MCP Servers

A collection of Model Context Protocol servers, templates, tools and more.

L
Ldap MCP
by @trxo
GitHub Repo(7 stars)

ldap-mcp server

Created 10/30/2025
Updated 1 day ago
README
View Source
Repository documentation and setup instructions

LDAP MCP Server

LDAP MCP Server exposes an LDAP directory through the Model Context Protocol (MCP), enabling MCP clients to run common directory searches and CRUD operations using the standard tool/resource workflow.

Features

  • Search, retrieve, add, modify, and delete LDAP entries through MCP tools.
  • Optional read-only mode that limits MCP clients to safe operations.
  • Support for StartTLS upgrades, LDAPS endpoints, and configurable TLS verification.
  • Built-in MCP resources for the directory root DSE and arbitrary entries by DN.
  • Graceful shutdown handling and automatic LDAP reconnection logic.

Requirements

  • Go 1.24 or newer
  • Access to an LDAP server (OpenLDAP, Active Directory, etc.)
  • MCP client capable of speaking the SSE transport (e.g., Claude Desktop)

Building and Testing

cd /opt/code/github/ldap-mcp
go test ./...

The repository currently ships without unit tests, so a successful run confirms the project compiles and all dependencies resolve.

Running the Server

cd /opt/code/github/ldap-mcp
go run ./cmd/server \
  -url ldap://localhost:389 \
  -bind-dn "cn=admin,dc=example,dc=com" \
  -bind-password secret

Key flags:

  • -addr: MCP listen address (default :8080, overridable via MCP_PORT).
  • -url: LDAP server URL such as ldap://host:389 or ldaps://host:636.
  • -bind-dn / -bind-password: Credentials for binding to the directory. You can also supply the password via the LDAP_BIND_PASSWORD environment variable.
  • -starttls: Upgrade a plain LDAP connection to TLS. Only valid when using ldap:// URLs.
  • -insecure: Skip TLS certificate verification (useful for testing with self-signed certs).
  • -read-write: Enable add/modify/delete tools. If omitted the server operates in read-only mode.
  • -timeout: Per-request timeout when talking to the LDAP server (default 30s).

Use -help to print the full list of flags and environment variables.

MCP Surface

Tools

  • search_entries: Execute LDAP searches with paging, scope selection, alias dereferencing, and size limits.
  • get_entry: Fetch a single entry by distinguished name.
  • add_entry: Create new entries (requires -read-write).
  • modify_entry: Apply attribute modifications (requires -read-write).
  • delete_entry: Delete entries (requires -read-write).

Resources

  • ldap://root-dse: Returns the directory root DSE as JSON.
  • ldap://entry/{dn}: Fetches a specific entry when provided with a DN.

Development Notes

  • The LDAP client wrapper (internal/ldapclient) manages connection reuse, StartTLS negotiation, and automatic reconnection on transport errors.
  • MCP tool handlers (internal/tools) validate inputs before invoking LDAP operations; for example the page_size argument is clamped to the uint32 range used by paged results controls.
  • Format Go sources with gofmt and keep module dependencies tidy via go mod tidy when dependencies change.
Quick Setup
Installation guide for this server

Installation Command (package not published)

git clone https://github.com/trxo/ldap-mcp
Manual Installation: Please check the README for detailed setup instructions and any additional dependencies required.

Cursor configuration (mcp.json)

{ "mcpServers": { "trxo-ldap-mcp": { "command": "git", "args": [ "clone", "https://github.com/trxo/ldap-mcp" ] } } }