1 .TH LDAP 3 "13 November 1995" "U-M LDAP LDVERSION"
3 ldap - Lightweight Directory Access Protocol package
13 The Lightweight Directory Access Protocol provides TCP/IP access to
14 the X.500 Directory or to a stand-alone LDAP server.
15 The University of Michigan LDAP package includes a stand-alone server in
17 an LDAP to X.500 gateway in
19 various LDAP clients, and an LDAP client library used to provide
20 programmatic access to the LDAP protocol. This man page gives an
21 overview of the LDAP library routines.
23 Both synchronous and asynchronous APIs are provided. Also included are
24 various routines to parse the results returned from these routines.
25 These routines are found in the libldap.a library.
27 The basic interaction is as follows. A connection is made to an LDAP
30 An LDAP bind operation is performed by calling
33 and friends. Next, other operations are performed
34 by calling one of the synchronous or asynchronous routines (e.g.,
40 Results returned from these routines are interpreted by calling the
41 LDAP parsing routines. The LDAP association is terminated by calling
43 Errors can be interpreted by calling
46 .BR ldap_set_rebind_proc (3)
47 routine can be used to set a routine to be called back when an LDAP bind
48 operation needs to occur when handling a client referral.
50 Search filters to be passed to the ldap search routines can be
51 constructed by hand, or by calling the
52 .BR ldap_getfilter (3)
53 routines, which use the
54 .BR ldapgetfilter.conf (5)
55 file to turn a string (presumably that a user has typed) into a series
57 .SH DISPLAYING RESULTS
58 Results obtained from the ldap search routines can be output by hand,
60 .BR ldap_first_entry (3)
62 .BR ldap_next_entry (3)
65 .BR ldap_first_attribute (3)
67 .BR ldap_next_attribute (3)
68 to step through an entry's attributes, and
69 .BR ldap_get_values (3)
70 to retrieve a given attribute's value, and then calling
72 or whatever to display the values.
74 Alternatively, the entry can be output automatically by calling
76 .BR ldap_entry2text (3),
77 .BR ldap_entry2text_search (3),
78 .BR ldap_entry2html (3),
80 .BR ldap_entry2html_search (3)
81 routines. These routines look up the object
82 class of the entry they are passed in the
83 .BR ldaptemplates.conf (5)
84 file to decide which attributes to display and how to display them.
85 Output is handled via a routine passed in as a parameter.
86 .SH UNIFORM RESOURCE LOCATORS (URLS)
89 routines can be used test a URL to see if it is an LDAP URL, to parse LDAP
90 URLs into their component pieces, and to initiate searches directly using
92 .SH USER FRIENDLY NAMING
95 routines implement a user friendly naming
96 scheme via LDAP. This scheme allows you to look up entries
97 using fuzzy, untyped names like "mark smith, umich, us".
101 routines implement a local client caching scheme,
102 providing a substantial performance increase for repeated queries.
104 Also provided are various utility routines. The
106 routines are used to sort the entries and values returned via
107 the ldap search routines. The
108 .BR ldap_friendly (3)
110 used to map from short two letter country codes (or other strings)
111 to longer "friendlier" names. The
113 routines can be used to translate to and from the T.61 character
114 set used for many character strings in the LDAP protocol.
115 .SH CONNECTIONLESS ACCESS
117 .BR cldap_search_s (3)
118 routine allows you to access the directory
119 via Connectionless LDAP (CLDAP), which is similar to LDAP but
120 operates over UDP, obviating the need to set up and tear down
121 a connection by calling
127 should be called before using
128 .BR cldap_search_s (3).
129 All the same getfilter, parsing, and display that can be used
130 with regular LDAP routines can be used with the CLDAP routines.
