OnWorks Linux and Windows Online WorkStations

Logo

Free Hosting Online for WorkStations

< Previous | Contents | Next >

1. OpenLDAP Server‌


The Lightweight Directory Access Protocol, or LDAP, is a protocol for querying and modifying a X.500- based directory service running over TCP/IP. The current LDAP version is LDAPv3, as defined in RFC45101, and the implementation in Ubuntu is OpenLDAP."


So the LDAP protocol accesses LDAP directories. Here are some key concepts and terms:

• A LDAP directory is a tree of data entries that is hierarchical in nature and is called the Directory Information Tree (DIT).

• An entry consists of a set of attributes.

• An attribute has a type (a name/description) and one or more values.

• Every attribute must be defined in at least one objectClass.

• Attributes and objectclasses are defined in schemas (an objectclass is actually considered as a special kind of attribute).

• Each entry has a unique identifier: its Distinguished Name (DN or dn). This, in turn, consists of a Relative Distinguished Name (RDN) followed by the parent entry's DN.

• The entry's DN is not an attribute. It is not considered part of the entry itself.


image

The terms object, container, and node have certain connotations but they all essentially mean the same thing as entry, the technically correct term.


For example, below we have a single entry consisting of 11 attributes where the following is true:

• DN is "cn=John Doe,dc=example,dc=com"

• RDN is "cn=John Doe"

• parent DN is "dc=example,dc=com"


dn: cn=John Doe,dc=example,dc=com cn: John Doe

givenName: John sn: Doe

telephoneNumber: +1 888 555 6789

telephoneNumber: +1 888 555 1232 mail: [email protected]

manager: cn=Larry Smith,dc=example,dc=com objectClass: inetOrgPerson

objectClass: organizationalPerson objectClass: person

objectClass: top


The above entry is in LDIF format (LDAP Data Interchange Format). Any information that you feed into your DIT must also be in such a format. It is defined in RFC28492.


image

1 http://tools.ietf.org/html/rfc4510

2 http://tools.ietf.org/html/rfc2849


Although this guide will describe how to use it for central authentication, LDAP is good for anything that involves a large number of access requests to a mostly-read, attribute-based (name:value) backend. Examples include an address book, a list of email addresses, and a mail server's configuration.


 

1.1. Installation1.2. Post-install Inspection1.3. Modifying/Populating your Database1.4. Modifying the slapd Configuration Database1.5. Logging1.6. Replication1.6.1. Provider Configuration1.6.2. Consumer Configuration1.6.3. Testing1.7. Access Control1.8. TLS1.9. Replication and TLS1.10. LDAP Authentication1.11. User and Group Management1.12. Backup and Restore1.13. Resources

  

 

< Previous | Contents | Next >

  

Top OS Cloud Computing at OnWorks: