1 .TH LDAP 3 "10 November 1998" "OpenLDAP LDVERSION"
3 ldap - Lightweight Directory Access Protocol package
13 The Lightweight Directory Access Protocol provides TCP/IP access to
14 the X.500 Directory or to a stand-alone LDAP server.
15 The OpenLDAP LDAP package includes a stand-alone server in
17 an LDAP to X.500 gateway in
19 various LDAP clients, and an LDAP client library used to provide
20 programmatic access to the LDAP protocol. This man page gives an
21 overview of the LDAP library routines.
23 Both synchronous and asynchronous APIs are provided. Also included are
24 various routines to parse the results returned from these routines.
25 These routines are found in the libldap.a library.
27 The basic interaction is as follows. A connection is made to an LDAP
30 An LDAP bind operation is performed by calling
33 and friends. Next, other operations are performed
34 by calling one of the synchronous or asynchronous routines (e.g.,
40 Results returned from these routines are interpreted by calling the
41 LDAP parsing routines. The LDAP association is terminated by calling
43 Errors can be interpreted by calling
46 .BR ldap_set_rebind_proc (3)
47 routine can be used to set a routine to be called back when an LDAP bind
48 operation needs to occur when handling a client referral.
50 Search filters to be passed to the ldap search routines can be
51 constructed by hand, or by calling the
52 .BR ldap_getfilter (3)
53 routines, which use the
54 .BR ldapgetfilter.conf (5)
55 file to turn a string (presumably that a user has typed) into a series
57 .SH DISPLAYING RESULTS
58 Results obtained from the ldap search routines can be output by hand,
60 .BR ldap_first_entry (3)
62 .BR ldap_next_entry (3)
65 .BR ldap_first_attribute (3)
67 .BR ldap_next_attribute (3)
68 to step through an entry's attributes, and
69 .BR ldap_get_values (3)
70 to retrieve a given attribute's value, and then calling
72 or whatever to display the values.
74 Alternatively, the entry can be output automatically by calling
76 .BR ldap_entry2text (3),
77 .BR ldap_entry2text_search (3),
78 .BR ldap_entry2html (3),
80 .BR ldap_entry2html_search (3)
81 routines. These routines look up the object
82 class of the entry they are passed in the
83 .BR ldaptemplates.conf (5)
84 file to decide which attributes to display and how to display them.
85 Output is handled via a routine passed in as a parameter.
86 .SH UNIFORM RESOURCE LOCATORS (URLS)
89 routines can be used test a URL to see if it is an LDAP URL, to parse LDAP
90 URLs into their component pieces, and to initiate searches directly using
92 .SH USER FRIENDLY NAMING
95 routines implement a user friendly naming
96 scheme via LDAP. This scheme allows you to look up entries
97 using fuzzy, untyped names like "mark smith, umich, us".
101 routines implement a local client caching scheme,
102 providing a substantial performance increase for repeated queries.
104 Also provided are various utility routines. The
106 routines are used to sort the entries and values returned via
107 the ldap search routines. The
108 .BR ldap_friendly (3)
110 used to map from short two letter country codes (or other strings)
111 to longer "friendlier" names. The
113 routines can be used to translate to and from the T.61 character
114 set used for many character strings in the LDAP protocol.
115 .SH CONNECTIONLESS ACCESS
117 .BR cldap_search_s (3)
118 routine allows you to access the directory
119 via Connectionless LDAP (CLDAP), which is similar to LDAP but
120 operates over UDP, obviating the need to set up and tear down
121 a connection by calling
127 should be called before using
128 .BR cldap_search_s (3).
129 All the same getfilter, parsing, and display that can be used
130 with regular LDAP routines can be used with the CLDAP routines.
132 Also included in the distribution is a set of lightweight Basic
133 Encoding Rules routines. These routines are used by the LDAP library
134 routines to encode and decode LDAP protocol elements using the
135 (slightly simplified) Basic Encoding Rules defined by LDAP. They are
136 not normally used directly by an LDAP application program. The
137 routines provide a printf and scanf-like interface, as well as
138 lower-level access. These routines are found in the liblber.a
143 open a connection to an LDAP server
146 initialize the LDAP library without opening a connection to a server
149 wait for the result from an asynchronous operation
152 abandon (abort) an asynchronous operation
155 asynchronously add an entry
158 synchronously add an entry
161 asynchronously bind to the directory
164 synchronously bind to the directory
166 .SM ldap_simple_bind(3)
167 asynchronously bind to the directory using simple authentication
169 .SM ldap_simple_bind_s(3)
170 synchronously bind to the directory using simple authentication
172 .SM ldap_kerberos_bind_s(3)
173 synchronously bind to the directory using kerberos authentication
175 .SM ldap_kerberos_bind1(3)
176 asynchronously bind to the LDAP server using kerberos authentication
178 .SM ldap_kerberos_bind1_s(3)
179 synchronously bind to the LDAP server using kerberos authentication
181 .SM ldap_kerberos_bind2(3)
182 asynchronously bind to the DSA using kerberos authentication
184 .SM ldap_kerberos_bind2_s(3)
185 synchronously bind to the DSA using kerberos authentication
188 synchronously unbind from the LDAP server and close the connection
195 dispose of memory allocated by LDAP routines.
