LDAP

FAQ What's New

Your Trail jndi > directory > jndi > LDAP Table of Contents [show]     1 Quickstart: setting up LDAP service on fedora core 4[OL]       1.1 Get the software       1.2 Configure ldap       1.3 Start ldap       1.4 Try it out       1.5 Add your customized ldap entry         1.5.1 No superior knowlege     2 LDAP Browser/Editor     3 Links Keywords IBM, Lotus, Microsoft Copyright Information This article is licensed under GNU Public License. Contact webmasters for more information on copyright issues. LDAP, or Lightweight Directory Access Protocol, is an Internet protocol used by client programs to query information from servers. For example, an email client may use LDAP to query email addresses where LDAP server works as an address book organizer. Or a secure client may use LDAP to query public keys where LDAP server works as a security service. One key thing in understanding LDAP is that LDAP only defines a protocol for communication between client and server. It doesnot require any specific techniques on either the client side or the server side. Or, in other words, LDAP only defines the language between a client and an LDAP server. For example, the server could use database or even plain text query as long as it supports LDAP language to talk to clients. LDAP server was designed at the University of Michigan and is supported by major companies such as IBM, Microsoft, Lotus, etc. LDAP is defined in RFC2251 "The Lightweight Directory Access Protocol (v3). 1 Quickstart: setting up LDAP service on fedora core 4[OL] 1.1 Get the software Check if you have already have openldap installed by does /usr/sbin/ldap/slapd exist If you do, it usually means that you already have openldap installed run "yum info openldap" If you donot have openldap, try the following to install it Get the package from http://www.openldap.org/software/download/ gunzip -c openldap-VERSION.tgz | tar xvfB - cd openldap-VERSION ./configure make depend make make test su root -c 'make install' 1.2 Configure ldap Use your favorite editor to edit the default slapd.conf file (/etc/openldap/slap.conf), make it contain a BDB database definition of the form: database bdb suffix "dc=your,dc=full,dc=domain,dc=name" rootdn "cn=Manager,dc=your,dc=full,dc=domain,dc=name" rootpw secret rootpw *** (refer to /usr/sbin/slappasswd for how to generate this passwd) directory /usr/local/var/openldap-data 1.3 Start ldap su root -c /usr/sbin/slap 1.4 Try it out ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts 1.5 Add your customized ldap entry Create a text file example.ldif anywhere in your file system: dn: dc=host-4067 objectclass: dcObject objectclass: organization o: Example Company dc: host-4067 dn: cn=Manager,dc=host-4067 objectclass: organizationalRole cn: Manager and then run this command to insert the records: ldapadd -x -D "cn=Manager,dc=your,dc=full,dc=domain,dc=name" -W -f example.ldif 1.5.1 No superior knowlege Make sure in your dn attribute, you have dc="what you defined in -D param of the ldapadd command" 2 LDAP Browser/Editor http://www-unix.mcs.anl.gov/~gawor/ldap/ 3 Links LDAP Linux HOWTO Comments References [OL] http://www.openldap.org/doc/admin23/quickstart.html V.E.R.A Acronyms Lightweight Directory Access Protocol (RFC 1777, X.500, DS, AD) (search time: 0.538 msec)