CINXE.COM
Open Source Guide - LDAP for Rocket Scientists - Contents
<!DOCTYPE html> <html lang="en-us"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <link rel="icon" href="http://www.zytrax.com/favicon.ico"> <title>Open Source Guide - LDAP for Rocket Scientists - Contents</title> <!-- this page originated from http://www.zytrax.com/books/ldap/ --> <!-- HTTP_USER_AGENT=Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506; .NET CLR 3.5.21022; .NET CLR 1.0.3705; .NET CLR 1.1.4322) --> <style type="text/css"> <!-- /* ZYTRAX STYLE SHEET */ /* google maps */ /* v\:* {behavior:url(#default#VML);} */ /* tag modifiers */ a {text-decoration:none;color:gray;} a:hover {text-decoration:underline;} a:hover.p-f-s {color:black} a:hover.a-n {text-decoration:none;} body {background-color:white;color:black;margin:0px;padding:0px;font:normal 1.0em Verdana,Arial, Helvetica, sans-serif;} code {border:1px solid lightgray;background:mintcream;color:black;font-family:"Courier New", monospace;padding:0 2px} div.l-f table{width:100%;padding:4px;} h1 {font-size:1.5em;;border-width:0 0 5px 0;border-style:solid;border-color:LightGray;padding:4px;color:black} h2 {border-width:0 0 5px 0;border-color:LightGray;border-style:solid;font-size:1.3em;font-weight:bold;padding:4px;color:black} h3 {border-width:0 0 3px 0;border-color:LightGray;border-style:solid;font-size:1.1em;padding:4px;color:black;} h4 {border-width:0 0 2px 0;border-color:LightGray;border-style:solid;font-size:1.0em;padding:2px;color:black;} h5 {border-width:0 0 2px 0;border-color:LightGray;border-style:solid;font-size:1.0em;font-weight:bold;color:black;padding:4px;} h6 {border-width:0 0 1px 0;border-color:LightGray;border-style:solid; font-size:80%;color:black;padding:4px;} pre {white-space:pre-wrap;} img {border:0;} img.center {display:block;margin-left:auto;margin-right:auto;} img.right {display:block;float:right;} img.left {display:block;float:left;} form {border:1px solid #ccc;} input {border:1px solid #999;background:#9bf;} textarea {border:1px solid #999;background:#9bf;} table {margin: 0 auto;} table.t-m-n > tbody > tr > td {border:1px solid #ccc;padding:4px;} table.t-m-s > tbody > tr > td {border:1px solid #ccc;padding:4px;} table.p-m-n > tbody > tr > td {padding:4px;border-collapse:collapse;} table.p-m-s > tbody > tr > td {padding:4px;border-collapse:collapse;} tr {vertical-align:top;} /* end tag modifiers - Printer friendly */ .adv {margin-right:auto;margin-left:auto;width:728px;} .l-b {position:absolute;top:0px;left:0px;font-size:80%;border:0;background:white;color:gray;height:100px;z-index:9;width:100%;} div.l-r #layout {visibility:visible;} div.l-l-fp #layout {visibility:visible;} .l-l {position:absolute;top:100px;left:6px;width:110px;font:10pt Verdana,Helvetica, Arial, sans-serif;z-index:1;} .l-c {margin:105px 170px 0px 125px;padding:4px 20px;border-width:0 1px; border-style:solid; border-color:LightGray; z-index:5; line-height:1.3em;} .l-r {position:absolute;top:100px;right:0;width:160px;background:white;z-index:2;font-size:80%;} /* end printer friendly - begin divs generic (cross browser) */ .i-2 {background: url(../../images/info.gif) no-repeat top left;border-width: 3px 0 3px 0; border-style:solid;border-color:#bbb;font-size:10pt;padding:10px 10px 10px 60px;margin:10px;} .i-3 {background: url(../../../images/info.gif) no-repeat top left;border-width: 3px 0 3px 0; border-style:solid;border-color:#bbb;font-size:10pt;padding:10px 10px 10px 60px;margin:10px;} .l-c-i {padding:10px;} .l-l-fp {position:absolute;top:95px;left:6px;width:120px;z-index:10;text-align:right;font-size:80%;} .l-r-fp {position:absolute;top:95px;right:6px;width:150px;z-index:2;font-size:80%;} .l-f-m {} .l-f {margin:0 200px 0 125px;} .l-p {margin:10px;padding:4px;font:10pt Verdana,Helvetica, Arial, sans-serif;} .l-100 {width:100%;margin:0;} .w-2 {background: url(../../images/warning.gif) no-repeat top left;border-width: 3px 0 3px 0; border-style:solid;border-color:#bbb;font-size:10pt;padding:10px 10px 10px 60px;margin:10px;} .w-3 {background: url(../../../images/warning.gif) no-repeat top left;border-width: 3px 0 3px 0; border-style:solid;border-color:#bbb;font-size:10pt;padding:10px 10px 10px 60px;margin:10px;} /* end divs - begin nav pop-outs */ .n-l-c {color:black;} .n-l1 {padding:0;margin:0;list-style:none;width:100px;} .n-l1p {padding:0;margin:0;list-style:none;text-align:right;color:#339;} .n-l1p-e {font-size:9pt;margin:0;text-align:right;line-height:1.2em;position:relative;color:#339;} .n-l1-e {text-align:right;margin:0;padding:2px;position:relative;} .n-t1-e,.n-t2-e,.n-t3-e,.n-m-l1 {text-align:left;margin:0;padding:2px 5px;border:1px solid black;border-width:1px 1px 0 1px;position:relative;} .n-t1-es,.n-t2-es,.n-t3-es {text-align:left;margin:0;padding:2px 5px;border:1px solid black;border-width:1px 1px 0 1px;position:relative;background:#eee;} .n-t1-v {position:absolute;display:none;padding:0;margin:0;list-style:none;top:100%;right:0;width:100px; border-bottom:1px solid black;background:white;} .n-t1-vr,.n-m-u1 {position:absolute;display:none;padding:0;margin:0;list-style:none; top:100%;right:0;width:100px;border-bottom:1px solid black;background:white;} .n-t2,.n-t3 {position:absolute;display:none;padding:0;margin:0;list-style:none;top:0;right:100%;width:120px;border-bottom:1px solid black;background:white;} /* end pop-up styles - begin nav effects */ .g-c-n:hover {background:#eee;} .g-c-s:hover {background:#eee;} /* W3c pop-ups - selectors ignored by MSIE 6- */ div.n-m:hover > ul {display:block;} div.n-t0:hover > ul {display:block;} li.n-t1-e:hover > ul {display:block;} li.n-t1-es:hover > ul {display:block;} li.n-t1-e:hover, li.n-t1-es:hover,li.n-t2-e:hover,li.n-t2-es:hover,li.n-t3-e:hover,li.n-m-l1:hover {background:#ccc;} li.n-t2-e:hover > ul {display:block;} li.n-t2-es:hover > ul {display:block;} .n-l1-e:hover > ul {display:block;} .n-l1p-e:hover > ul {display:block;} .n-l1-es:hover > ul {display:block;} .n-l2-e:hover > ul {display:block;} .n-l2-es:hover > ul {display:block;} .n-l3-e:hover > ul {display:block;} .n-l3-es:hover > ul {display:block;} li.n-l1-e:hover,li.n-l1p-e:hover,li.n-l2-e:hover,li.n-l2-es:hover, li.n-l3-e:hover, li.n-l3-es:hover,li.n-l4-e:hover {background:#ccc;} /* end pop-up effects - begin generic (cross browser) alpha */ .arrows {font-size:250%;} .a-n {text-decoration:none;} .at {font-family:Verdana,sans-serif;font-size:9pt;margin:0px;text-indent:8px;} .b-1 {font-family:Verdana, sans-serif;} .button {background:#ddd;border:3px outset black;} .b-lg {background-color:#eee;} .b-r {border-width:0 0 0 1px;border-color:#336;border-style:solid;width:150px;} .b-l {border-width:0 1px 0 0;border-color:#336;border-style:solid;width:110px;} .b-b-s {border:1px solid black;} /* color styles */ .c-r, .red {color:red;} .c-b, .blue {color:blue;} .c-lg {color:LightGray;} .c-g {color:gray;} /* end color styles */ .d {font-family:Verdana,sans-serif;font-size:9pt;margin:0px;} .dd {position:absolute;left:0;top:0; font-family:Tahoma,sans-serif;font-size:9pt; visibility:hidden;background:lime;color:black;margin:0px;border:black solid 1px;padding:2px;} .f-d {font-weight:bold;} .f-b-n {border:0;} /* most browsers use an unacceptably small monospace default font */ .g-c-n,.g-b-n {font:110% "Courier New",monospace;border-style:solid;border-color:#ccc;border-width: 1px 1px 1px 5px;background-color:#9bf;padding:5px; color:black;} .g-c-s,.g-b-s,.codegray {font: 80% "Courier New",monospace;border-style:solid;border-color:#ccc;border-width: 1px 1px 1px 5px; background-color:#9bf;padding:5px; color:black;width:inherit;} .g-h-n, .g-s-b {background:#9bf;color:#339;padding:4px;font-size:100%;font-weight:normal;border:1px solid #ccc;} .g-h-nn {background:#9bf;color:#339;padding:4px; font-size:100%;font-weight:normal;} .g-h-ng,.section {background:#339;color:white;font:bold Verdana,sans-serif;padding:4px; text-decoration:none;} .g-h-s {background:#9bf;color:#339;padding:4px; font-size:80%;font-weight:normal;border:1px solid #ccc;} .g-h-ss {background:#9bf;color:#339;padding:4px; font-size:80%;font-weight:normal;} .g-n {text-decoration:none;color:white;} .g-i1-n {margin:5px 5px 5px 20px;} .g-i2-n {margin:5px 5px 5px 30px;} .g-i3-n {margin:5px 5px 5px 40px;} .g-l-n {list-style:none;} .g-sb-n {color:blue;font-size:8pt;line-height:150%;margin:2px;} .g-s-n {background-color:#eee;color:black;font-size:10pt; text-decoration:none;} .h-b {background:#ddd;color:black;font-weight:bold;} .h-150 {line-height:1.5em;} .i-h {margin:5px 5px 10px 60px;padding:5px;} .i-n {border-width: 3px 0 3px 0; border-style:solid;border-color:#bbb;font-size:10pt;padding:10px 10px 10px 60px;margin:10px;} .i-s {border-width: 3px 0 3px 0; border-style:solid;border-color:#bbb;font-size:8pt;margin:10px 10px 10px 60px;padding:10px;} .i-u {width:27px;} .n-l {position:fixed;left:6px;width:110px;} .n-l-fp {left:6px;width:110px;} .n-l-f {font-size:1.0em;margin:2px;text-align:right;line-height:1.2em;color:black;} .n-l-f a {color:black;} .m-h5 {margin:0.5em 0;} .m-h20 {margin:2.0em 0;} .n-b-l {font:1pt Verdana, Arial, Helvetica, sans-serif;border-width:0 0 1px 0;border-style:solid;border-color:#CCF;margin:0px;padding:0px;} .n-l-s {font-size:80%;visibility:hidden;} .n-m {font-size:130%;margin:0;padding:0;float:right;position:relative;} .n-t0 {float:right;position:relative;} .n-t-t {text-align:right;padding:1px 1px 8px 1px;margin:0;} .o-n {list-style:none;} .p-b {background:#eee;text-indent:3em;} .p-m-n,.norm {font-size: 100%;border-spacing:0;border-collapse:collapse;} .p-m-s { font-size:80%;border:0;border-spacing:0;border-collapse:collapse;} .q-i-2 {background: url(../../images/quotes-open.gif) no-repeat top left;} .q-s {border-width: 0 0 0 6px;border-style:solid;border-color:#acf;font-size:8pt;margin:10px 10px 10px 60px;padding:10px;} .t-b-s {font:8pt "Courier New",monospace;border-style:solid;border-color:#ccc;border-width: 1px;background-color:#acf;padding:5px; color:black;} .t-b-n {font:10pt "Courier New",monospace;border-style:solid;border-color:black;border-width: 1px;background-color:#acf;padding:5px; color:black;} /* link/href styles */ .t-dd:hover {background:#ddd;} .w-db:hover {background:#ddd;} .t-ba {color:#aaa;font-weight:bold;} .t-gb {color:blue;background:#eee;} .t-dr {color:red;text-decoration:none;} .t-dw {color:#666;text-decoration:none;} .t-db,.t-dd {color:blue;text-decoration:none;} .t-da {color:black;} .w-db,.t-dn {text-decoration:none;} /* begin text styles */ .t-b {font-size:120%;} .t-b200 {font-size:200%;} .t-c, .center {text-align:center;} .t-g {background:#eee;} .t-h {} div.t-h:hover > div {display:block;} .t-h-1 {display:none;background:#eee;padding:5px;} .t-i {font-style:italic;} .t-l {text-align:left;} .t-n, .g-e-t, .g-e-d {font-size:100%;font-weight:normal;} .t-o {font-weight:bold;} .t-r {text-align:right;} .t-s {font-size:80%;} .t-ss {font-size:60%;} /* table styles */ .t-t-l {margin:0;} .t-td1-l,.t-td1 {border-style:solid;border-width:5px 0 0 0;border-color:#ddd;padding:3px 3px 8px 5px;} .t-td2-l,.t-td2 {border-style:solid;border-width:5px 0 0 0;border-color:#acf;padding:3px 3px 8px 5px;} .t-m {background:#ccc;color:blue;text-decoration:none;} .t-m-n {font-size: 100%;border: 2px solid #ccc;border-spacing:0;border-collapse:collapse;} .t-m-s {font-size:80%;border: 2px solid #ccc;border-spacing:0;border-collapse:collapse;} .vital {font-family:Tahoma,Arial, sans-serif;font-size:12pt;background-color:#ddd; color:black;border-color:red;} /* visibility */ .v-h {visibility:hidden;} /* width styles */ .w-450 {width:450px;} .w-350 {width:350px;} .w-300 {width:300px;} .w-250 {width:250px;} .w-200 {width:200px;} .w-180 {width:180px;} .w-150 {width:150px;} .w-120 {width:120px;} .w-100 {width:100px;} .w-80 {width:80px;} .w-88 {width:88px;} .w-50 {width:50px;} .w-32 {width:32px;} .w-27 {width:27px;} .w-20 {width:20px;} .w-10 {width:10px;} .w-11pc {width:11%;} .w-6pc {width:6%;} /* Gecko/W3C specific */ abbr[title]:after {content:"";} abbr[title]:hover:after {content:" (" attr(title)")";} /* W3C pop-ups */ .n-l2,.n-l3,.n-l4 {position:absolute;display:none;padding:0;margin:0;list-style:none;top:0;left:100%;width:120px;border-bottom:1px solid black;background:#EEE;font:8pt Verdana,Helvetica, Arial, sans-serif} .n-l2-e,.n-l3-e,.n-l4-e {text-align:left;margin:0;padding:2px 5px;border:1px solid black;border-width:1px 1px 0 1px;position:relative;} .n-l2-es,.n-l3-es,.n-l4-es {text-align:left;margin:0;padding:2px 5px;border:1px solid black;border-width:1px 1px 0 1px;position:relative;background:white;} /* end - start expand divs */ .v-f {display:none;} .v-o {display:block;} /* end expand divs */ #toplogo {float:left;vertical-align:bottom;} .g-ci-s {font:8pt "Courier New",monospace;border-style:solid;border-color:#ccc;border-width: 1px 1px 1px 5px; background-color:#acf;color:black;} .jp-h-n {position:absolute;left:50%;top:50%;text-indent:4px;font-family:Verdana,sans-serif;font-size:10pt; visibility:hidden;background:#EEEEEE;color:blue;text-decoration:none;} .n-l-u {font-family:Verdana,sans-serif;top:60px;left:6px;width:110px;background:white;} .n-l-l {font-size: 9pt;color:black;text-align:right;line-height:150%;} .n-p-f {color:#336;font:9pt/16pt Verdana,sans-serif;text-decoration:none;text-indent:6px;} .n-p-n {background:#EEE;color:#336;font:9pt Verdana,sans-serif;text-indent:6px;} .n-p-n a {text-indent:6px;display:block;} .n-p-o {font:10pt Verdana,sans-serif; background:#DDD;color:blue;text-decoration:none;height:16pt;} .n-t-n {color:#336;font:10pt Verdana,sans-serif;text-decoration:none;margin:0;padding:0;} .n-t-s {color:white;font: 8pt Verdana,sans-serif;text-decoration:none;padding:0 3px 0 0} .n-t-sr {color:#336;font: 8pt Verdana,sans-serif;text-decoration:none;padding:0 3px 0 0} .p-b-h {visibility:hidden;} .p-n-h {position:absolute;left:0;top:0;text-indent:4px;font-family:Verdana,sans-serif;font-size:small; visibility:hidden;background:#EEE;color:blue;text-decoration:none;border:1px blue solid;width:110px;} .p-f-s {font-family: Verdana, sans-serif; font-size:8pt; color:silver; background:white;text-decoration:none;} --> </style> <style type="text/css" media="print"> <!-- /* ZYTRAX STYLE SHEET PRINT TEMPLATE */ .l-l {display:none;} .l-r {display:none;} .l-c {width:600px;margin:0;padding:30px 10px 5px 10px; border-width:0;} .l-f {margin:5px;} .n-t-t {display:none;} .n-t0 {display:none;} .adv {display:none;} --> </style> <script type="text/javascript"> <!