ldap-mcp
MCP server for read-only LDAP directory operations, enabling search, entry retrieval, schema browsing, and comparison via natural language.
README
ldap-mcp
MCP server for read-only LDAP directory operations.
Installation
uv add ldap-mcp
# or
pip install ldap-mcp
Configuration
Set environment variables before running:
export LDAP_URI="ldaps://ldap.example.com:636"
export LDAP_BASE_DN="dc=example,dc=com"
export LDAP_BIND_DN="cn=readonly,dc=example,dc=com"
export LDAP_BIND_PASSWORD="secret"
# Optional: only return employee accounts in all searches
export LDAP_DEFAULT_FILTER="(employeeType=employee)"
All Environment Variables
| Variable | Required | Default | Description |
|---|---|---|---|
LDAP_URI |
Yes | - | Server URI (ldap:// or ldaps://) |
LDAP_BASE_DN |
Yes | - | Default search base DN |
LDAP_BIND_DN |
No | - | Bind DN (empty = anonymous) |
LDAP_BIND_PASSWORD |
No | - | Bind password |
LDAP_DEFAULT_FILTER |
No | - | Filter ANDed to all searches |
LDAP_AUTH_METHOD |
No | simple |
simple or anonymous |
LDAP_USE_STARTTLS |
No | false |
Upgrade to TLS on port 389 |
LDAP_TLS_VERIFY |
No | true |
Verify TLS certificates |
LDAP_CA_CERT |
No | - | Path to CA certificate |
LDAP_TIMEOUT |
No | 30 |
Connection timeout (seconds) |
Usage
Run the server:
uvx ldap-mcp # stdio transport (default)
uvx ldap-mcp --transport sse # SSE transport
Or if installed in a project:
uv run ldap-mcp
<details> <summary>Claude Desktop</summary>
Add to claude_desktop_config.json (macOS: ~/Library/Application Support/Claude/, Windows: %APPDATA%\Claude\):
{
"mcpServers": {
"ldap": {
"command": "uvx",
"args": ["ldap-mcp"],
"env": {
"LDAP_URI": "ldaps://ldap.example.com:636",
"LDAP_BASE_DN": "dc=example,dc=com",
"LDAP_BIND_DN": "cn=readonly,dc=example,dc=com",
"LDAP_BIND_PASSWORD": "secret"
}
}
}
}
</details>
<details> <summary>Claude Code</summary>
Add via CLI:
claude mcp add --transport stdio \
--env LDAP_URI=ldaps://ldap.example.com:636 \
--env LDAP_BASE_DN=dc=example,dc=com \
--env LDAP_BIND_DN=cn=readonly,dc=example,dc=com \
--env LDAP_BIND_PASSWORD=secret \
ldap -- uvx ldap-mcp
Or add to .mcp.json in your project root:
{
"mcpServers": {
"ldap": {
"type": "stdio",
"command": "uvx",
"args": ["ldap-mcp"],
"env": {
"LDAP_URI": "ldaps://ldap.example.com:636",
"LDAP_BASE_DN": "dc=example,dc=com",
"LDAP_BIND_DN": "${LDAP_BIND_DN}",
"LDAP_BIND_PASSWORD": "${LDAP_BIND_PASSWORD}"
}
}
}
}
</details>
<details> <summary>OpenCode</summary>
Add to ~/.config/opencode/config.json (or opencode.json in project root):
{
"$schema": "https://opencode.ai/config.json",
"mcp": {
"ldap": {
"type": "local",
"command": ["uvx", "ldap-mcp"],
"environment": {
"LDAP_URI": "ldaps://ldap.example.com:636",
"LDAP_BASE_DN": "dc=example,dc=com",
"LDAP_BIND_DN": "{env:LDAP_BIND_DN}",
"LDAP_BIND_PASSWORD": "{env:LDAP_BIND_PASSWORD}"
}
}
}
}
</details>
Tools
ldap_search
Search LDAP directory with filters.
filter: "(objectClass=person)"
base_dn: "ou=users,dc=example,dc=com" # optional
scope: "subtree" # base, one, or subtree
attributes: ["cn", "mail", "uid"] # optional
size_limit: 100
ldap_get_entry
Get a single entry by DN with all attributes.
dn: "cn=jdoe,ou=users,dc=example,dc=com"
attributes: ["*"] # optional, defaults to all
include_operational: true # include createTimestamp, etc.
ldap_get_schema
Browse LDAP schema definitions.
schema_type: "all" # object_classes, attribute_types, or all
name_filter: "person" # optional substring filter
ldap_compare
Compare an attribute value without retrieving the entry.
dn: "cn=jdoe,ou=users,dc=example,dc=com"
attribute: "memberOf"
value: "cn=admins,ou=groups,dc=example,dc=com"
Prompts
user_lookup
Guided workflow for finding users by name, email, or uid.
group_members
List members of an LDAP group with optional name resolution.
group_membership
Find all groups a user belongs to.
search_guide
LDAP filter syntax reference with examples.
Development
# Install dev dependencies
uv sync --group dev
# Run checks
make check # lint + format + typecheck + test
# Run tests only
make test
# Auto-fix issues
make fix
License
MIT
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.