- Page 1 and 2:
LDAP and OpenLDAP (on the Linux Pla
- Page 3 and 4:
KLUG The master copy of this docume
- Page 5:
Versions For the most part this doc
- Page 8 and 9:
What is a directory? A directory is
- Page 10 and 11:
¤¥ § ¨ © ¨ ¨ £¡ ¡
- Page 12 and 13:
Requirements An LDAPv3 compliant di
- Page 14 and 15:
Gotcha: “requested“ protocol ve
- Page 16 and 17:
Multi-Valued RDNs While most object
- Page 19 and 20:
Schema A directory has a schema sim
- Page 21 and 22:
1.1.x It is true that the 1.1.x OID
- Page 23 and 24:
WARNING (Object Class Type) Early O
- Page 25 and 26:
Attribute Schema OID Name (alias fo
- Page 27 and 28:
Attribute Syntaxes Data Type OID De
- Page 29:
The OID is the truth. The names of
- Page 32 and 33:
Illegal Partitions The law of parti
- Page 34:
Subordinate Information Subordinate
- Page 37 and 38:
Operational ACI Attributes If your
- Page 39 and 40:
subSchema One of the most useful bi
- Page 41 and 42:
The ManageDsaIT Control OID: 2.16.8
- Page 43 and 44:
The "alias" object The alias object
- Page 45 and 46:
Start TLS Extended Operation OID: 1
- Page 47:
2.1.x hasSubordinates Only implemen
- Page 50 and 51:
Supported `Advanced' Features Featu
- Page 52 and 53:
The Config Files Configuration file
- Page 54 and 55:
slapd.conf (defaultsearchbase) The
- Page 56 and 57:
equire The require configuration di
- Page 58 and 59:
loglevel The loglevel directive con
- Page 60 and 61:
Checking the SSL Configuration Once
- Page 62:
Supported Bind Types Depending on h
- Page 65 and 66:
SASL RPMs Redhat 8.0 is the first t
- Page 67 and 68:
SASL Methods PLAIN (AUXPROP, SASLAU
- Page 69 and 70:
C? KP Q >C >GP X O X > NN>K?[ TM >P
- Page 71 and 72:
saslpasswd & saslpasswd2 saslpasswd
- Page 73 and 74:
PLAIN Authentication PLAIN SASL aut
- Page 75 and 76:
2.1.x Authentication Request DN Map
- Page 77 and 78:
2.1.x sasl-regexp rewrite pattern s
- Page 79 and 80:
OpenLDAP + SASL + PAM 1. Make sure
- Page 81 and 82:
OpenLDAP + SASL + GSSAPI (OpenLDAP
- Page 83 and 84:
OpenLDAP + SASL + GSSAPI (OpenLDAP
- Page 86 and 87:
slapd.conf (Database) # ldbm databa
- Page 88 and 89:
ack-ldbm back-ldbm is the standard
- Page 90 and 91:
ack-bdb back-bdb configuration dire
- Page 92 and 93:
ack-sql The SQL backend is not buil
- Page 94 and 95:
ack-shell The back-shell backend al
- Page 96 and 97:
LDAP Indexes pres - An index of wha
- Page 99 and 100:
Buffer Stuffing (Single Threaded In
- Page 101 and 102:
Filesystem Since the LDAP database
- Page 103 and 104:
Journalized Filesystems Journalized
- Page 106 and 107:
The purpose of back-sql The back-sq
- Page 108 and 109:
Mapping Concept back-sql uses a set
- Page 110 and 111:
Objectclass Mappings ldap_oc_mappin
- Page 112 and 113:
Attribute Mappings Stored procedure
- Page 114 and 115:
Objectclass Mapping ldap_entry_objc
- Page 116 and 117:
Stored Procedures
- Page 118:
Using Triggers & Events
- Page 121 and 122:
Replication Diagram Replication Dia
- Page 123 and 124:
Populating Slaves One of the most d
- Page 125 and 126:
The Replication Log On serveral dis
- Page 127 and 128:
The Rejection Log The rejection log
- Page 129 and 130:
Chasing Referrals If a client submi
- Page 132 and 133:
The ACL Stack Access control for ob
- Page 134 and 135:
Default Access defaultaccess { none
- Page 136 and 137:
Examples The following are example
- Page 138 and 139:
dnattr The dnattr matching construc
- Page 140 and 141:
{}|~ € ‚ z x¢y w ttuv z ‡ ˆ