-- // copyright ZYTRAX, Inc. 1994 - 2014 // you may use this javascript code at your own risk. // we would like you to keep the copyright statement intact but don't insist on it. // If you make improvements mail us a copy or make it available on your own web site. // global variables var topall = new Array(2); var lownav = new Array(2); var lowpop = new Array(2); var rightnav = new Array(2); var rightpop = new Array(2); var x = 0; // global menu level var way = 'h'; var menu = null; var menus = null; var pop1 = new Array(2); var fs = 1.0; var days = new Array(7); var months = new Array(12); days = ["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"]; months = ["January","February","March","April","May","June","July","August","September","October","November","December"]; function showtime() { var thistime = ""; var nowtime ="" var nowam = "AM"; var now = new Date(); var nowhour = now.getHours(); if (nowhour > 12) { nowam = "PM"; nowhour = nowhour - 12; } else if (nowhour == 0){ nowhour = 12; } var nowminutes = now.getMinutes(); if (nowminutes < 10 ){ nowminutes = "0" + nowminutes; } nowtime = nowhour + ":" + nowminutes + " " + nowam; thistime = days[now.getDay()] + " " + now.getDate() + " " + months[now.getMonth()] + " " + now.getFullYear() + ", " + nowtime; return thistime; } // -- W3C DOM specific code - first choice always function lock(num){ // lock relies on a style which end with -l rollover = document.getElementById("l" + num); if(rollover){ cn = rollover.className if((pos = cn.lastIndexOf("-")) != -1){ bcn = cn.substring(0,pos + 1); scn = cn.substring(pos +1); if(scn == "f" || scn == "o"){ rollover.className = bcn + "l"; } } } } function fontchange(fix) { x = document.getElementsByTagName("div"); for(i = 0; i < x.length; i++) { if(x[i].className == "l-c"){ if(x[i].style.fontSize == ""){ fs = 1.0; x[i].style.fontSize = "1.0em"; } if(fix == "d"){ if(fs <= 0.8){ break; }else{ fs = parseFloat(fs - 0.1); x[i].style.fontSize = fs + "em"; } }else{ if(fs >= 1.5){ break; }else{ fs = parseFloat(fs + 0.1); x[i].style.fontSize = fs + "em"; } } break; } } } function toggle(tid){ var dis; var disa; if(document.getElementById){ dis = document.getElementById(tid); disa = document.getElementById(tid + 'a'); }else{ dis = document.all.tid; disa = document.all.tid + 'a'; } if(dis.style.display == 'block'){ dis.style.display = 'none'; disa.style.display = 'block'; }else{ dis.style.display = 'block'; disa.style.display = 'none'; } } function gotourl($url) { window.location = $url; } function mailus(mbox,stub,subject) { mail = "mailto:"+mbox+"@"+stub; if(subject != ""){ mail = mail+"?SUBJECT="+"A-Z: "+subject; } window.location = mail; return; } // W3C compliant uses CSS popups not JS //--> </script> </head> <body> <!-- Page Header plus top nav bar --> <div class="l-b"> <a href="http://www.zytrax.com"><img id="toplogo" src="http://www.zytrax.com/images/zytrax-logo-open.gif" alt="ZYTRAX Open Logo"></a> <!-- desktop browsers --> <p class="n-t-t"><a href="http://www.zytrax.com/feedback.htm" class="n-t-sr">mail us</a> | <a href="http://www.zytrax.com/run/mailpage.php" class="n-t-sr">mail this page</a></p> <div class="n-t0"> <a href="http://www.zytrax.com/Company/contacts.html" class="n-t-sr">contact us</a> </div> <div class="n-t0"> <a href="http://www.zytrax.com/training/" class="n-t-sr">training</a> | </div> <div class="n-t0"> <a href="http://www.zytrax.com/tech/" class="n-t-sr">tech stuff</a> | <ul class="n-t1-v"> <li class="n-t1-es"><a href="http://www.zytrax.com/tech/" class="t-da">tech stuff</a> <!-- tertiary pop-outs --> <ul class="n-t2"> <li class="n-t2-e"><a title="collection of technology stuff" href="http://www.zytrax.com/tech/" class="t-da">tech stuff</a></li> <li class="n-t2-es t-da">web stuff <ul class="n-t3"> <li class="n-t3-e"><a title="collection of web based technology stuff" href="http://www.zytrax.com/tech/web/" class="t-da">web stuff</a></li> <li class="n-t3-e"><a title="collection of UA strings for most browsers" href="http://www.zytrax.com/tech/web/browser_ids.htm" class="t-da">browser ids</a></li> <li class="n-t3-e"><a title="collection of mobile UA strings" href="http://www.zytrax.com/tech/web/mobile_ids.html" class="t-da">mobile ids</a></li> <li class="n-t3-e"><a title="our HTML5 page conversion process and thoughts" href="http://www.zytrax.com/tech/css/html5.html" class="t-da">HTML5 Convert</a></li> <li class="n-t3-e"><a title="how we do server-side browser sniffing with apache" href="http://www.zytrax.com/tech/web/browser_sniffing.html" class="t-da">browser sniffing</a></li> <li class="n-t3-e"><a title="apache environmental variables" href="http://www.zytrax.com/tech/web/env_var.htm" class="t-da">apache env's</a></li> <li class="n-t3-e"><a title="apache server side includes - extensive notes and examples" href="http://www.zytrax.com/tech/web/ssi.htm" class="t-da">apache ssi</a></li> <li class="n-t3-e"><a title="our css pop-up/pop-down/flyout menus for Gecko/Opera/MSIE" href="http://www.zytrax.com/tech/css/workarounds.html#popout" class="t-da">pop-outs (css)</a></li> <li class="n-t3-e"><a title="most of those annoying HTML entity codes that we forget all the time" href="http://www.zytrax.com/tech/web/entities.html" class="t-da">html entities</a></li> </ul> </li> <li class="n-t2-es t-da">open guides <ul class="n-t3"> <li class="n-t3-e"><a href="http://www.zytrax.com/books/" class="t-da">open guides</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/books/dns" class="t-da">dns guide</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/books/ldap" class="t-da">ldap guide</a></li> </ul> </li> <li class="n-t2-e"><a title="Decimal to Hexidecimal to Binary conversion - even Octal!" href="http://www.zytrax.com/tech/protocols/hex.html" class="t-da">Dec>Hex>Bin</a></li> <li class="n-t2-es t-da">survival stuff <ul class="n-t3"> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/survival/" title="a series of survival guides for some popular open source software" class="t-da">survival stuff</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/survival/ssl.html" class="t-da">ssl/tls & x.509</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/survival/asn1.html" class="t-da">ASN.1</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/survival/kerberos.html" class="t-da">kerberos</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/survival/postfix.html" class="t-da">postfix</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/survival/cron.html" class="t-da">cron</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/survival/encryption.html" class="t-da">cryptography</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/survival/wxwidgets.html" class="t-da">wxWidgets</a></li> </ul> </li> <li class="n-t2-es t-da">audio stuff <ul class="n-t3"> <li class="n-t3-e"><a title="Pages about Digital Audio, Primers, Calculator, Equalization, FFT" href="http://www.zytrax.com/tech/audio/" class="t-da">audio stuff</a></li> <li class="n-t3-e"><a title="Fundamentals, harmonics, overtone, partials, loudness, ADSR envelopes" href="http://www.zytrax.com/tech/audio/sound.html" class="t-da">sound primer</a></li> <li class="n-t3-e"><a title="Sound digitization, time domain, frequency domain" href="http://www.zytrax.com/tech/audio/digital-sound.html" class="t-da">digital sound</a></li> <li