132 Also included in the distribution is a set of lightweight Basic
133 Encoding Rules routines. These routines are used by the LDAP library
134 routines to encode and decode LDAP protocol elements using the
135 (slightly simplified) Basic Encoding Rules defined by LDAP. They are
136 not normally used directly by an LDAP application program. The
137 routines provide a printf and scanf-like interface, as well as
138 lower-level access. These routines are found in the liblber.a
143 open a connection to an LDAP server
146 initialize the LDAP library without opening a connection to a server
149 wait for the result from an asynchronous operation
152 abandon (abort) an asynchronous operation
155 asynchronously add an entry
158 synchronously add an entry
161 asynchronously bind to the directory
164 synchronously bind to the directory
166 .SM ldap_simple_bind(3)
167 asynchronously bind to the directory using simple authentication
169 .SM ldap_simple_bind_s(3)
170 synchronously bind to the directory using simple authentication
172 .SM ldap_kerberos_bind_s(3)
173 synchronously bind to the directory using kerberos authentication
175 .SM ldap_kerberos_bind1(3)
176 asynchronously bind to the LDAP server using kerberos authentication
178 .SM ldap_kerberos_bind1_s(3)
179 synchronously bind to the LDAP server using kerberos authentication
181 .SM ldap_kerberos_bind2(3)
182 asynchronously bind to the DSA using kerberos authentication
184 .SM ldap_kerberos_bind2_s(3)
185 synchronously bind to the DSA using kerberos authentication
188 synchronously unbind from the LDAP server and close the connection
195 dispose of memory allocated by LDAP routines (this is only used on the
196 Microsoft Windows platforms; use
198 on all other platforms).
200 .SM ldap_enable_cache(3)
201 enable LDAP client caching
203 .SM ldap_disable_cache(3)
204 disable LDAP client caching
206 .SM ldap_destroy_cache(3)
207 disable LDAP client caching and destroy cache contents
209 .SM ldap_flush_cache(3)
210 flush LDAP client cache
212 .SM ldap_uncache_entry(3)
213 uncache requests pertaining to an entry
215 .SM ldap_uncache_request(3)
218 .SM ldap_set_cache_options(3)
222 asynchronous compare to a directory entry
224 .SM ldap_compare_s(3)
225 synchronous compare to a directory entry
228 asynchronously delete an entry
231 synchronously delete an entry
233 .SM ldap_init_templates(3)
234 initialize display template routines from a file
236 .SM ldap_init_templates_buf(3)
237 initialize display template routines from a buffer
239 .SM ldap_free_templates(3)
240 free display template routine memory
242 .SM ldap_first_disptmpl(3)
243 get first display template
245 .SM ldap_next_disptmpl(3)
246 get next display template
248 .SM ldap_oc2template(3)
249 return template appropriate for objectclass
251 .SM ldap_name2template(3)
252 return named template
254 .SM ldap_tmplattrs(3)
255 return attributes needed by template
257 .SM ldap_first_tmplrow(3)
258 return first row of displayable items in a template
260 .SM ldap_next_tmplrow(3)
261 return next row of displayable items in a template
263 .SM ldap_first_tmplcol(3)
264 return first column of displayable items in a template
266 .SM ldap_next_tmplcol(3)
267 return next column of displayable items in a template
269 .SM ldap_entry2text(3)
270 display an entry as text using a display template
272 .SM ldap_entry2text_search(3)
273 search for and display an entry as text using a display template
275 .SM ldap_vals2text(3)
276 display values as text
278 .SM ldap_entry2html(3)
279 display an entry as HTML (HyperText Markup Language) using a display template
281 .SM ldap_entry2html_search(3)
282 search for and display an entry as HTML using a display template
284 .SM ldap_vals2html(3)
285 display values as HTML
288 print an LDAP error indication to standard error
291 LDAP error indication
293 .SM ldap_result2error(3)
294 extract LDAP error indication from LDAP result
297 list of ldap errors and their meanings
299 .SM ldap_err2string(3)
300 convert LDAP error indication to a string
302 .SM ldap_first_attribute(3)
303 return first attribute name in an entry
305 .SM ldap_next_attribute(3)
306 return next attribute name in an entry
308 .SM ldap_first_entry(3)
309 return first entry in a chain of search results
311 .SM ldap_next_entry(3)
312 return next entry in a chain of search results
314 .SM ldap_count_entries(3)
315 return number of entries in a search result
