- Page 1 and 2:
LDAP and OpenLDAP (on the Linux Pla
- Page 3 and 4:
KLUG The master copy of this docume
- Page 5:
Versions For the most part this doc
- Page 8 and 9:
What is a directory? A directory is
- Page 10 and 11:
¤¥ § ¨ © ¨ ¨ £¡ ¡
- Page 12 and 13:
Requirements An LDAPv3 compliant di
- Page 14 and 15:
Gotcha: “requested“ protocol ve
- Page 16 and 17:
Multi-Valued RDNs While most object
- Page 19 and 20:
Schema A directory has a schema sim
- Page 21 and 22:
1.1.x It is true that the 1.1.x OID
- Page 23 and 24:
WARNING (Object Class Type) Early O
- Page 25 and 26:
Attribute Schema OID Name (alias fo
- Page 27 and 28:
Attribute Syntaxes Data Type OID De
- Page 29:
The OID is the truth. The names of
- Page 32 and 33:
Illegal Partitions The law of parti
- Page 34:
Subordinate Information Subordinate
- Page 37 and 38:
Operational ACI Attributes If your
- Page 39 and 40:
subSchema One of the most useful bi
- Page 41 and 42:
The ManageDsaIT Control OID: 2.16.8
- Page 43 and 44:
The "alias" object The alias object
- Page 45 and 46:
Start TLS Extended Operation OID: 1
- Page 47:
2.1.x hasSubordinates Only implemen
- Page 50 and 51:
Supported `Advanced' Features Featu
- Page 52 and 53:
The Config Files Configuration file
- Page 54 and 55:
slapd.conf (defaultsearchbase) The
- Page 56 and 57:
equire The require configuration di
- Page 58 and 59:
loglevel The loglevel directive con
- Page 60 and 61:
Checking the SSL Configuration Once
- Page 62:
Supported Bind Types Depending on h
- Page 65 and 66:
SASL RPMs Redhat 8.0 is the first t
- Page 67 and 68:
SASL Methods PLAIN (AUXPROP, SASLAU
- Page 69 and 70:
C? KP Q >C >GP X O X > NN>K?[ TM >P
- Page 71 and 72:
saslpasswd & saslpasswd2 saslpasswd
- Page 73 and 74:
PLAIN Authentication PLAIN SASL aut
- Page 75 and 76:
2.1.x Authentication Request DN Map
- Page 77 and 78:
2.1.x sasl-regexp rewrite pattern s
- Page 79 and 80:
OpenLDAP + SASL + PAM 1. Make sure
- Page 81 and 82:
OpenLDAP + SASL + GSSAPI (OpenLDAP
- Page 83 and 84:
OpenLDAP + SASL + GSSAPI (OpenLDAP
- Page 86 and 87:
slapd.conf (Database) # ldbm databa
- Page 88 and 89:
ack-ldbm back-ldbm is the standard
- Page 90 and 91:
ack-bdb back-bdb configuration dire
- Page 92 and 93:
ack-sql The SQL backend is not buil
- Page 94 and 95:
ack-shell The back-shell backend al
- Page 96 and 97:
LDAP Indexes pres - An index of wha
- Page 99 and 100:
Buffer Stuffing (Single Threaded In
- Page 101 and 102:
Filesystem Since the LDAP database
- Page 103 and 104:
Journalized Filesystems Journalized
- Page 106 and 107:
The purpose of back-sql The back-sq
- Page 108 and 109:
Mapping Concept back-sql uses a set
- Page 110 and 111:
Objectclass Mappings ldap_oc_mappin
- Page 112 and 113:
Attribute Mappings Stored procedure
- Page 114 and 115:
Objectclass Mapping ldap_entry_objc
- Page 116 and 117:
Stored Procedures
- Page 118:
Using Triggers & Events
- Page 121 and 122:
Replication Diagram Replication Dia
- Page 123 and 124:
Populating Slaves One of the most d
- Page 125 and 126:
The Replication Log On serveral dis
- Page 127 and 128:
The Rejection Log The rejection log
- Page 129 and 130:
Chasing Referrals If a client submi
- Page 132 and 133:
The ACL Stack Access control for ob
- Page 134 and 135:
Default Access defaultaccess { none
- Page 136 and 137:
Examples The following are example
- Page 138 and 139:
dnattr The dnattr matching construc
