26 unstable releases (6 breaking)

0.9.2 Jan 11, 2021
0.9.0 Dec 30, 2020
0.8.3 Jan 5, 2021
0.8.1 Nov 24, 2020
0.5.0 Jul 20, 2017

#41 in Network programming

Download history 1024/week @ 2020-11-07 1180/week @ 2020-11-14 794/week @ 2020-11-21 829/week @ 2020-11-28 801/week @ 2020-12-05 703/week @ 2020-12-12 752/week @ 2020-12-19 699/week @ 2020-12-26 1052/week @ 2021-01-02 1027/week @ 2021-01-09 753/week @ 2021-01-16 596/week @ 2021-01-23 602/week @ 2021-01-30 724/week @ 2021-02-06 896/week @ 2021-02-13 577/week @ 2021-02-20

3,396 downloads per month
Used in less than 7 crates



LDAP client library

A pure-Rust LDAP client library using the Tokio stack.

Interaction with Tokio versions

Tokio reached 1.0 rather soon after 0.3, but it's not a 1:1 replacement. Furthermore, the bump of the bytes crate to 1.0 made it necessary to increase the lber version number. For that reason, ldap3 will also go one version up, to 0.9. Things should be quieter from now on because of Tokio's 1.0 compatibility promise, though.

All functional changes in 0.9.1 have been backported to 0.8.3 (Tokio 0.3) and 0.7.4 (Tokio 0.2). The plan is to limit further 0.8.x and 0.7.x changes to bug- and compatibility fixes for the next six months, and continue development solely on 0.9.x.



The library is client-only. One cannot make an LDAP server or a proxy with it. It supports only version 3 of the protocol over connection-oriented transports.


The library can be used either synchronously or asynchronously. The aim is to offer essentially the same call interface for both flavors, with the necessary differences in interaction and return values according to the nature of I/O.

Add this to your Cargo.toml:

version = "0.9"


The following two examples perform exactly the same operation and should produce identical results. They should be run against the example server in the data subdirectory of the crate source. Other sample programs expecting the same server setup can be found in the examples subdirectory.

Synchronous search

use ldap3::{LdapConn, Scope, SearchEntry};
use ldap3::result::Result;

fn main() -> Result<()> {
    let mut ldap = LdapConn::new("ldap://localhost:2389")?;
    let (rs, _res) = ldap.search(
    for entry in rs {
        println!("{:?}", SearchEntry::construct(entry));

Asynchronous search

use ldap3::{LdapConnAsync, Scope, SearchEntry};
use ldap3::result::Result;

async fn main() -> Result<()> {
    let (conn, mut ldap) = LdapConnAsync::new("ldap://localhost:2389").await?;
    let (rs, _res) = ldap.search(
    for entry in rs {
        println!("{:?}", SearchEntry::construct(entry));

Compile-time features

The following features are available at compile time:

  • sync (enabled by default): Synchronous API support.

  • tls (enabled by default): TLS support, backed by the native-tls crate, which uses a platform-specific TLS backend. This is an alias for tls-native.

  • tls-rustls (disabled by default): TLS support, backed by the Rustls library.

Without any features, only plain TCP connections (and Unix domain sockets on Unix-like platforms) are available. For TLS support, tls and tls-rustls are mutually exclusive: choosing both will produce a compile-time error.


Licensed under either of:

at your option.


~206K SLoC