- Page 142 and 143:
children & entry The ability to cre
- Page 144:
A Limitation? One "limitation" of O
- Page 147 and 148:
Advantages of ACI The single bigges
- Page 149 and 150:
OpenLDAPacl & OpenLDAPaci Every obj
- Page 151 and 152:
The ACI ACL (OpenLDAPaci) In order
- Page 153 and 154:
OpenLDAPaci: Rights The rights fiel
- Page 156 and 157:
RFC2798 (inetOrgPerson) The inetOrg
- Page 158 and 159:
RFC2739 http://www.faqs.org/rfcs/rf
- Page 160 and 161: Hierarchy: cosine.schema dSA pilotD
- Page 162 and 163: Hierarchy: Kerberos V & Samba krb5-
- Page 165 and 166: syslog On most platforms OpenLDAP u
- Page 167 and 168: etc/openldap/ldap.conf The defaults
- Page 169 and 170: The LDAP PAM Module PAM is a system
- Page 171 and 172: A PAM LDAP login file #%PAM-1.0 aut
- Page 173 and 174: etc/ldap.conf timelimit 30 The maxi
- Page 175 and 176: passwd PAM file (/etc/pam.d/passwd)
- Page 178 and 179: Migration Scripts PADL.com (Luke Ho
- Page 180 and 181: Using the scripts... Once the prope
- Page 182: What can be migrated? The stock mig
- Page 187 and 188: An entry of posixAccount Object stu
- Page 189 and 190: ipHost Object An entry of 127.0.0.1
- Page 191 and 192: oncRpc Object An entry of fypxfrd60
- Page 194 and 195: What is an SRV record? Traditionall
- Page 196 and 197: 1123 vs. 2181 SRV protocol and serv
- Page 198 and 199: SRV and nss_ldap To use SRV records
- Page 201 and 202: Root Referrals To configure with Op
- Page 204 and 205: Loading Tip: Objectclass When loadi
- Page 206 and 207: Misc. Data Loading Tips 1. If a lin
- Page 208 and 209: Non-English Data If your data conta
- Page 212 and 213: LDIF LDAP Directory Information Fil
- Page 214 and 215: ldapsearch ldapsearch [options] [qu
- Page 216 and 217: ldapmodify / ldapadd The ldapmodify
- Page 218 and 219: Binding with the utilities.... If y
- Page 220: slapcat slapcat is the functional o
- Page 223 and 224: gq (Object browser and editor)
- Page 225 and 226: ldapdiff (http://webtomware.rhoen.d
- Page 227 and 228: KDE Directory Administrator (http:/
- Page 229 and 230: Directory Administrator Directory A
- Page 231 and 232: pdb2ldif (http://uslinux.net/script
- Page 233 and 234: ISPMan: Schema Editor Available at
- Page 235 and 236: LDAPUtils (http://fanying.fanying.c
- Page 237 and 238: squid_ldap_auth (http://sourceforge
- Page 239 and 240: ldap2nis (http://ldapconsole.source
- Page 241 and 242: Sympa http://www.sympa.org/ Sympa i
- Page 243 and 244: MaxWare Directory Explorer Version
- Page 245 and 246: LDAP Browser/Editor The LDAP Browse
- Page 247: pGina http://pgina.cs.plu.edu/index
- Page 250 and 251: saslauthd Options saslauthd a authm
- Page 252 and 253: saslauthd Options saslauthd a authm
- Page 254 and 255: saslauthd -a ldap saslauthd -a ldap
- Page 256 and 257: saslauthd -a ldap saslauthd -a ldap
- Page 258: saslauthd -a ldap LDAP related sasl
- Page 261 and 262:
LDAP Mail Routing (draft-lachman-la
- Page 263 and 264:
m4: LDAPROUTE_DOMAIN The behaviour
- Page 265 and 266:
LDAP Mail Routing + sendmail The si
- Page 267 and 268:
fc822 + sendmail Most distributions
- Page 269 and 270:
LDAP SMTP Access Control One exampl
- Page 271 and 272:
LDAP SMTP Access Control attributet
- Page 273 and 274:
sendmailMTACluster attributetype (
- Page 275 and 276:
sendmailMTA objectclass ( 1.3.6.1.4
- Page 277 and 278:
sendmailMTAMapName attributetype (
- Page 279 and 280:
sendmailMTAMap objectclass ( 1.3.6.