- Page 140 and 141:
{}|~ € ‚ z x¢y w ttuv z ‡ ˆ
- Page 142 and 143:
children & entry The ability to cre
- Page 144:
A Limitation? One "limitation" of O
- Page 147 and 148:
Advantages of ACI The single bigges
- Page 149 and 150:
OpenLDAPacl & OpenLDAPaci Every obj
- Page 151 and 152:
The ACI ACL (OpenLDAPaci) In order
- Page 153 and 154:
OpenLDAPaci: Rights The rights fiel
- Page 156 and 157:
RFC2798 (inetOrgPerson) The inetOrg
- Page 158 and 159:
RFC2739 http://www.faqs.org/rfcs/rf
- Page 160 and 161:
Hierarchy: cosine.schema dSA pilotD
- Page 162 and 163:
Hierarchy: Kerberos V & Samba krb5-
- Page 165 and 166:
syslog On most platforms OpenLDAP u
- Page 167 and 168:
etc/openldap/ldap.conf The defaults
- Page 169 and 170:
The LDAP PAM Module PAM is a system
- Page 171 and 172:
A PAM LDAP login file #%PAM-1.0 aut
- Page 173 and 174:
etc/ldap.conf timelimit 30 The maxi
- Page 175 and 176:
passwd PAM file (/etc/pam.d/passwd)
- Page 178 and 179:
Migration Scripts PADL.com (Luke Ho
- Page 180 and 181:
Using the scripts... Once the prope
- Page 182:
What can be migrated? The stock mig
- Page 187 and 188:
An entry of posixAccount Object stu
- Page 189 and 190:
ipHost Object An entry of 127.0.0.1
- Page 191 and 192:
oncRpc Object An entry of fypxfrd60
- Page 194 and 195:
What is an SRV record? Traditionall
- Page 196 and 197:
1123 vs. 2181 SRV protocol and serv
- Page 198 and 199:
SRV and nss_ldap To use SRV records
- Page 201 and 202:
Root Referrals To configure with Op
- Page 204 and 205:
Loading Tip: Objectclass When loadi
- Page 206 and 207:
Misc. Data Loading Tips 1. If a lin
- Page 208 and 209:
Non-English Data If your data conta
- Page 211 and 212:
OpenLDAP Utilities ldapsearch Allow
- Page 213 and 214:
LDAP Queries ldapsearch "(&(uid=awi
- Page 215 and 216:
Requesting Attributes If you do not
- Page 217 and 218:
ldapmodrdn While the dn of an objec
- Page 219 and 220:
slapadd slapadd is used to initiall
- Page 222 and 223:
gq gq is an LDAP v3 utility for Gna
- Page 224 and 225:
gq (Schema browser)
- Page 226 and 227:
HAD Hyperactive Directory Administr
- Page 228 and 229:
Directory Administrator (http://www
- Page 230 and 231:
LDAP Browser / Editor (http://www.i
- Page 232 and 233:
LDIF To VCard http://www.pawebworld
- Page 234 and 235:
From the cpu manual page CPU (http:
- Page 236 and 237:
Wallal (http://www.mnot.net/wallal/
- Page 238 and 239:
mod_auth_ldap (http://nona.net/soft
- Page 240 and 241:
Gnarwl (http://www.oss.billiton.de/
- Page 242 and 243:
š š š
- Page 244 and 245:
MaxWare Directory Explorer Version
- Page 246 and 247:
ActiveX LDAP Client http://www.polo
- Page 249 and 250:
saslauthd saslauthd is a stand alon
- Page 251 and 252:
saslauthd Options saslauthd a authm
- Page 253 and 254:
RedHat's saslauthd The RedHat Cyrus
- Page 255 and 256:
saslauthd -a ldap LDAP related sasl
- Page 257 and 258:
saslauthd -a ldap saslauthd -a ldap
- Page 260 and 261:
m4: LDAPDefaultSpec The first m4 va
- Page 262 and 263:
m4: LDAPROUTE_DOMAIN The m4 sendmai
- Page 264 and 265:
¨ Ÿ ¦ «° µ¬ ¨ Ÿ ¦ «° µ
- Page 266 and 267:
RFC822 rfc822 defines a the concept
- Page 268 and 269:
LDAP + sendmail You can also define
- Page 270 and 271: LDAP SMTP Access Control cn=Allow S
- Page 272 and 273: The Sendmail Schema
- Page 274 and 275: sendmailMTAHost attributetype ( 1.3
- Page 276 and 277: sendmailMTAKey attributetype ( 1.3.
