1 / 15

LDAP APIs

LDAP APIs. CNS 4650 Fall 2004 Rev. 2. LDAP C APIs. OpenLDAP Mozilla/Netscape Novell LDAP SDK Microsoft ADSI. LDAP C APIs. Most of the LDAP C SDKs are similar Based of the LDAP RFC Usually slight difference between each. PERL LDAP API. Original PERL LDAP API was PerLDAP

zea
Download Presentation

LDAP APIs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. LDAP APIs CNS 4650 Fall 2004 Rev. 2

  2. LDAP C APIs • OpenLDAP • Mozilla/Netscape • Novell LDAP SDK • Microsoft ADSI

  3. LDAP C APIs • Most of the LDAP C SDKs are similar • Based of the LDAP RFC • Usually slight difference between each

  4. PERL LDAP API • Original PERL LDAP API was PerLDAP • Net::LDAP preferred API • Net::LDAP does not require a C compiler to install

  5. Other APIs • PHP • Python • Java (JLDAP @ http://www.openldap.org)

  6. Basic LDAP Search Steps • Create connection • Bind (if needed) • Perform search • Display results • Close connection

  7. Create Connection C API PERL API #include <ldap.h> LDAP *ld //LDAP Handle ld = ldap_init(”ldap.somewhere.com”, 389); use Net::LDAP; my $conn = new Net::LDAP("tux.sinemas.net"); ld - LDAP Handle ldap_init() - allocate LDAP handle ldap_open() is also available. But, eventually it will be dropped. ldap_init() is preferred because a LDAP handle is allocated but no connection occurs. conn - LDAP Handle Net::LDAP() - allocate LDAP handle

  8. Bind (if necessary) C API PERL API ... rc = ldap_simple_bind_s(ld, MY_DN, MY_PWD); ... ... $conn->bind(dn=>MY_DN,password=>MY_PWD) ... rc - integer return value ldap_simple_bind_s() - simple bind ld - LDAP Handle MY_DN: dn of user to authenticate MY_PWD: password of user There are other ldap_bind_* functions for SASL, Kerberos IV, etc. conn - LDAP Handle conn->bind() - simple bind

  9. Perform Search C API PERL API ... rc = ldap_search(ld, base, scope, filter, attrs, attrsonly); ... ... $mesg = $conn->search(base=>base,scope=>scope, filter=>filter, attrs=>attrs); ... rc - integer return value ldap_search() - search ld - LDAP Handle base: where to search from (ou=dev) scope: LDAP_SCOPE_ONELEVEL or LDAP_SCOPE_SUB filter: What to look for attrs: what I want returned attrsonly: 0 or 1 return attribute name and values mesg - Search return value conn->search() - search base: where to search from (ou=dev) scope: sub or onelevel filter: What to look for attrs: what I want returned

  10. Search Filters • Filter is encased in ( ) • Wildcard - * • Boolean • & - AND • | - OR • ! - NOT • Examples • (cn=Dan Sinema) • (&(cn=Dan Sinema)(objectclass=user)) • (cn=Dan *)

  11. Perform Search C API PERL API ... rc = ldap_search(ld, base, scope, filter, attrs, attrsonly); ... ... $mesg = $conn->search(base=>base,scope=>scope, filter=>filter, attrs=>attrs); ... rc - integer return value ldap_search() - search ld - LDAP Handle base: where to search from (ou=dev) scope: LDAP_SCOPE_ONELEVEL or LDAP_SCOPE_SUB filter: What to look for attrs: what I want returned attrsonly: 0 or 1 return attribute name and values mesg - Search return value conn->search() - search base: where to search from (ou=dev) scope: sub or onelevel filter: What to look for attrs: what I want returned

  12. Display Results C API LDAPMessage *result, e; char* attribute; BerElement *ber; char** vals; ... e = ldap_first_entry(ld, result ) ... attribute = ldap_first_attribute(ld, e, ber ) ... vals = ldap_get_values(ld, e, attribute) result, e: LDAPMessage structure attribute: char string ber - BER structure (LDAP returns data BER encoded) vals: array of strings ldap_first_entry(): Get first returned entry, use ldap_next_entry() after ldap_first_attribute(): Get the first attribute of the entry ldap_get_values(): Get the attribute values

  13. Display Results PERL API ... $ldif = new Net::LDAP::LDIF("-","w"); for ($i = 0; $i < $mesg->count; $i++) { my $entry = $mesg->entry($i); $ldif->write_entry($entry); } $ldif->done; ... ldif - allows printing of entries in LDIF format mesg - LDAP Handle entry - Entry contained in the LDAP Handle ldif->write_entry() - write in an LDIF format

  14. Close Connections C API PERL API ... rc = ldap_unbind(ld); ... ... $conn->unbind; ... rc - integer return value ldap_unbind() - destroy LDAP handle ld - LDAP Handle conn - LDAP Handle conn->unbind() - destroy LDAP Handle

  15. Resources • http://www.openldap.org - Manual Pages (C Language) • http://www.manning.com/donley - Source Code (PERL)

More Related