class="n-t3-e"><a title="common frequencies of instruments and in life" href="http://www.zytrax.com/tech/audio/audio.html" class="t-da">frequencies</a></li> <li class="n-t3-e"><a title="equalization principles, octaves, sound metering and FFT" href="http://www.zytrax.com/tech/audio/equalization.html" class="t-da">equalization</a></li> <li class="n-t3-e"><a title="Acoustic caculators for musical notes and FFT bin frequencies" href="http://www.zytrax.com/tech/audio/calculator.html" class="t-da">calculators</a></li> <li class="n-t3-e"><a title="Yet another audio glossary" href="http://www.zytrax.com/tech/audio/glossary.html" class="t-da">glossary</a></li> </ul> <li class="n-t2-e"><a href="http://www.zytrax.com/tech/web/regex.htm" class="t-da">regex stuff</a></li> <li class="n-t2-es t-da">cable stuff <ul class="n-t3"> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/layer_1/" class="t-da">cable stuff</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/layer_1/cables/tech_lan.htm" class="t-da">lan wiring</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/layer_1/cables/mixed.html" class="t-da">lan & telephone</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/layer_1/cables/tech_rs232.htm" class="t-da">rs232 stuff</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/layer_1/cables/heavy.htm" class="t-da">serial primer</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/pc/serial.html" class="t-da">usb 3.2 & firewire</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/pc/monitors.htm" class="t-da">displays</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/layer_1/cables/cables_jacks.htm" class="t-da">modular jacks</a></li> </ul> </li> <li class="n-t2-es t-da">protocol stuff <ul class="n-t3"> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/protocols/" class="t-da">protocol stuff</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/protocols/tcp.html" class="t-da">tcp-udp-icmp</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/protocols/ip-classes.html" class="t-da">ipv4</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/protocols/ip-classes.html#calculator" class="t-da">ipv4 Calculator</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/protocols/ipv6.html" class="t-da">ipv6</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/protocols/ipv6.html#calculator" class="t-da">ipv6 Calculator</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/protocols/isdn" class="t-da">isdn-bri</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/protocols/lan" class="t-da">802 lan</a></li> <li class="n-t3-e"><a href="http://www.zytrax.com/tech/ss7" class="t-da">ss7 & sigtran</a></li> </ul> </li> <li class="n-t2-e"><a href="http://www.zytrax.com/tech/pc/" class="t-da">pc stuff</a></li> <li class="n-t2-e"><a href="http://www.zytrax.com/tech/wireless/" class="t-da">wireless stuff</a></li> <li class="n-t2-es t-da">css stuff <ul class="n-t3"> <li class="n-t3-e"><a title="collection of css notes and experiences including css menus and css liquid layout" href="http://www.zytrax.com/tech/css/" class="t-da">css stuff</a></li> <li class="n-t3-e"><a title="Notes on our experience with converting to css based liquid layouts - including blow by blow css" href="http://www.zytrax.com/tech/css/layoutnotes.html" class="t-da">css liquid design</a></li> <li class="n-t3-e"><a title="we have used css menus since mid-2003 - blow-by-blow implementation notes" href="http://www.zytrax.com/tech/css/workarounds.html#popout" class="t-da">css menus</a></li> <li class="n-t3-e"><a title="some practical solutions on using css" href="http://www.zytrax.com/tech/css/workarounds.html" class="t-da">css notes</a></li> <li class="n-t3-e"><a title="css shortforms at a glance" href="http://www.zytrax.com/tech/css/shortcut.html" class="t-da">css short-forms</a></li> <li class="n-t3-e"><a title="css selectors and quick overview with links to the W3C specs" href="http://www.zytrax.com/tech/css/syntax.html" class="t-da">css overview</a></li> </ul> </li> <li class="n-t2-e"><a href="http://www.zytrax.com/tech/codes.htm" class="t-da">ascii codes</a></li> <li class="n-t2-e"><a href="http://www.zytrax.com/tech/data_rates.htm" class="t-da">data rate stuff</a></li> <li class="n-t2-e"><a href="http://www.zytrax.com/tech/telephony/" class="t-da">telephony stuff</a></li> <li class="n-t2-e"><a href="http://www.zytrax.com/tech/mech/" class="t-da">mech. stuff</a></li> <li class="n-t2-e"><a href="http://www.zytrax.com/tech/protocols/hex.html" class="t-da">Dec>Hex>Bin</a></li> <li class="n-t2-e"><a href="http://www.zytrax.com/tech/lang/" class="t-da">language stuff</a></li> <li class="n-t2-e"><a href="http://www.zytrax.com/tech/electronics/" class="t-da">electronic stuff</a></li> <li class="n-t2-e"><a href="http://www.zytrax.com/tech/rfcs/" class="t-da">rfc stuff</a></li> </ul> </li> <li class="n-t1-e"><a href="http://www.zytrax.com/security/" class="t-da">Security</a></li> </ul> </div> <!-- close div l-b --> </div> <!-- begin body table --> <div class="l-c"> <p class="adv"> <script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script> <!-- LDAP Leaderboard --> <ins class="adsbygoogle" style="display:inline-block;width:728px;height:90px" data-ad-client="ca-pub-9419480011552853" data-ad-slot="0300750441"></ins> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> </p> <h1>LDAP for Rocket Scientists</h1> <p>This Open Source Guide is about LDAP, OpenLDAP 2.x and ApacheDS on Linux and the BSD's (FreeBSD, OpenBSD and NetBSD). It is meant for newbies, Rocket Scientist wannabees and anyone in between.</p> <p>LDAP is a complex subject. This Guide was born out of our pathetic attempts to understand LDAP, since it promised a veritable nirvana - common source for information, unlimited scalability using a replication model, inherent resilience, fast read performance, fine-grained control over who can do what to what data - the list goes on. Wonderful stuff.</p> <p>That's the end of the good news.</p> <p>The bad news is that IOHO never has so much been written so incomprehensibly about a single topic with the possible exceptions of BIND and ... and ... There are innumerable excellent HOWTOs scattered over the Internet, which are great if you need a tactical solution to a particular problem, and are happy to put up with the vaguely uncomfortable feeling that you are entirely dependent on something you don't really understand. We didn't want a tactical solution, we wanted a strategic solution to a whole set of problems, all of which all appeared to be ideally suited to LDAP, but we had to understand stuff ... we needed a WHYTO. This is our - perhaps pathetic - attempt to create it.