- Page 278 and 279: sendmailMTAMapValue attributetype (
- Page 280 and 281: sendmailMTAMapObject objectclass (
- Page 282 and 283: sendmailMTAAlias objectclass ( 1.3.
- Page 284 and 285: sendmailMTAClassName & sendmailMTAC
- Page 286 and 287: Installing GNARWL GNARWL in an LDAP
- Page 288 and 289: GNARWL Integration
- Page 290 and 291: This information now exclusively ap
- Page 292 and 293: Building Samba 1. Grab the latest s
- Page 294 and 295: [globals] encrypt passwords = yes d
- Page 296 and 297: The Admin And His Secrets Since the
- Page 298 and 299: Samba Users Samba users must be UN*
- Page 300 and 301: Samba User Attributes profilePath -
- Page 302 and 303: Samba Times The sambaAccount object
- Page 304 and 305: Samba Security The ntpassword and l
- Page 306 and 307: Samba Attribute Indexes For good pe
- Page 309 and 310: What is Squid? http://www.squid-cac
- Page 311 and 312: Authentication Helpers Squid uses h
- Page 313 and 314: squid_ldap_auth The helper for dire
- Page 315 and 316: squid_ldap_match The squid_ldap_mat
- Page 317 and 318: squid_ldap_match squid_ldap_match -
- Page 319: Example Squid Configuration auth_pa
- Page 323 and 324: The dnsZone Schema While the standa
- Page 325 and 326: objectclass: dNSZone (2/4) A very b
- Page 327 and 328: objectclass: dNSZone (4/5) The dnsZ
- Page 329 and 330: objectclass: dNSZone (6/6) dn: rela
- Page 331 and 332: Query Specifics It is very simple t
- Page 333: zone2ldap zone2ldap is a utility fo
- Page 336 and 337: The DHCP LDAP Patch http://www.neww
- Page 338 and 339: DHCP Schema In order to contain the
- Page 340 and 341: An Example Tree dc=Whitemice,dc=Org
- Page 342 and 343: dn: cn=192.168.3.0,cn=whitemice-dhc
- Page 344: dn: cn=xterm1,cn=group,cn=whitemice
- Page 348 and 349: Password Authentication Protocol Al
- Page 350 and 351: Microsoft Challange Host Au- thenti
- Page 352 and 353: LDAP chap-secrets entry An explanat
- Page 354: PoPToP http://www.poptop.org PoPToP
- Page 357 and 358: Sources Multiple address books (cal
- Page 359 and 360: Turba Source Maps The map array con
- Page 361 and 362: Turba Attribute Declaration Attribu
- Page 363 and 364: Turba LDAP Personal Address Book Th
- Page 366 and 367: What is pine? http://www.washignton
- Page 368 and 369: Using The DSA CTRL-T Select DSA Ent
- Page 370:
Trianii http://www.edlund.org/hacks
- Page 373 and 374:
State Of LDAP Support While Evoluti
- Page 375 and 376:
evolutionPerson
- Page 377 and 378:
Setting Up An LDAP Addressbook Name
- Page 379 and 380:
Contact Details (Dialog relations t
- Page 381:
Contact Details calCalURI Free/Busy
- Page 384:
! ! òñðõõ ò ë}ô ó òñðõ
- Page 388 and 389:
Color Coding How the attribute of a
- Page 390 and 391:
Create With Template
- Page 392:
