1 .TH LDAP 3 "13 May 2000" "OpenLDAP LDVERSION"
3 .\" Copyright 1998-2000 The OpenLDAP Foundation All Rights Reserved.
4 .\" Copying restrictions apply. See COPYRIGHT/LICENSE.
6 ldap - OpenLDAP Lightweight Directory Access Protocol API
15 The Lightweight Directory Access Protocol provides access to
16 X.500 directory services. The services may be stand\-alone
17 part of a distributed directory service. This API supports
18 LDAP over TCP, LDAP over SSL, and LDAP over IPC (UNIX domain
21 The OpenLDAP LDAP package includes a stand-alone server in
23 various LDAP clients, and an LDAP client library used to provide
24 programmatic access to the LDAP protocol. This man page gives an
25 overview of the LDAP library routines.
27 Both synchronous and asynchronous APIs are provided. Also included are
28 various routines to parse the results returned from these routines.
29 These routines are found in the \-lldap library.
31 The basic interaction is as follows. A session handle associated
34 The underlying session is established upon first use which is
35 commonly an LDAP bind operation. The LDAP bind operation is
36 performed by calling one of
37 .BR ldap_sasl_bind (3)
38 and friends. Next, other operations are performed
39 by calling one of the synchronous or asynchronous routines (e.g.,
40 .BR ldap_search_ext_s (3)
42 .BR ldap_search_ext (3)
45 Results returned from these routines are interpreted by calling the
46 LDAP parsing routines such as
47 .BR ldap_parse_result (3).
48 The LDAP association and underlying connection is terminated by calling
49 .BR ldap_unbind_ext (3).
50 Errors can be interpreted by calling
51 .BR ldap_err2string (3).
53 Search filters to be passed to the ldap search routines can be
54 constructed by hand, or by calling the
55 .BR ldap_getfilter (3)
56 routines, which use the
57 .BR ldapgetfilter.conf (5)
58 file to turn a string (presumably that a user has typed) into a series
60 .SH DISPLAYING RESULTS
61 Results obtained from the ldap search routines can be output by hand,
63 .BR ldap_first_entry (3)
65 .BR ldap_next_entry (3)
68 .BR ldap_first_attribute (3)
70 .BR ldap_next_attribute (3)
71 to step through an entry's attributes, and
72 .BR ldap_get_values (3)
73 to retrieve a given attribute's value. Attribute values
74 may or may not be displayable.
76 Alternatively, the entry can be output automatically by calling
78 .BR ldap_entry2text (3),
79 .BR ldap_entry2text_search (3),
80 .BR ldap_entry2html (3),
82 .BR ldap_entry2html_search (3)
83 routines. These routines look up the object
84 class of the entry they are passed in the
85 .BR ldaptemplates.conf (5)
86 file to decide which attributes to display and how to display them.
87 Output is handled via a routine passed in as a parameter.
88 .SH UNIFORM RESOURCE LOCATORS (URLS)
91 routines can be used test a URL to see if it is an LDAP URL, to parse LDAP
92 URLs into their component pieces, and to initiate searches directly using
94 .SH USER FRIENDLY NAMING
97 routines implement a user friendly naming
98 scheme via LDAP. This scheme allows you to look up entries
99 using fuzzy, untyped names like "john smith, example corp, ca, us".
103 routines implement a local client caching scheme,
104 providing a substantial performance increase for repeated queries.
106 Also provided are various utility routines. The
108 routines are used to sort the entries and values returned via
109 the ldap search routines. The
110 .BR ldap_friendly (3)
112 used to map from short two letter country codes (or other strings)
113 to longer "friendlier" names.
114 .SH CONNECTIONLESS ACCESS
116 .BR cldap_search_s (3)
117 routine allows you to access the directory
118 via Connectionless LDAP (CLDAP), which is similar to LDAP but
119 operates over UDP, obviating the need to set up and tear down
120 a connection by calling
126 should be called before using
127 .BR cldap_search_s (3).
128 All the same getfilter, parsing, and display that can be used
129 with regular LDAP routines can be used with the CLDAP routines.