317 .SM ldap_friendly_name(3)
318 map from unfriendly to friendly names
320 .SM ldap_free_friendlymap(3)
321 free resources used by ldap_friendly(3)
324 extract the DN from an entry
326 .SM ldap_explode_dn(3)
327 convert a DN into its component parts
329 .SM ldap_explode_dns(3)
330 convert a DNS-style DN into its component parts (experimental)
332 .SM ldap_is_dns_dn(3)
333 check to see if a DN is a DNS-style DN (experimental)
336 convert a DN into user friendly form
338 .SM ldap_get_values(3)
339 return an attribute's values
341 .SM ldap_get_values_len(3)
342 return an attribute values with lengths
344 .SM ldap_value_free(3)
345 free memory allocated by ldap_get_values(3)
347 .SM ldap_value_free_len(3)
348 free memory allocated by ldap_get_values_len(3)
350 .SM ldap_count_values(3)
351 return number of values
353 .SM ldap_count_values_len(3)
354 return number of values
356 .SM ldap_init_getfilter(3)
357 initialize getfilter routines from a file
359 .SM ldap_init_getfilter_buf(3)
360 initialize getfilter routines from a buffer
362 .SM ldap_getfilter_free(3)
363 free resources allocated by ldap_init_getfilter(3)
365 .SM ldap_getfirstfilter(3)
366 return first search filter
368 .SM ldap_getnextfilter(3)
369 return next search filter
371 .SM ldap_build_filter(3)
372 construct an LDAP search filter from a pattern
374 .SM ldap_setfilteraffixes(3)
375 set prefix and suffix for search filters
378 asynchronously modify an entry
381 synchronously modify an entry
383 .SM ldap_mods_free(3)
384 free array of pointers to mod structures used by ldap_modify(3)
387 asynchronously modify the RDN of an entry
389 .SM ldap_modrdn2_s(3)
390 synchronously modify the RDN of an entry
393 depreciated - use ldap_modrdn2(3)
396 depreciated - use ldap_modrdn2_s(3)
399 free results allocated by ldap_result(3)
402 asynchronously search the directory
405 synchronously search the directory
407 .SM ldap_search_st(3)
408 synchronously search the directory with timeout
410 .SM ldap_ufn_search_s(3)
411 user friendly search the directory
413 .SM ldap_ufn_search_c(3)
414 user friendly search the directory with cancel
416 .SM ldap_ufn_search_ct(3)
417 user friendly search the directory with cancel and timeout
419 .SM ldap_ufn_setfilter(3)
420 set filter file used by ldap_ufn(3) routines
422 .SM ldap_ufn_setprefix(3)
423 set prefix used by ldap_ufn(3) routines
425 .SM ldap_ufn_timeout(3)
426 set timeout used by ldap_ufn(3) routines
428 .SM ldap_is_ldap_url(3)
429 check a URL string to see if it is an LDAP URL
431 .SM ldap_url_parse(3)
432 break up an LDAP URL string into its components
434 .SM ldap_url_search(3)
435 asynchronously search using an LDAP URL
437 .SM ldap_url_search_s(3)
438 synchronously search using an LDAP URL
440 .SM ldap_url_search_st(3)
441 synchronously search using an LDAP URL and a timeout
443 .SM ldap_init_searchprefs(3)
444 initialize searchprefs routines from a file
446 .SM ldap_init_searchprefs_buf(3)
447 initialize searchprefs routines from a buffer
449 .SM ldap_free_searchprefs(3)
450 free memory allocated by searchprefs routines
452 .SM ldap_first_searchobj(3)
453 return first searchpref object
455 .SM ldap_next_searchobj(3)
456 return next searchpref object
458 .SM ldap_sort_entries(3)
459 sort a list of search results
461 .SM ldap_sort_values(3)
462 sort a list of attribute values
464 .SM ldap_sort_strcasecmp(3)
465 case insensitive string comparison
467 .SM ldap_set_string_translators(3)
468 set character set translation routines used by LDAP library
470 .SM ldap_t61_to_8859(3)
471 translate from ISO-8859 characters to the T.61 characters
473 .SM ldap_8859_to_t61(3)
474 translate from T.61 characters to the ISO-8859 characters
476 .SM ldap_translate_from_t61(3)
477 translate from the T.61 character set to another character set
479 .SM ldap_translate_to_t61(3)
480 translate to the T.61 character set from another character set
482 .SM ldap_enable_translation(3)
483 enable or disable character translation for an LDAP entry result
486 open a connectionless LDAP (CLDAP) session
488 .SM cldap_search_s(3)
489 perform a search using connectionless LDAP
491 .SM cldap_setretryinfo(3)
492 set retry and timeout information using connectionless LDAP
495 terminate a connectionless LDAP session
500 Tim Howes, Mark Smith, Gordon Good, Lance Sloan, and Steve Rothwell from
501 the University of Michigan, along with help from lots of others.