Two ways:

1) Use $GCV-Name instead of ~GCV-Name~. They are processed differently,
and i do not think the squiggle will work for named passwords.

You can of course test this trivially. Add two trace tokens. One
tracing out XPATH of ~GCV-NAME~ and the other XPATH of $GCV-Name.

2) Set local variable PASSWORD to Named Password (your named Password
name_. Then use $PASSWORD in your es:ldapSearch call.

> I'd like to use a named password within es:ldapsearch to authenticate
> to Active Directory, but I don't know how to refence the password.
> If I insert the password as a string, everything works fine, but all my
> attempts to use the named password ended up with "JavaException:
> com.novell.ldap.LDAPException: Invalid Credentials"
> I have a named password called 'pw_dirxml-user'. It's part of the GCV
> 'gcv_pwLdapQueries'.
> <definition display-name="Passwort fuer den Account zur LDAP-Abfrage"
> name="gcv_pwLdapQueries" type="password-ref">
> <description/>
> <value xml:space="preserve">pw_dirxml-user</value>
> </definition>
> I tried it with ~pw_dirxml-user~ and with ~gcv_pwLdapQueries~, but
> everytime I'm unable to authenticate to AD.
> i.e.:
> <do-set-local-variable name="oldGroups" scope="policy">
> <arg-node-set>
> <token-local-variable name="oldGroups"/>
> <token-xpath
> expression="es:ldapSearch(&quot;~gcv_ldapAdServerF uerIdmQueries~&quot;,
> 389, false, null, null,&quot;~gcv_ldapAccountFuerIdmQueries~&quot;,
> &quot;~pw_dirxml-user~&quot;,concat($current-node,&apos;,&apos;,&apos;~adsTreeName~&apos,
> &quot;sub&quot;, $ldapQueryOldGroups,&quot;1.1&quot;, 0)"/>
> </arg-node-set>
> </do-set-local-variable>
> "Hard-coding" the password as a string into the function call works,
> but I'd like to use the named password.
> What am I doing wrong?
> Kind regards,
> Christine