131 Also included in the distribution is a set of lightweight Basic
132 Encoding Rules routines. These routines are used by the LDAP library
133 routines to encode and decode LDAP protocol elements using the
134 (slightly simplified) Basic Encoding Rules defined by LDAP. They are
135 not normally used directly by an LDAP application program excepting
136 in the handling of controls and extended operations. The
137 routines provide a printf and scanf-like interface, as well as
138 lower-level access. These routines are found in the -llber
143 open a connection to an LDAP server
146 initialize the LDAP library without opening a connection to a server
149 wait for the result from an asynchronous operation
152 abandon (abort) an asynchronous operation
155 asynchronously add an entry
158 synchronously add an entry
161 asynchronously bind to the directory
164 synchronously bind to the directory
166 .SM ldap_simple_bind(3)
167 asynchronously bind to the directory using simple authentication
169 .SM ldap_simple_bind_s(3)
170 synchronously bind to the directory using simple authentication
172 .SM ldap_kerberos_bind_s(3)
173 synchronously bind to the directory using kerberos authentication
175 .SM ldap_kerberos_bind1(3)
176 asynchronously bind to the LDAP server using kerberos authentication
178 .SM ldap_kerberos_bind1_s(3)
179 synchronously bind to the LDAP server using kerberos authentication
181 .SM ldap_kerberos_bind2(3)
182 asynchronously bind to the DSA using kerberos authentication
184 .SM ldap_kerberos_bind2_s(3)
185 synchronously bind to the DSA using kerberos authentication
188 synchronously unbind from the LDAP server and close the connection
195 dispose of memory allocated by LDAP routines.
197 .SM ldap_enable_cache(3)
198 enable LDAP client caching
200 .SM ldap_disable_cache(3)
201 disable LDAP client caching
203 .SM ldap_destroy_cache(3)
204 disable LDAP client caching and destroy cache contents
206 .SM ldap_flush_cache(3)
207 flush LDAP client cache
209 .SM ldap_uncache_entry(3)
210 uncache requests pertaining to an entry
212 .SM ldap_uncache_request(3)
215 .SM ldap_set_cache_options(3)
219 asynchronous compare to a directory entry
221 .SM ldap_compare_s(3)
222 synchronous compare to a directory entry
225 asynchronously delete an entry
228 synchronously delete an entry
230 .SM ldap_init_templates(3)
231 initialize display template routines from a file
233 .SM ldap_init_templates_buf(3)
234 initialize display template routines from a buffer
236 .SM ldap_free_templates(3)
237 free display template routine memory
239 .SM ldap_first_disptmpl(3)
240 get first display template
242 .SM ldap_next_disptmpl(3)
243 get next display template
245 .SM ldap_oc2template(3)
246 return template appropriate for objectclass
248 .SM ldap_name2template(3)
249 return named template
251 .SM ldap_tmplattrs(3)
252 return attributes needed by template
254 .SM ldap_first_tmplrow(3)
255 return first row of displayable items in a template
257 .SM ldap_next_tmplrow(3)
258 return next row of displayable items in a template
260 .SM ldap_first_tmplcol(3)
261 return first column of displayable items in a template
263 .SM ldap_next_tmplcol(3)
264 return next column of displayable items in a template
266 .SM ldap_entry2text(3)
267 display an entry as text using a display template
269 .SM ldap_entry2text_search(3)
270 search for and display an entry as text using a display template
272 .SM ldap_vals2text(3)
273 display values as text
275 .SM ldap_entry2html(3)
276 display an entry as HTML (HyperText Markup Language) using a display template
278 .SM ldap_entry2html_search(3)
279 search for and display an entry as HTML using a display template
281 .SM ldap_vals2html(3)
282 display values as HTML
285 print an LDAP error indication to standard error
288 LDAP error indication
290 .SM ldap_result2error(3)
291 extract LDAP error indication from LDAP result
294 list of ldap errors and their meanings
296 .SM ldap_err2string(3)
297 convert LDAP error indication to a string
299 .SM ldap_first_attribute(3)
300 return first attribute name in an entry