</p> <p>Once upon a time OpenLDAP was the only game in the Open Source LDAP town. It is still regarded as the LDAP reference implementation and remains an excellent system with many production implementations, is actively developed and ferociously complex to implement for other than trivial applications. It is, however, no longer the only game in town. There is now the <a href="http://directory.fedoraproject.org" class="t-db">389 Directory Server</a> (ex-Fedora Directory Server), another University of Michigan derivative, <a href="https://backstage.forgerock.com/docs/dj" class="t-db">OpenDJ</a> (a fork of <a href="http://opends.java.net" class="t-db">OpenDS</a> a Sun-led Java-based LDAP implementation which now appears inactive), and the <a href="http://directory.apache.org/" class="t-db">ApacheDS (Apache Directory)</a> project. All appear excellent projects and together with OpenLDAP provide an embarrassment of riches in the Open Source LDAP space - driving forward capabilities and functionality. <a href="implementations.html" class="t-db">Some notes about the projects and our decision if you are interested in this kind of stuff</a>.</p> <p>All future versions of this guide will progressively introduce material describing the use of ApacheDS while continuing to document OpenLDAP.</p> <p><b><warning></b> This is very much a work in progress. If you find errors don't grumble - tell us. Look at our <a href="todo.html" class="t-db">to do list</a> and if you want to contribute something please do so. And for all that hard work we promise only a warm sense of well-being and an acknowledgment of your work in the licence. <b></warning></b></p> <h1 id="contents">Contents</h1> <p>What's new in Guide version <a href="changelog.html" class="t-db">0.1.19</a></p> <h2><a href="ch1/" class="t-db">1. Boilerplate and Terminology</a></h2> <ol class="o-n"> <li><a href="ch1/index.html#objectives" class="t-db">1.1 Objectives and Scope</a></li> <li><a href="ch1/index.html#how" class="t-db">1.2 How to read this Guide</a></li> <li><a href="ch1/index.html#terminology" class="t-db">1.3 Terminology and Conventions used</a></li> <li><a href="ch1/index.html#ack" class="t-db">1.4 Acknowledgements</a></li> <li><a href="ch1/index.html#license" class="t-db">1.5 Copyright and License</a></li> </ol> <h1 id="section1">Section 1 - Overview & Concepts</h1> <h3><a title="" href="ch2" class="t-db"> 2. LDAP - Overview</a></h3> <ol class="o-n"> <li><a href="ch2/index.html#history" class="t-db">2.1 A brief History of LDAP</a></li> <li><a href="ch2/index.html#overview" class="t-db">2.2 LDAP Overview</a></li> <li><a href="ch2/index.html#database" class="t-db">2.3 LDAP vs. Database</a> <ol class="o-n"> <li><a href="ch2/index.html#summary" class="t-db">2.3.1 LDAP Usage Summary</a></li> </ol> </li> <li><a href="ch2/index.html#model" class="t-db">2.4 LDAP Data (Object) Model</a> <ol class="o-n"> <li><a href="ch2/index.html#basic" class="t-db">2.4.1 Object Tree Structure</a></li> <li><a href="ch2/index.html#objectclasses" class="t-db">2.4.2 Object Classes</a></li> <li><a href="ch2/index.html#attribute" class="t-db">2.4.3 Attributes</a></li> <li><a href="ch2/index.html#populating" class="t-db">2.4.4 Describing the Tree by Adding (Data) Entries</a></li> <li><a href="ch2/index.html#navigation" class="t-db">2.4.5 Navigating the Tree (DNs and RDNs)</a></li> </ol> </li> <li><a href="ch2/index.html#organization" class="t-db">2.5 LDAP Replication and Referrals</a> <ol class="o-n"> <li><a href="ch2/index.html#referrals" class="t-db">2.5.1 Referrals</a></li> <li><a href="ch2/index.html#replication" class="t-db">2.5.2 Replication</a></li> </ol> </li> </ol> <h3><a href="ch3/" class="t-db">3. LDAP Schemas, ObjectClasses and Attributes</a></h3> <ol class="o-n"> <li><a href="ch3/index.html#overview" class="t-db">3.1 LDAP Stuff Overview</a></li> <li><a href="ch3/index.html#schemas" class="t-db">3.2 Schemas</a></li> <li><a href="ch3/index.html#objectclasses" class="t-db">3.3 ObjectClasses</a></li> <li><a href="ch3/index.html#attributes" class="t-db">3.4 Attributes</a></li> <li><a href="ch3/index.html#matchingrules" class="t-db">3.5 Matching Rules</a></li> <li><a href="ch3/index.html#operational" class="t-db">3.6 LDAP Operational Attributes and Objects</a></li> </ol> <h1 id="seection2">Section 2 - Get Something Running</h1> <div class="g-i1-n"> <h3><a href="ch4/"></a>4. LDAP Installation</h3> <p class="g-i1-n"> <a href="ch4/index.html" class="t-db">4.1 LDAP Installation</a><br> <a href="ch4/openldap.html" class="t-db">4.2 OpenLDAP on *NIX and Windows</a><br> <a href="ch4/apacheds.html" class="t-db">4.3 ApacheDS on *NIX and Windows</a><br> </p> </div> <div class="g-i1-n"> <h3><a href="ch5/" class="t-db">5. OpenLDAP Sample Configurations</a></h3> <p class="g-i1-n"> <a title="" href="ch5/index.html#step1" class="t-db">5.1 Simple Directory</a><br> </p> <p class="g-i2-n"> <a title="" href="ch5/index.html#step1-dit" class="t-db">5.1.1 Designing the DIT</a><br> <a title="" href="ch5/index.html#step1-objectclass" class="t-db">5.1.2 Select the STRUCTURAL objectClass</a><br> <a title="" href="ch5/index.html#step1-slapd" class="t-db">5.1.3 slapd.conf File</a><br> <a title="" href="ch5/index.html#step1-ldif" class="t-db">5.1.4 LDIF File</a><br> <a title="" href="ch5/index.html#step1-load" class="t-db">5.1.5 Loading the LDIF</a><br> <a title="" href="ch5/index.html#step1-add" class="t-db">5.1.6 Adding New Entries using LDIF</a><br> <a title="" href="ch5/index.html#step1-modifying" class="t-db">5.1.7 Modifying Entries using LDIF</a><br> <a title="" href="ch5/index.html#step1-fun" class="t-db">5.1.8 Just Fooling Around</a><br> </p> <p class="g-i1-n"> <a title="" href="ch5/step2.html#step2" class="t-db">5.2 Securing the Directory</a> </p> <p class="g-i2-n"> <a title="" href="ch5/step2.html#step2-policy" class="t-db">5.2.1 Security Policy</a><br> <a title="" href="ch5/step2.html#step2-groups" class="t-db">5.2.2 Adding Groups</a><br> <a title="" href="ch5/step2.html#step2-access" class="t-db">5.2.3 ACL slapd.conf Access Definitions</a><br> <a title="" href="ch5/step2.html#step2-test" class="t-db">5.2.4 Testing the ACL</a> </p> <p class="g-i1-n"> <a title="" href="ch5/step3.html#step3" class="t-db">5.3 Expanded Hierarchy</a></p> <p class="g-i2-n"> <a title="" href="ch5/step3.html#step3-policy" class="t-db">5.3.1 Requirement</a><br> <a title="" href="ch5/step3.html#step3-implement" class="t-db">5.3.2 Implementation</a><br> <a title="" href="ch5/step3.html#step3-ldif" class="t-db">5.3.3 LDIF</a><br> <a title="" href="ch5/step3.html#step3-access" class="t-db">5.3.4 ACL slapd.conf Access Definitions</a><br> <a title="" href="ch5/step3.html#step3-test" class="t-db">5.3.5 Testing the ACL</a> </p> <p class="g-i2-n"> <a title="" href="ch5/step4.html#step4" class="t-db">5.4 Creating & Adding Objects</a></p> <p class="g-i3-n"> <a title="" href="ch5/step4.html#step4-require" class="t-db">5.4.1 Requirement</a><br> <a title="" href="ch5/step4.html#step4-implement" class="t-db">5.4.2 Implementation</a><br> <a title="" href="ch5/step4.html#step4-attributes" class="t-db">5.4.3 Attribute Definitions</a><br> <a title="" href="ch5/step4.html#step4-objectclass" class="t-db">5.4.4 objectClass & Schema Definition</a><br> <a title="" href="ch5/step4.html#step4-access" class="t-db">5.4.5 ACL slapd.conf Access Definitions</a><br> <a title="" href="ch5/step4.html#step4-ldif" class="t-db">5.4.6 LDIF</a><br> <a title="" href="ch5/step4.html#step4-test" class="t-db">5.4.7 Testing the Changes</a> </p> <p class="g-i2-n"> <a title="" href="ch5/step5.html#step6" class="t-db">5.5 Single Sign On</a><br> <a title="" href="ch5/step6.html#step4" class="t-db">5.6 Referral and Replication</a><br> </p> </div> <div class="g-i1-n"> <h3><a href="ch6/" class="t-db">6. Configuration Files</a></h3> <p