Chapter 1. LDAP basics

Table of Contents

LDAP server files
Solaris iPlanet/SunONE
OpenLDAP
LDAP client configuration files
OpenLDAP
iPlanet/SunONE
Understanding the LDAP Data Interchange Format
What is LDIF?
LDIF example
Binary data
Tools
ldapmodify
ldapdelete
ldapsearch
LDIF tools
Summary
Exercises

Abstract

In this introductionary chapter, we will discuss the following topics:

  • Directory server files

  • Directory client files

  • The LDIF format

  • Common tools

LDAP server files

Solaris iPlanet/SunONE

These files occur in a directory server installation tree, for instance /usr/iplanet/ds5/slapd-ourldapserver/config:

  • slapd.conf: a text file containing all the server parameters not related to the server's database. It is read at server startup and specifies among others the server's name, communication port and performance tuning directives.

  • slapd.ldbm.conf: included in slapd.conf by the “dynamicconf” parameter, configures database parameters.

  • schema: defines the allowed directory object classes and their attributes.

  • slapd.user_at.conf: when extending the directory schema, contains user defined attributes.

  • slapd.user_oc.conf: when extending the directory schema, contains user defined object classes.

All Sun 4- and 5.x servers use an instance of the Directory Server, “o=NetscapeRoot tree”, to store configuration information for the administrative server. Don't delete this entry, since this could force you to reinstall all servers. in the most recent SunONE Directory servers, this instance is not separated anymore but is included as part of the tree in the main configuration file, dse.ldif. This file describes entries, attributes and values as text. In this file you will find the “cn=config” entry, the object classes and access control instructions (ACIs) of the root entry and the “cn=monitor” entry.

OpenLDAP

OpenLDAP configuration files are usually primarily in /etc/openldap, where we find the following files:

  • ldapfilter.conf: describes how searches are performed.

  • ldapsearchprefs.conf: used by client programs to specify which attributes are searched and what options are available to the user.

  • ldaptemplates.conf: templates for searches and accompanying LDAP actions. Defines which information will be displayed to the user, allowing easier searching through the data, and what fields are changeable.

  • slapd.conf: contains configuration directives for the stand-alone LDAP daemon, also database configuration and access control to the server and server data.

  • schema/: directory containing the object classes and attributes recognized by the server (used to be in two separate configuration files).