Viewing Complex Attributes GQ has b
- Page 395 and 396:
Bug#4607 Versions of Open Office, u
- Page 397 and 398:
Creating an LDAP Data Source Under
- Page 399 and 400:
Using The Address Book To insert da
- Page 401:
Use The Address Book Results The re
- Page 404 and 405:
NetMeeting Directory Kit (http://vy
- Page 406 and 407:
PURRO VXW RK R JLKM PLQ ON QQZ M K
- Page 408 and 409:
OpenLDAP as an ILS Agent (Initializ
- Page 410 and 411:
OpenLDAP as an ILS Agent (Starting
- Page 412 and 413:
GNOMEMeeting and ILS Entry your ILS
- Page 414 and 415:
NetMeeting & ILS The comment is NOT
- Page 416 and 417:
Breaking NetMeeting Exclusivity Net
- Page 419 and 420:
DSML (http://www.dsml.org) DSML (Di
- Page 421 and 422:
URI Declaration What does DSML look
- Page 423 and 424:
DSML & XML-RPC (http://www.worldspo
- Page 425 and 426:
Using the DSML Utilities You need t
- Page 428 and 429:
What is xmlBlaster? http://www.xmlb
- Page 430 and 431:
LDAP Module Limitations (From the L
- Page 432 and 433:
What is Active Directory Active Dir
- Page 434:
SRV records used by AD _ldap._tcp.d
- Page 437 and 438:
ldap_connect The first step to cont
- Page 439 and 440:
Control LDAP_OPT_DEREF LDAP_OPT_SIZ
- Page 441 and 442:
ldap_get_option boolean ldap_get_op
- Page 443 and 444:
ldap_unbind boolean ldap_unbind (re
- Page 445 and 446:
ldap_errno Error Constant Value LDA
- Page 447 and 448:
ldap_search resource ldap_search(re
- Page 449 and 450:
ldap_get_entries array ldap_get_ent
- Page 451 and 452:
ldap_compare Since LDAP permits the
- Page 453 and 454:
ldap_delete boolean ldap_delete(res
- Page 455 and 456:
ldap_mod_del boolean ldap_mod_del(r
- Page 458 and 459:
Synchronous & Asynchronous
- Page 460 and 461:
ldap_set_option The ldap_set_option
- Page 462 and 463:
ldap_bind method parameter int ldap
- Page 464 and 465:
ldap_search_parameters int ldap_sea
- Page 466 and 467:
ldap_first_entry LDAPMessage* ldap_
- Page 468 and 469:
ldap_get_dn char* ldap_get_dn(LDAP*
- Page 470 and 471:
ldap_next_attribute char* ldap_next
- Page 472 and 473:
ldap_count_values int ldap_count_va
- Page 474 and 475:
int ldap_msgfree(LDAPMessage* msg)
- Page 476 and 477:
ldap_perror void ldap_perror(LDAP*
- Page 478 and 479:
Simple C LDAP Query init & bind Hos
- Page 480 and 481:
printf("Objects Found: %d\n", ldap_
- Page 482 and 483:
Simple C LDAP Query Close it up if
- Page 484 and 485:
ldap_modify & ldap_modify_s
- Page 486 and 487:
ldap_delete & ldap_delete_s
- Page 489 and 490:
AIX and OpenLDAP AIX is a descenden
- Page 491 and 492:
Compiling NSS LDAP on AIX tar -xvf
- Page 493 and 494:
Authentication via NSS LDAP /etc/se
- Page 495 and 496:
hosts local merge hosts dns service
- Page 497 and 498:
NSORDER The NSORDER enviroment vari
- Page 499 and 500:
¨ ¨ ¨ ¨