class="g-i1-n"> <a href="ch6/#overview" class="t-db">6.1 slapd.conf Overview</a><br> <a href="ch6/slapd-config.html" class="t-db">6.1.1 Using OLC (cn=config)</a><br> <a href="ch6/slapd-config.html#intro" class="t-db">6.1.1.1 OLC (cn=config) Overview</a><br> <a href="ch6/slapd-config.html#convert" class="t-db">6.1.1.2 Converting from slapd.conf to OLC (cn=config)</a><br> <a href="ch6/slapd-config.html#entries" class="t-db">6.1.1.3 OLC (cn=config) Layout</a><br> <a href="ch6/slapd-config.html#use" class="t-db">6.1.1.4 Using OLC (cn=config)(Read, Modify)</a><br> <a href="ch6/slapd-config.html#use-general" class="t-db">6.1.1.4.1 OLC (cn=config)General Notes</a><br> <a href="ch6/slapd-config.html#use-schemas" class="t-db">6.1.1.4.2 Add/Delete Schemas using OLC (cn=config)</a><br> <a href="ch6/slapd-config.html#use-security" class="t-db">6.1.1.4.3 Add/Delete ACPs/ACLs using OLC (cn=config)</a><br> <a href="ch6/slapd-config.html#use-modules" class="t-db">6.1.1.4.4 Add/Delete Modules using OLC (cn=config)</a><br> <a href="ch6/slapd-config.html#use-databases" class="t-db">6.1.1.4.5 Add/Delete Databases using OLC (cn=config)</a><br> <a href="ch6/#list" class="t-db">6.2 List of Directives (OLC (cn=config) and slapd.conf)</a><br> <a href="ch6/#global" class="t-db">6.3 Global Section Directives (OLC (cn=config) and slapd.conf)</a><br> <a href="ch6/#tls-overview" class="t-db">6.3.1 TLS Directives (OLC (cn=config) and slapd.conf)</a><br> <a href="ch6/#backend" class="t-db">6.4 Backend Section Directives (OLC (cn=config) and slapd.conf)</a><br> <a href="ch6/#database" class="t-db">6.5 Database Section Directives (OLC (cn=config) and slapd.conf)</a><br> <a href="ch6/#overlay" class="t-db">6.5.1 Overlay Directives (OLC (cn=config) and slapd.conf)</a><br> <a href="ch6/ldap-conf.html" class="t-db">6.6 ldap.conf Directives</a><br> <a href="ch6/ads-server.html" class="t-db">6.7 ApacheDS Configuration</a><br> </p> </div> <div class="g-i1-n"> <h3><a href="ch7/" class="t-db">7. Replication and Referrals</a></h3> <p class="g-i1-n"> <a href="ch7/#overview" class="t-db">7.1 Replication and Referral Overview</a><br> <a href="ch7/#replication" class="t-db">7.2 Replication</a><br> <a href="ch7/#ol-replication" class="t-db">7.2.1 OpenLDAP Replication</a><br> <a href="ch7/#ol-slurpd" class="t-db">7.2.1.1 OpenLDAP slurpd Style Replication</a><br> <a href="ch7/#ol-slurpd-errors" class="t-db">7.2.1.1.1 OpenLDAP slurpd Replication Errors</a><br> <a href="ch7/#ol-syncrepl" class="t-db">7.2.1.2 OpenLDAP sysncrepl Style Replication</a><br> <a href="ch7/#ol-syncrepl-ro" class="t-db">7.2.1.2.1 OpenLDAP sysncrepl RefreshOnly</a><br> <a href="ch7/#ol-syncrepl-rap" class="t-db">7.2.1.2.2 OpenLDAP sysncrepl RefreshAndPersist</a><br> <a href="ch7/#ol-syncrepl-mm" class="t-db">7.2.1.2.3 OpenLDAP sysncrepl Multi-Master</a><br> <a href="ch7/#ol-syncrepl-delta" class="t-db">7.2.1.2.4 OpenLDAP sysncrepl Access Logs and Delta-sync</a><br> <a href="ch7/#ads-replication" class="t-db">7.2.2 ApacheDS Replication</a><br> <a href="ch7/#synching" class="t-db">7.3 Synching DIT before surpd Replication</a><br> <a href="ch7/#synching-syncrepl" class="t-db">7.3 Synching DIT before syncrepl Replication</a><br> <a href="ch7/referrals.html" class="t-db">7.4 Referrals</a><br> <a href="ch7/referrals.html#chaining" class="t-db">7.4.1 Referral Chaining</a><br> </p> </div> <h1 id="section3">Section 3 - Reference</h1> <div class="g-i1-n"> <h3><a href="ch8/">8. LDIF and DSML</a></h3> <p class="g-i1-n"> <a href="ch8/#overview" class="t-db">8.1 LDIF Overview</a><br> <a href="ch8/#format" class="t-db">8.2 LDIF Format & Directives</a></p> <p class="g-i2-n"> <a href="ch8/#format-over" class="t-db">8.2.1 LDIF File Format</a> </p> <p class="g-i3-n"> <a href="ch8/#line-types" class="t-db">8.2.1.1 LDIF Terminology and Line Types</a><br> <a href="ch8/#format-sample" class="t-db">8.2.1.2 LDIF Sample</a> </p> <p class="g-i2-n"> <a href="ch8/#directives" class="t-db">8.2.2 LDIF Directives</a><br> </p> <p class="g-i3-n"> <a href="ch8/#add" class="t-db">8.2.2.1 add Directive</a><br> <a href="ch8/#attributename" class="t-db">8.2.2.2 attributename Directives</a><br> <a href="ch8/#changetype" class="t-db">8.2.2.3 changetype Directives</a><br> <a href="ch8/#control" class="t-db">8.2.2.4 control Directives</a><br> <a href="ch8/#delete" class="t-db">8.2.2.5 delete Directives</a><br> <a href="ch8/#deleteoldrdn" class="t-db">8.2.2.6 deleteoldrdn Directives</a><br> <a href="ch8/#dn" class="t-db">8.2.2.7 dn Directives</a><br> <a href="ch8/#newrdn" class="t-db">8.2.2.8 newrdn Directives</a><br> <a href="ch8/#newsuperior" class="t-db">8.2.2.9 newsuperior Directives</a><br> <a href="ch8/#objectclass" class="t-db">8.2.2.10 objectclass Directives</a><br> <a href="ch8/#replace" class="t-db">8.2.2.11 replace Directives</a><br> <a href="ch8/#version" class="t-db">8.2.2.12 version Directives</a><br> </p> <p class="g-i1-n"> <a href="ch8/#binary" class="t-db">8.3 LDIF Handling Binary (including Passwords)</a><br> <a href="ch8/#files" class="t-db">8.4 LDIF Importing Files</a><br> <a href="ch8/#samples" class="t-db">8.5 LDIF Samples</a><br> <a href="ch8/dsml.html" class="t-db">8.6 DSML</a><br> </p> </div> <div class="g-i1-n"> <h3><a href="ch9/" class="t-db">9. LDAP Functional Model</a></h3> <p class="g-i1-n"> <a title="" href="ch9/#url" class="t-db">9.4 LDAP URL</a><br> </p> </div> <div class="g-i1-n"> <h3><a href="ch10/" class="t-db">10. LDAP API</a></h3> <p class="g-i1-n"> </p> </div> <h1 id="section4">Section 4 OpenLDAP Operations</h1> <div class="g-i1-n"> <h2><a href="ch11/" class="t-db">11. OpenLDAP HowTos</a></h2> <p class="g-i1-n"> <a title="" href="ch11/multi-dit.html" class="t-db">Configuring Multiple DITs in OpenLDAP</a><br> <a title="" href="ch7/referrals.html" class="t-db">Configuring Referrals in OpenLDAP</a><br> <a title="" href="ch7/referrals.html#chaining" class="t-db">Configuring Referral chaining in OpenLDAP</a><br> <a title="" href="ch7/#ol-slurpd" class="t-db">Configuring slurpd style replication in OpenLDAP</a><br> <a title="" href="ch7/#ol-syncrepl" class="t-db">Configuring syncrepl style replication in OpenLDAP</a><br> <a title="" href="ch7/#access-log" class="t-db">Configuring delta synchronization (syncrepl) in OpenLDAP</a><br> <a title="" href="ch6/slapd-config.html" class="t-db">Configuring and using cn=config in OpenLDAP</a><br> <a title="" href="ch11/running.html" class="t-db">Notes about running/initialising OpenLDAP</a><br> <a title="" href="ch11/overlays.html" class="t-db">Notes about overlays in OpenLDAP (or when is an overlay an overlay)</a><br> <a title="" href="../ch6/slapd-config.html" class="t-db">OpenLDAP converting to OLC (cn=config)</a><br> <a title="" href="../ch6/slapd-config.html" class="t-db">Using OLC (cn=config)</a><br> <a title="" href="ch11/groups.html" class="t-db">Configuring Groups of Users in OpenLDAP</a> </p> </div> <h2><a href="ch12/">12. OpenLDAP Trouble Shooting & Errors</a></h2> <h2><a href="ch13/" class="t-db">13. OpenLDAP Performance</a></h2> <h2><a href="ch14/" class="t-db">14. LDAP Tools</a></h2> <h4>OpenLDAP Tools</h4> <p class="g-i1-n"> <a title="" href="ch14/#ldapadd" class="t-db">ldapadd</a> - add LDIF entries to an LDAP directory<br> <a