# Communication with LDAP Server

The LDAP tool’s communication with LDAP is equivalent to a single `ldapsearch` command call. For example,

```
ldapsearch -x -H ldap://35.158.138.5 -b "dc=memsql,dc=ldap,dc=testing" -D "CN=Peter Pan,CN=Users,DC=memsql,DC=ldap,DC=testing" -w MemSQL-active-directory-2020 "(&(objectClass=*))"

```

Where:

* `-H` maps to `--uris`
* `-b` maps to `--search-base`
* `-D` maps to `--bind-user`
* `-w` maps to `--bind-credentials`
* `(&(objectClass=*))` maps to `--query-filter`

## Secure LDAP Server Connections

The LDAP tool secures LDAP server connections using the `StartTLS` extension to the LDAP protocol. `StartTLS` encrypts communication by using the TLS protocol. `StartTLS` can be enabled using the `--start-tls` option of the `sdb-admin sync-ldap` command. If this option is used, the path to the TLS root certificate authority file can be specified by the `--ca-paths` option. If no value is specified for the `--ca-paths` option, the default `root` certificate(s) will be used.

***

Modified at: November 5, 2024

Source: [/db/v9.1/user-and-cluster-administration/singlestore-user-management/ldap-user-sync/ldap-server-communication/](https://docs.singlestore.com/db/v9.1/user-and-cluster-administration/singlestore-user-management/ldap-user-sync/ldap-server-communication/)

(An index of the documentation is available at /llms.txt)