infoCopter.com	retoh's Online Repository for myself and other Web Geeks
	home \| newsletter \| site map

Free Stuff

: links

: Neue Surf Tips

: know-how

: Zitate

: Spam Strike

: HTML Checker!

: Link Checker

: Cartoons

About IC

: friends

: lust und frust

: guestbook

: what's new

LDAP
LDAP stands for Lightweight Directory Access Protocol and is a directory service protocol that runs over TCP/IP.	See also LDAP Glossary

Home :: Know-how :: LDAP

[ LDAP Browser ]

Basics

Start OpenLDAP daemon: su root -c /usr/local/libexec/slapd
Stop LDAP daemon: killall slapd
Edit configuration file: vi /usr/local/etc/openldap/slapd.conf

Adding

ldapadd -f /tmp/newentry2 -x -D "cn=Manager,dc=my-domain,dc=com" -W -v

ldap_initialize(  )
Enter LDAP Password: 
add objectClass:
        inetorgperson
        top
add cn:
        Reto Hersiczky
        R. Hersiczky
add sn:
        Hersiczky
add mail:
        spam@infocopter.org
add uid:
        rhersiczky
adding new entry "cn=Reto Hersiczky, dc=my-domain, dc=com"
modify complete

Create an encrypted password with slappasswd

/usr/local/sbin/slappasswd

New password: ********
Re-enter new password: ******** 
{SSHA}efJlT3hgeDpaF3e21HQjdpFPsH9WrP2W

ldiff input for adding an entry

LDIF stands for LDAP Data Interchange Format. LDIF is a special file format used to represent an LDAP directory content as plain text. Use the links below to learn more about the LDIF file format, as well as about how LDIF is supported by Softerra LDAP Browser. RFC 2849
Entries are separated by an empty string. While editing your LDIF files, please be careful with trailing spaces - they are not allowed.

A string starting with a '#' character is to be considered a comment.

A string starting with a single space character is to be considered an extension of the previous one. For example:

dn: uid=JohnDoe, ou=People, dc=company,
 dc=com
...

ldapsearch

logical AND search

ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (&(cn=H*)(uid=h*))'

dn: cn=Hans Muster, dc=my-domain, dc=com
objectClass: inetorgperson
objectClass: top
cn: Hans Muster
cn: H. Muster
sn: Muster
mail: hans@muster.org
uid: hmuster

Reto's history ;-)

will document this in time ;-)

890  vi /usr/local/etc/openldap/schema/reto.schema 
 901  ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
 904  vi /usr/local/etc/openldap/slapd.conf
 905  vi /usr/local/etc/openldap/schema/core.schema
 907  grep title /usr/local/etc/openldap/schema/core.schema
 923  vi /usr/local/etc/openldap/slapd.conf
 924  grep mail /usr/local/etc/openldap/schema/core.schema
 925  vi /usr/local/etc/openldap/schema/core.schema
 929  ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
 936  cd /usr/local/etc/openldap/
 940  view schema/core.schema
 942  view schema/cosine.schema
 943  grep " mail " *
 944  grep " mail " schema/*
 945  view schema/inetorgperson.schema
 955  /usr/local/libexec/slapd -d 256
 958  ldapadd -f /tmp/newentry -x -D "cn=Manager,dc=my-domain,dc=com" -W -v -d255
 966  grep " dc " schema/*
 967  view schema/core.schema
 968  grep " dc " schema/*
 980  ldapadd -f /tmp/newentry -x -D "cn=Manager,dc=my-domain,dc=com" -W -v 
 981  less /var/log/messages
 991  ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret
 992  ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub
 993  ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL
 994  ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub
 995  ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL
 996  ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (cn=babs*) '
 997  ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (cn=babs*) ' mail uid
 998  ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (&(cn=Ba*)(uid=a*))'
 999  ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (&(cn=Ba*)(uid=b*))'
1000  ldapsearch -x -D cn=manager,dc=my-domain,dc=com -w secret -b dc=my-domain,dc=com -s sub -LLL ' (|(cn=Ba*)(uid=a*))'

LDAP Administrator und LDAP Browser

LDAP Browser is a lightweight version of LDAP Administrator with limited functionality. Type: freeware
Version: 2.0, 2.3 Operating System: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP (2002-09-07 14:43)

www.ldapadministrator.com/download/index.php
www.softerra.com/download/download.php