title="" href="ch14/#ldapauth" class="t-db">ldapauth</a> - add LDIF entries to an LDAP directory<br> <a title="" href="ch14/#ldapdelete" class="t-db">ldapdelete</a> - delete LDAP entries<br> <a title="" href="ch14/#ldapadd" class="t-db">ldapmodify</a> - modify existing LDAP entries<br> <a title="" href="ch14/#ldapmodrdn" class="t-db">ldapmodrdn</a> - modify an LDAP entry's DN<br> <a title="" href="ch14/#ldappasswd" class="t-db">ldappasswd</a> - modify an entry's password<br> <a title="" href="ch14/#ldapsearch" class="t-db">ldapsearch</a> - search LDAP entries<br> <a title="" href="ch14/#ldapwhoami" class="t-db">ldapwhoami</a> - perform an LDAP Who Am I operation of a server<br> <a title="" href="ch14/#slapacl" class="t-db">slapacl</a> - verify access to attributes by inspecting the configuraion of a DIT<br> <a title="" href="ch14/#slapadd" class="t-db">slapadd</a> - add LDAP entries to a database - STOP SLAPD FIRST<br> <a title="" href="ch14/#slapauth" class="t-db">slapauth</a> - verify SASL data against a DIT<br> <a title="" href="ch14/#slapcat" class="t-db">slapcat</a> - export an LDIF from an LDAP database - STOP SLAPD FIRST<br> <a title="" href="ch14/#slapdn" class="t-db">slapdn</a> - verify a DN against a DIT configuration<br> <a title="" href="ch14/#slapindex" class="t-db">slapindex</a> - re-index an LDAP database - STOP SLAPD FIRST<br> <a title="" href="ch14/#slappasswd" class="t-db">slappasswd</a> - generate password<br> <a title="" href="ch14/#slaptest" class="t-db">slaptest</a> - verify a slapd.conf file or a cn=config directory (slapd.d)<br> </p> <h4>LDAP Browsers</h4> <p class="g-i1-n"> <a title="" href="ch14/ldapbrowser.html" class="t-db">LDAPBrowser/Editor</a> - some notes on usage<br> </p> <h4>ApacheDS Tools</h4> <p class="g-i1-n"> <a title="" href="ch14/ads.html" class="t-db">ApacheDS Tools</a> - tools and Utilities<br> </p> <h1 id="section5">Section 5 LDAP Security</h1> <h2><a href="ch15/" class="t-db">15. LDAP Security</a></h2> <ol class="o-n"> <li><a title="" href="ch15/#overview" class="t-db">15.1 OpenLDAP Security Overview</a></li> <li><a title="" href="ch15/#tls" class="t-db">15.4 OpenLDAP TLS/SSL Configuration</a></li> </ol> <h1><a href="appendices.html" class="t-db">Appendices: Resources</a></h1> <ol class="o-n"> <li><a href="apa/" class="t-db">Appendix A: LDAP Notes and Explanations</a></li> <li><a href="apb/" class="t-db">Appendix B: LDAP Resources</a></li> <li><a href="apc/" class="t-db">Appendix C: LDAP RFCs and Documentation</a></li> <li><a href="apd/" class="t-db">Appendix D: LDAP Glossary</a></li> <li><a href="ape/" class="t-db">Appendix E: LDAP Schemas, objectClasses and Attributes</a></li> </ol> <h2>Document Maintenance Information</h2> <p><a href="todo.html" class="t-db">To do list - Stuff that still needs to be done</a>.</p> <p><a href="changelog.html" class="t-db">Change log</a>.</p> <hr> <p class="p-m-n"><br>Problems, comments, suggestions, corrections (including broken links) or something to add? Please take the time from a busy life to 'mail us' (at top of screen), the webmaster (below) or <a href="javascript:mailus('info-support','zytrax.com','Support Issue')" class="t-db">info-support at zytrax</a>. You will have a warm inner glow for the rest of the day.</p> <!-- end body div l-c --> </div> <div class="l-l"> <!-- left hand navigation --> <div class="n-l-u"> <p class="c-g t-b t-o t-r">Contents</p> <p class="n-l-f"> <a href="http://www.zytrax.com/tech/">tech info</a><br> <a href="http://www.zytrax.com/books/">guides home</a><br> <b>intro</b><br> <a href="http://www.zytrax.com/books/ldap/">contents</a><br> <a href="http://www.zytrax.com/books/ldap/ch1">1 objectives</a><br> <b>big picture</b><br> <a title="Explanations - LDAP history, Data Model, DITs, Entries, distributed architecture - referrals" href="http://www.zytrax.com/books/ldap/ch2">2 concepts</a><br> <a title="Explanations - Schema, objectClass, Attributes, matchingRule, Operation objects" href="http://www.zytrax.com/books/ldap/ch3">3 ldap objects</a><br> <b>quickstart</b><br> <a href="http://www.zytrax.com/books/ldap/ch4">4 install ldap</a><br> <a href="http://www.zytrax.com/books/ldap/ch5">5 samples</a><br> <a href="http://www.zytrax.com/books/ldap/ch6">6 configuration</a><br> <a href="http://www.zytrax.com/books/ldap/ch7">7 replica & refer</a><br> <b>reference</b><br> <a href="http://www.zytrax.com/books/ldap/ch8">8 ldif</a><br> <a href="http://www.zytrax.com/books/ldap/ch9">9 protocol</a><br> <a href="http://www.zytrax.com/books/ldap/ch10">10 ldap api</a><br> <b>operations</b><br> <a href="http://www.zytrax.com/books/ldap/ch11">11 howtos</a><br> <a href="http://www.zytrax.com/books/ldap/ch12">12 trouble</a><br> <a href="http://www.zytrax.com/books/ldap/ch13">13 performance</a><br> <a href="http://www.zytrax.com/books/ldap/ch14">14 ldap tools</a><br> <b>security</b><br> <a href="http://www.zytrax.com/books/ldap/ch15">15 security</a><br> <b>appendices</b><br> <a href="http://www.zytrax.com/books/ldap/apa/">notes & info</a><br> <a href="http://www.zytrax.com/books/ldap/apb/">ldap resources</a><br> <a href="http://www.zytrax.com/books/ldap/apc/">rfc's & x.500</a><br> <a href="http://www.zytrax.com/books/ldap/apd/">glossary</a><br> <a title="Defines most of the standard distribution objectclasses, attributes and schemas in a browsable (linked) format" href="http://www.zytrax.com/books/ldap/ape/">ldap objects</a><br> <a title="Changes made at each revision of the guide" href="http://www.zytrax.com/books/ldap/changelog.html">change log</a><br> </p> <!-- Creative Commons License --> <p class="p-m-s t-r"><a href="http://creativecommons.org/licenses/by-nc/4.0/"><img class="w-88" alt="Creative Commons License" src="../../../images/somerights.gif"></a><br> This work is licensed under a <a href="http://creativecommons.org/licenses/by-nc/4.0/">Creative Commons License</a>.</p> <p class="p-b-h t-r">If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C STANDARDS COMPLIANT browser such as <a href="http://www.mozilla.org/firefox" class="t-db">Firefox</a></p> </div> </div> <div class="l-r"> <!-- left hand navigation --> <div class="w-150"> <!-- SiteSearch Google --> <p class="c-g t-b t-o m-h8">Search</p> <form class="f-b-n" method="get" action="http://www.google.com/custom" target="_top"> <table> <tr> <td style="white-space: nowrap"> <input type="hidden" name="domains" value="www.zytrax.com"> <input class="b-lg" type="text" name="q" size="16" maxlength="255" value=""> </td></tr> <tr> <td style="white-space: nowrap"> <table> <tr> <td> <input type="radio" name="sitesearch" value="" checked="checked"><span class="t-s">web</span> </td> <td> <input type="radio" name="sitesearch" value="www.zytrax.com" ><span class="t-s">zytrax.com</span> </td> </tr> </table> <input class="b-lg" type="submit" name="sa" value="Google Search"> <input type="hidden" name="client" value="pub-9419480011552853"> <input type="hidden" name="forid" value="1"> <input type="hidden" name="ie" value="ISO-8859-1"> <input type="hidden" name="oe" value="ISO-8859-1"> <input type="hidden" name="safe" value="active"> <input type="hidden" name="cof" value="GALT:#008000;GL:1;DIV:#336699;VLC:663399;AH:center;BGC:FFFFFF;LBGC:336699;ALC:0000FF;LC:0000FF;T:000000;GFNT:0000FF;GIMP:0000FF;LH:50;LW:355;L:http://www.zytrax.com/images/zytrax-info-google.gif;S:http://www.zytrax.com/tech;FORID:1;"> <input type="hidden" name="hl" value="en"> </td></tr></table> </form> <!