302 .SM ldap_next_attribute(3)
303 return next attribute name in an entry
305 .SM ldap_first_entry(3)
306 return first entry in a chain of search results
308 .SM ldap_next_entry(3)
309 return next entry in a chain of search results
311 .SM ldap_count_entries(3)
312 return number of entries in a search result
314 .SM ldap_friendly_name(3)
315 map from unfriendly to friendly names
317 .SM ldap_free_friendlymap(3)
318 free resources used by ldap_friendly(3)
321 extract the DN from an entry
323 .SM ldap_explode_dn(3)
324 convert a DN into its component parts
326 .SM ldap_explode_rdn(3)
327 convert a RDN into its component parts
330 convert a DN into user friendly form
332 .SM ldap_get_values(3)
333 return an attribute's values
335 .SM ldap_get_values_len(3)
336 return an attribute values with lengths
338 .SM ldap_value_free(3)
339 free memory allocated by ldap_get_values(3)
341 .SM ldap_value_free_len(3)
342 free memory allocated by ldap_get_values_len(3)
344 .SM ldap_count_values(3)
345 return number of values
347 .SM ldap_count_values_len(3)
348 return number of values
350 .SM ldap_init_getfilter(3)
351 initialize getfilter routines from a file
353 .SM ldap_init_getfilter_buf(3)
354 initialize getfilter routines from a buffer
356 .SM ldap_getfilter_free(3)
357 free resources allocated by ldap_init_getfilter(3)
359 .SM ldap_getfirstfilter(3)
360 return first search filter
362 .SM ldap_getnextfilter(3)
363 return next search filter
365 .SM ldap_build_filter(3)
366 construct an LDAP search filter from a pattern
368 .SM ldap_setfilteraffixes(3)
369 set prefix and suffix for search filters
372 asynchronously modify an entry
375 synchronously modify an entry
377 .SM ldap_mods_free(3)
378 free array of pointers to mod structures used by ldap_modify(3)
381 asynchronously modify the RDN of an entry
383 .SM ldap_modrdn2_s(3)
384 synchronously modify the RDN of an entry
387 depreciated - use ldap_modrdn2(3)
390 depreciated - use ldap_modrdn2_s(3)
393 free results allocated by ldap_result(3)
396 return the message type of a message from ldap_result(3)
399 return the message id of a message from ldap_result(3)
402 asynchronously search the directory
405 synchronously search the directory
407 .SM ldap_search_st(3)
408 synchronously search the directory with timeout
410 .SM ldap_ufn_search_s(3)
411 user friendly search the directory
413 .SM ldap_ufn_search_c(3)
414 user friendly search the directory with cancel
416 .SM ldap_ufn_search_ct(3)
417 user friendly search the directory with cancel and timeout
419 .SM ldap_ufn_setfilter(3)
420 set filter file used by ldap_ufn(3) routines
422 .SM ldap_ufn_setprefix(3)
423 set prefix used by ldap_ufn(3) routines
425 .SM ldap_ufn_timeout(3)
426 set timeout used by ldap_ufn(3) routines
428 .SM ldap_is_ldap_url(3)
429 check a URL string to see if it is an LDAP URL
431 .SM ldap_url_parse(3)
432 break up an LDAP URL string into its components
434 .SM ldap_url_search(3)
435 asynchronously search using an LDAP URL
437 .SM ldap_url_search_s(3)
438 synchronously search using an LDAP URL
440 .SM ldap_url_search_st(3)
441 synchronously search using an LDAP URL and a timeout
443 .SM ldap_init_searchprefs(3)
444 initialize searchprefs routines from a file
446 .SM ldap_init_searchprefs_buf(3)
447 initialize searchprefs routines from a buffer
449 .SM ldap_free_searchprefs(3)
450 free memory allocated by searchprefs routines
452 .SM ldap_first_searchobj(3)
453 return first searchpref object
455 .SM ldap_next_searchobj(3)
456 return next searchpref object
458 .SM ldap_sort_entries(3)
459 sort a list of search results
461 .SM ldap_sort_values(3)
462 sort a list of attribute values
464 .SM ldap_sort_strcasecmp(3)
465 case insensitive string comparison
468 open a connectionless LDAP (CLDAP) session
470 .SM cldap_search_s(3)
471 perform a search using connectionless LDAP
473 .SM cldap_setretryinfo(3)
474 set retry and timeout information using connectionless LDAP
477 terminate a connectionless LDAP session
482 is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
484 is derived from University of Michigan LDAP 3.3 Release.