn=readonly,dc=example,dc=com",
        "LDAP_BIND_PASSWORD": "secret"
      }
    }
  }
}
Claude Code

Add via CLI:

claude mcp add --transport stdio \
  --env LDAP_URI=ldaps://ldap.example.com:636 \
  --env LDAP_BASE_DN=dc=example,dc=com \
  --env LDAP_BIND_DN=cn=readonly,dc=example,dc=com \
  --env LDAP_BIND_PASSWORD=secret \
  ldap -- uvx ldap-mcp

Or add to .mcp.json in your project root:

{
  "mcpServers": {
    "ldap": {
      "type": "stdio",
      "command": "uvx",
      "args": ["ldap-mcp"],
      "env": {
        "LDAP_URI": "ldaps://ldap.example.com:636",
        "LDAP_BASE_DN": "dc=example,dc=com",
        "LDAP_BIND_DN": "${LDAP_BIND_DN}",
        "LDAP_BIND_PASSWORD": "${LDAP_BIND_PASSWORD}"
      }
    }
  }
}
OpenCode

Add to ~/.config/opencode/config.json (or opencode.json in project root):

{
  "$schema": "https://opencode.ai/config.json",
  "mcp": {
    "ldap": {
      "type": "local",
      "command": ["uvx", "ldap-mcp"],
      "environment": {
        "LDAP_URI": "ldaps://ldap.example.com:636",
        "LDAP_BASE_DN": "dc=example,dc=com",
        "LDAP_BIND_DN": "{env:LDAP_BIND_DN}",
        "LDAP_BIND_PASSWORD": "{env:LDAP_BIND_PASSWORD}"
      }
    }
  }
}

Tools

ldap_search

Search LDAP directory with filters.

filter: "(objectClass=person)"
base_dn: "ou=users,dc=example,dc=com"  # optional
scope: "subtree"  # base, one, or subtree
attributes: ["cn", "mail", "uid"]  # optional
size_limit: 100

ldap_get_entry

Get a single entry by DN with all attributes.

dn: "cn=jdoe,ou=users,dc=example,dc=com"
attributes: ["*"]  # optional, defaults to all
include_operational: true  # include createTimestamp, etc.

ldap_get_schema

Browse LDAP schema definitions.

schema_type: "all"  # object_classes, attribute_types, or all
name_filter: "person"  # optional substring filter

ldap_compare

Compare an attribute value without retrieving the entry.

dn: "cn=jdoe,ou=users,dc=example,dc=com"
attribute: "memberOf"
value: "cn=admins,ou=groups,dc=example,dc=com"

Prompts

user_lookup

Guided workflow for finding users by name, email, or uid.

group_members

List members of an LDAP group with optional name resolution.

group_membership

Find all groups a user belongs to.

search_guide

LDAP filter syntax reference with examples.

Development

# Install dev dependencies
uv sync --group dev

# Run checks
make check    # lint + format + typecheck + test

# Run tests only
make test

# Auto-fix issues
make fix

License

MIT

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for rackerhacker from gravatar.com rackerhacker
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Major Hayden
  • Tags mcp , ldap , directory , model-context-protocol
  • Requires: Python >=3.13
Classifiers

Release history Release notifications | RSS feed

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ldap_mcp-0.1.1.tar.gz (11.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ldap_mcp-0.1.1-py3-none-any.whl (18.3 kB view details)

Uploaded Python 3

File details

Details for the file ldap_mcp-0.1.1.tar.gz.

File metadata

  • Download URL: ldap_mcp-0.1.1.tar.gz
  • Upload date:
  • Size: 11.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for ldap_mcp-0.1.1.tar.gz
Algorithm Hash digest
SHA256 6430f10543d102abedbc72de364f2b91709f3b9b61e6c55f6c799818202fe071
MD5 ff34a0f5c9dec703bdabb4397dd42d4d
BLAKE2b-256 282ed5867d5f93e8a12ff895ff9447de7461cf5ea6fb9434e50296edb5e74024

See more details on using hashes here.

Provenance

The following attestation bundles were made for ldap_mcp-0.1.1.tar.gz:

Publisher: release.yml on major/ldap-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ldap_mcp-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: ldap_mcp-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 18.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for ldap_mcp-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 bfaf7c755ee3e0e6a4aac138f6f3bd1a5ccb046ab39353cebe52db9fa6046d4c
MD5 5e161763d0e198371aa395a2a62563cb
BLAKE2b-256 208c1408d2c7a581352187256b557615f9051fc29af3c6736b0b2f66cb43e6fc

See more details on using hashes here.

Provenance

The following attestation bundles were made for ldap_mcp-0.1.1-py3-none-any.whl:

Publisher: release.yml on major/ldap-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page