-- SiteSearch Google --> <!-- share page feature --> <div class="t-h"><p><span class="t-g">Share</span></p> <div class="t-h-1"> Icons made by <a href="https://www.flaticon.com/authors/icomoon" title="Icomoon">Icomoon</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a> is licensed by <a href="http://creativecommons.org/licenses/by/3.0/" title="Creative Commons BY 3.0" target="_blank">CC 3.0 BY</a></div></div> <a href="http://www.facebook.com/share.php?u=http://www.zytrax.com/books/ldap/&h=Open%20Source%20Guide%20-%20LDAP%20for%20Rocket%20Scientists%20-%20Contents"><img class="w-32" title="add page to facebook" src="http://www.zytrax.com/images/facebook.png" alt="share page via facebook"></a> <a href="http://twitter.com/home/?status=Useful%20page%20http://www.zytrax.com/books/ldap/"><img class="w-32" title="tweet this page" src="http://www.zytrax.com/images/twitter.png" alt="tweet this page"></a> <p class="c-g t-b t-o m-h5">Page<p> <a class="a-n" href="http://www.zytrax.com/feedback.htm"><img class="w-32" title="Page comment feature" src="http://www.zytrax.com/images/mail.png" alt="email us"></a> <a class="a-n" href="http://www.zytrax.com/run/mailpage.php"><img class="w-32" title="Send to a friend" src="http://www.zytrax.com/images/mailfriend.png" alt="Send to a friend feature"></a> <a class="a-n" href="#" onclick="window.print();return false;"><img class="w-32" title="print page" src="http://www.zytrax.com/images/printpage.png" alt="print this page"></a> <a class="a-n" title="View page full width - suppresses left and right hand menus" href="http://www.zytrax.com/books/ldap/?pf=yes"><img class="w-32" src="http://www.zytrax.com/images/fullwidth.png" alt="Display full width page"></a> <a class="a-n" href="#" onclick="fontchange('d');return false;"><img class="w-32" title="Decrease font size" src="http://www.zytrax.com/images/smaller.png" alt="Decrease font size"></a> <a class="a-n" href="#" onclick="fontchange('i');return false;"><img class="w-32" title="Increase font size" src="http://www.zytrax.com/images/bigger.png" alt="Increase font size"></a> <p class="c-g t-b t-o m-h5">Resources</p> <p class="c-g t-b t-o m-h5">Systems</p> <p> <a title="The biggest and most stable of the BSDs" href="http://www.freebsd.org" target="_blank" class="w-db">FreeBSD</a><br> <a title="NetBSD runs on just about every processor known to mankind and a few more besides" href="http://www.netbsd.org/" target="_blank" class="w-db">NetBSD</a><br> <a title="A high security version of BSD" href="http://www.openbsd.org/" target="_blank" class="w-db">OpenBSD</a><br> <a title="The major fork of BSD (from FreeBSD 4.x) - following a well-worn tradition of independent thought in the BSD community" href="http://www.dragonflybsd.org/" target="_blank" class="w-db">DragonFlyBSD</a><br> <a title="The major distruptive force in the OS world. Many different distributions" href="http://www.linux.org" target="_blank" class="w-db">Linux.org</a><br> <a title="Debian - the basis of many Linux distributions - including Ubuntu" href="http://www.debian.org/" target="_blank" class="w-db">Debian Linux</a><br> </p> <p class="c-g t-b t-o m-h5">Software</p> <p> <a title="A fork from OpenOffice during the limbo years. A High Quality Office Productivity Suite - Word Processor, Spreadsheet, Drawing Tools and Presentation software. Runs on Linux, Windows & MAC. Full interworking with MS Office files. Great Software." href="http://www.libreoffice.org/" target="_blank" class="w-db">LibreOffice</a><br> <a title="Now released under the Apache umbrella, the revitalized Office Productivity Suite - Word Processor, Spreadsheet, Drawing Tools and Presentation software - looks to be on the right path again after a couple of years in limbo. Runs on Linux, Windows and MAC. Full interworking with MS Office files." href="http://www.openoffice.org/" target="_blank" class="w-db">OpenOffice</a><br> <a title="Home of the Gecko based family of browsers - most notably Firefox browser and Thunderbird email client." href="http://www.mozilla.org/" target="_blank" class="w-db">Mozilla</a><br> <a href="https://github.com/" title="Major source of Open software developments and applications" target="_blank" class="w-db">GitHub</a><br> <a href="http://www.gnu.org/" title="Home of the extensive software collection of the Free Sofware Foundation" target="_blank" class="w-db">GNU-Free SW Foundation</a><br> <a title="DNS Open API Initiative with a number of language bindings" href="https://getdnsapi.net/" target="_blank" class="w-db">get-dns</a><br> </p> <p class="c-g t-b t-o m-h5">Organizations</p> <p> <a href="http://www.opensource.org/" title="Excellent source for approved Open Source licences" target="_blank" class="w-db">Open Source Initiative</a><br> <a href="http://www.creativecommons.org/" title="Site devoted to making creative material as widely available as possible through the provision of understandable copyright statements" target="_blank" class="w-db">Creative Commons</a><br> </p> <p class="c-g t-b t-o m-h5">Misc.</p> <p> <a title="Open Libray of thousands of out of copyright books - plus many more associated projects" href="http://ibiblio.org" target="_blank" class="w-db">Ibiblio - Library</a><br> <a title="Part of the Ibiblio project - new works freely available" href="http://www.openbookproject.net/" target="_blank" class="w-db">Open Book Project</a><br> <a href="http://dmoz.org/" title="Open Directory Project" target="_blank" class="w-db" >Open Directory</a><br> <a href="http://www.wikipedia.org/" title="Open Encyclopedia project - staggering volume of high quality content, growing daily" target="_blank" class="w-db">Wikipedia</a><br> </p> </div> <p class="c-g t-b t-o">Site</p> <a class="a-n" href="http://www.zytrax.com/about_site.htm#css"><img class="w-32" src="http://www.zytrax.com/images/css.png" alt="CSS Technology"></a> <a class="a-n" href="http://www.zytrax.com/security/spf.html"><img title="SPF Record Conformant Domain" class="w-32" src="http://www.zytrax.com/images/spf.png" alt="SPF Record Conformant Domain"></a> <!-- end body table --> </div> <div class="l-f"> <!-- standard footer full width --> <table> <tr> <td class="p-f-s t-l"> Copyright © 1994 - 2024 ZyTrax, Inc.<br> All rights reserved. <a href="http://www.zytrax.com/legal.html" class="p-f-s">Legal</a> and <a href="http://www.zytrax.com/privacy.html" class="p-f-s">Privacy</a> </td> <td class="t-c"><a href="https://www.zytrax.com" target="_blank" class="p-f-s">site by zytrax</a><br> <a href="https://www.javapipe.com" target="_blank" class="p-f-s">hosted by javapipe.com</a></td> <td class="p-f-s t-r"> <a href="javascript:mailus('web-master','zytrax.com','About Web site')" class="p-f-s">web-master at zytrax</a><br> Page modified: January 20 2022. </td> </tr> </table> </div> <!-- pop-out tables only if Javascript supported --> <!-- only css menus --> <script src="http://www.google-analytics.com/urchin.js" type="text/javascript"> </script> <script type="text/javascript"> _uacct = "UA-2096769-1"; urchinTracker(); </script> </body> </html>