LDAP: infoCopter.com

_____ infoCopter.com _____

LDAP	See also LDAP Glossary

LDAP stands for Lightweight Directory Access Protocol and is a directory service protocol that runs over TCP/IP.

[ LDAP Browser ]

Basics
Start OpenLDAP daemon: su root -c /usr/local/libexec/slapd
Stop LDAP daemon: killall slapd
Edit configuration file: vi /usr/local/etc/openldap/slapd.conf
Adding
ldapadd -f /tmp/newentry2 -x -D "cn=Manager,dc=my-domain,dc=com" -W -v

ldap_initialize(  )
Enter LDAP Password: 
add objectClass:
        inetorgperson
        top
add cn:
        Reto Hersiczky
        R. Hersiczky
add sn:
        Hersiczky
add mail:
        spam@infocopter.org
add uid:
        rhersiczky
adding new entry "cn=Reto Hersiczky, dc=my-domain, dc=com"
modify complete
Create an encrypted password with slappasswd
/usr/local/sbin/slappasswd
New password: ********
Re-enter new password: ******** 
{SSHA}efJlT3hgeDpaF3e21HQjdpFPsH9WrP2W
ldiff input for adding an entry
LDIF stands for LDAP Data Interchange Format. LDIF is a special file format used to represent an LDAP directory content as plain text. Use the links below to learn more about the LDIF file format, as well as about how LDIF is supported by Softerra LDAP Browser. RFC 2849

#---------------------------------------------------- # This file has been generated on 09.07.2002 at 14:53 # by Softerra LDAP Browser 2.3 (www.ldapbrowser.com) #---------------------------------------------------- version: 1 dn: cn=Reto Hersiczky, dc=my-domain, dc=com objectClass: inetorgperson objectClass: top cn: Reto Hersiczky cn: R. Hersiczky sn: Hersiczky mail: spam@infocopter.org uid: rhersiczky

Entries are separated by an empty string. While editing your LDIF files, please be careful with trailing spaces - they are not allowed.

A string starting with a '#' character is to be considered a comment.

A string starting with a single space character is to be considered an extension of the previous one. For example:
dn: uid=JohnDoe, ou=People, dc=company,
 dc=com
...
ldapsearch

logical AND search
ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (&(cn=H*)(uid=h*))'

dn: cn=Hans Muster, dc=my-domain, dc=com
objectClass: inetorgperson
objectClass: top
cn: Hans Muster
cn: H. Muster
sn: Muster
mail: hans@muster.org
uid: hmuster
Reto's history ;-)

will document this in time ;-)

890 vi /usr/local/etc/openldap/schema/reto.schema 901 ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts 904 vi /usr/local/etc/openldap/slapd.conf 905 vi /usr/local/etc/openldap/schema/core.schema 907 grep title /usr/local/etc/openldap/schema/core.schema 923 vi /usr/local/etc/openldap/slapd.conf 924 grep mail /usr/local/etc/openldap/schema/core.schema 925 vi /usr/local/etc/openldap/schema/core.schema 929 ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts 936 cd /usr/local/etc/openldap/ 940 view schema/core.schema 942 view schema/cosine.schema 943 grep " mail " * 944 grep " mail " schema/* 945 view schema/inetorgperson.schema 955 /usr/local/libexec/slapd -d 256 958 ldapadd -f /tmp/newentry -x -D "cn=Manager,dc=my-domain,dc=com" -W -v -d255 966 grep " dc " schema/* 967 view schema/core.schema 968 grep " dc " schema/* 980 ldapadd -f /tmp/newentry -x -D "cn=Manager,dc=my-domain,dc=com" -W -v 981 less /var/log/messages 991 ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret 992 ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub 993 ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL 994 ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub 995 ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL 996 ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (cn=babs*) ' 997 ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (cn=babs*) ' mail uid 998 ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (&(cn=Ba*)(uid=a*))' 999 ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (&(cn=Ba*)(uid=b*))' 1000 ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (|(cn=Ba*)(uid=a*))'

LDAP Administrator und LDAP Browser
LDAP Browser is a lightweight version of LDAP Administrator with limited functionality. Type: freeware
Version: 2.0, 2.3 Operating System: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP (2002-09-07 14:43)

www.ldapadministrator.com/download/index.php
www.softerra.com/download/download.php

Useful Links

LDAP Servers

OpenLDAP
Netscape/iPlanet

Apache Perl Modules

Active Directory

Novell
IBM
Oracle

LDAP Related Sites

LDAP Guru
LDAP Zone
Mozilla Directory SDK for C

F.A.Q.

OpenLDAP
Netscape
INNSoft
Kings Mountain Systems