- Page 281 and 282:
sendmailMTAAliasGrouping & sendmail
- Page 283 and 284:
sendmailMTAAliasObject objectclass
- Page 285 and 286:
sendmailMTAClass objectclass ( 1.3.
- Page 287 and 288:
Configuring GNARWL /etc/gnarwl.cfg
- Page 289 and 290:
The GNARWL Database
- Page 291 and 292:
The PDC Tree ou=People,dc=Whitemice
- Page 293 and 294:
The Samba Schema By default the Sam
- Page 295 and 296:
ldap ssl =
- Page 297 and 298:
uids, gids, and rids UNIX operating
- Page 299 and 300:
Machine Accounts Beginning with NT4
- Page 301 and 302:
Samba User Attributes ntPassword -
- Page 303 and 304:
Samba Password Management
- Page 305 and 306:
Migrating smbpasswd PHP smbpasswd r
- Page 307:
Samba Versions The LDAP support in
- Page 310 and 311:
Authentication Schemes --enable-bas
- Page 312 and 313:
squid_pam_auth http://squid.sourcef
- Page 314 and 315:
squid-ldap-match http://marasystems
- Page 316 and 317:
squid_ldap_match squid_ldap_match -
- Page 318 and 319:
squid_ldap_match squid_ldap_match -
- Page 321 and 322:
ind & Openldap As of version 9.0 bi
- Page 323 and 324:
The dnsZone Schema While the standa
- Page 325 and 326:
objectclass: dNSZone (2/4) A very b
- Page 327 and 328:
objectclass: dNSZone (4/5) The dnsZ
- Page 329 and 330:
objectclass: dNSZone (6/6) dn: rela
- Page 331 and 332:
Query Specifics It is very simple t
- Page 333:
zone2ldap zone2ldap is a utility fo
- Page 336 and 337:
The DHCP LDAP Patch http://www.neww
- Page 338 and 339:
DHCP Schema In order to contain the
- Page 340 and 341:
An Example Tree dc=Whitemice,dc=Org
- Page 342 and 343:
dn: cn=192.168.3.0,cn=whitemice-dhc
- Page 344:
dn: cn=xterm1,cn=group,cn=whitemice
- Page 348 and 349:
Password Authentication Protocol Al
- Page 350 and 351:
Microsoft Challange Host Au- thenti
- Page 352 and 353:
LDAP chap-secrets entry An explanat
- Page 354:
PoPToP http://www.poptop.org PoPToP
- Page 357 and 358:
Sources Multiple address books (cal
- Page 359 and 360:
Turba Source Maps The map array con
- Page 361 and 362:
Turba Attribute Declaration Attribu
- Page 363 and 364:
Turba LDAP Personal Address Book Th
- Page 366 and 367:
What is pine? http://www.washignton
- Page 368 and 369:
Using The DSA CTRL-T Select DSA Ent
- Page 370:
Trianii http://www.edlund.org/hacks
- Page 373 and 374:
State Of LDAP Support While Evoluti
- Page 375 and 376:
evolutionPerson
- Page 377 and 378:
Setting Up An LDAP Addressbook Name
- Page 379 and 380:
Contact Details (Dialog relations t
- Page 381:
Contact Details calCalURI Free/Busy
- Page 384:
! ! òñðõõ ò ë}ô ó òñðõ
- Page 388 and 389:
Color Coding How the attribute of a
- Page 390 and 391:
Create With Template
- Page 392:
Viewing Complex Attributes GQ has b
- Page 395 and 396:
Bug#4607 Versions of Open Office, u
- Page 397 and 398:
Creating an LDAP Data Source Under
- Page 399 and 400:
Using The Address Book To insert da
- Page 401:
Use The Address Book Results The re
- Page 404 and 405:
NetMeeting Directory Kit (http://vy
- Page 406 and 407:
PURRO VXW RK R JLKM PLQ ON QQZ M K
- Page 408 and 409:
OpenLDAP as an ILS Agent (Initializ
- Page 410 and 411:
OpenLDAP as an ILS Agent (Starting
- Page 412 and 413:
GNOMEMeeting and ILS Entry your ILS
- Page 414 and 415:
NetMeeting & ILS The comment is NOT
- Page 416 and 417:
Breaking NetMeeting Exclusivity Net
- Page 419 and 420:
DSML (http://www.dsml.org) DSML (Di
- Page 421 and 422:
URI Declaration What does DSML look
- Page 423 and 424:
DSML & XML-RPC (http://www.worldspo
- Page 425 and 426:
Using the DSML Utilities You need t
- Page 428 and 429:
What is xmlBlaster? http://www.xmlb
- Page 430 and 431:
LDAP Module Limitations (From the L
- Page 432 and 433:
What is Active Directory Active Dir
- Page 434:
SRV records used by AD _ldap._tcp.d
- Page 437 and 438:
ldap_connect The first step to cont
- Page 439 and 440:
Control LDAP_OPT_DEREF LDAP_OPT_SIZ
- Page 441 and 442:
ldap_get_option boolean ldap_get_op
- Page 443 and 444:
ldap_unbind boolean ldap_unbind (re
- Page 445 and 446:
ldap_errno Error Constant Value LDA
- Page 447 and 448:
ldap_search resource ldap_search(re
- Page 449 and 450:
ldap_get_entries array ldap_get_ent
- Page 451 and 452:
ldap_compare Since LDAP permits the
- Page 453 and 454:
ldap_delete boolean ldap_delete(res
- Page 455 and 456:
ldap_mod_del boolean ldap_mod_del(r
- Page 458 and 459:
Synchronous & Asynchronous
- Page 460 and 461:
ldap_set_option The ldap_set_option
- Page 462 and 463:
ldap_bind method parameter int ldap
- Page 464 and 465:
ldap_search_parameters int ldap_sea
- Page 466 and 467:
ldap_first_entry LDAPMessage* ldap_
- Page 468 and 469:
ldap_get_dn char* ldap_get_dn(LDAP*
- Page 470 and 471:
ldap_next_attribute char* ldap_next
- Page 472 and 473:
ldap_count_values int ldap_count_va
- Page 474 and 475:
int ldap_msgfree(LDAPMessage* msg)
- Page 476 and 477:
ldap_perror void ldap_perror(LDAP*
- Page 478 and 479:
Simple C LDAP Query init & bind Hos
- Page 480 and 481:
printf("Objects Found: %d\n", ldap_
- Page 482 and 483:
Simple C LDAP Query Close it up if
- Page 484 and 485:
ldap_modify & ldap_modify_s
- Page 486 and 487:
ldap_delete & ldap_delete_s
- Page 489 and 490:
AIX and OpenLDAP AIX is a descenden
- Page 491 and 492:
Compiling NSS LDAP on AIX tar -xvf
- Page 493 and 494:
Authentication via NSS LDAP /etc/se
- Page 495 and 496:
hosts local merge hosts dns service
- Page 497 and 498:
NSORDER The NSORDER enviroment vari
- Page 499 and 500:
¨ ¨ ¨ ¨