197 .SM ldap_enable_cache(3)
198 enable LDAP client caching
200 .SM ldap_disable_cache(3)
201 disable LDAP client caching
203 .SM ldap_destroy_cache(3)
204 disable LDAP client caching and destroy cache contents
206 .SM ldap_flush_cache(3)
207 flush LDAP client cache
209 .SM ldap_uncache_entry(3)
210 uncache requests pertaining to an entry
212 .SM ldap_uncache_request(3)
215 .SM ldap_set_cache_options(3)
219 asynchronous compare to a directory entry
221 .SM ldap_compare_s(3)
222 synchronous compare to a directory entry
225 asynchronously delete an entry
228 synchronously delete an entry
230 .SM ldap_init_templates(3)
231 initialize display template routines from a file
233 .SM ldap_init_templates_buf(3)
234 initialize display template routines from a buffer
236 .SM ldap_free_templates(3)
237 free display template routine memory
239 .SM ldap_first_disptmpl(3)
240 get first display template
242 .SM ldap_next_disptmpl(3)
243 get next display template
245 .SM ldap_oc2template(3)
246 return template appropriate for objectclass
248 .SM ldap_name2template(3)
249 return named template
251 .SM ldap_tmplattrs(3)
252 return attributes needed by template
254 .SM ldap_first_tmplrow(3)
255 return first row of displayable items in a template
257 .SM ldap_next_tmplrow(3)
258 return next row of displayable items in a template
260 .SM ldap_first_tmplcol(3)
261 return first column of displayable items in a template
263 .SM ldap_next_tmplcol(3)
264 return next column of displayable items in a template
266 .SM ldap_entry2text(3)
267 display an entry as text using a display template
269 .SM ldap_entry2text_search(3)
270 search for and display an entry as text using a display template
272 .SM ldap_vals2text(3)
273 display values as text
275 .SM ldap_entry2html(3)
276 display an entry as HTML (HyperText Markup Language) using a display template
278 .SM ldap_entry2html_search(3)
279 search for and display an entry as HTML using a display template
281 .SM ldap_vals2html(3)
282 display values as HTML
285 print an LDAP error indication to standard error
288 LDAP error indication
290 .SM ldap_result2error(3)
291 extract LDAP error indication from LDAP result
294 list of ldap errors and their meanings
296 .SM ldap_err2string(3)
297 convert LDAP error indication to a string
299 .SM ldap_first_attribute(3)
300 return first attribute name in an entry
302 .SM ldap_next_attribute(3)
303 return next attribute name in an entry
305 .SM ldap_first_entry(3)
306 return first entry in a chain of search results
308 .SM ldap_next_entry(3)
309 return next entry in a chain of search results
311 .SM ldap_count_entries(3)
312 return number of entries in a search result
314 .SM ldap_friendly_name(3)
315 map from unfriendly to friendly names
317 .SM ldap_free_friendlymap(3)
318 free resources used by ldap_friendly(3)
321 extract the DN from an entry
323 .SM ldap_explode_dn(3)
324 convert a DN into its component parts
326 .SM ldap_explode_rdn(3)
327 convert a RDN into its component parts
329 .SM ldap_explode_dns(3)
330 convert a DNS-style DN into its component parts (experimental)
332 .SM ldap_is_dns_dn(3)
333 check to see if a DN is a DNS-style DN (experimental)
336 convert a DN into user friendly form
338 .SM ldap_get_values(3)
339 return an attribute's values
341 .SM ldap_get_values_len(3)
342 return an attribute values with lengths
344 .SM ldap_value_free(3)
345 free memory allocated by ldap_get_values(3)
347 .SM ldap_value_free_len(3)
348 free memory allocated by ldap_get_values_len(3)
350 .SM ldap_count_values(3)
351 return number of values
353 .SM ldap_count_values_len(3)
354 return number of values
356 .SM ldap_init_getfilter(3)
357 initialize getfilter routines from a file
359 .SM ldap_init_getfilter_buf(3)
360 initialize getfilter routines from a buffer
362 .SM ldap_getfilter_free(3)
363 free resources allocated by ldap_init_getfilter(3)
365 .SM ldap_getfirstfilter(3)
366 return first search filter
368 .SM ldap_getnextfilter(3)
369 return next search filter
371 .SM ldap_build_filter(3)
372 construct an LDAP search filter from a pattern
374 .SM ldap_setfilteraffixes(3)
375 set prefix and suffix for search filters
378 asynchronously modify an entry
381 synchronously modify an entry
383 .SM ldap_mods_free(3)
384 free array of pointers to mod structures used by ldap_modify(3)
387 asynchronously modify the RDN of an entry
389 .SM ldap_modrdn2_s(3)
390 synchronously modify the RDN of an entry
393 depreciated - use ldap_modrdn2(3)
396 depreciated - use ldap_modrdn2_s(3)
399 free results allocated by ldap_result(3)
402 return the message type of a message from ldap_result(3)
405 return the message id of a message from ldap_result(3)
408 asynchronously search the directory
411 synchronously search the directory
413 .SM ldap_search_st(3)
414 synchronously search the directory with timeout
416 .SM ldap_ufn_search_s(3)
417 user friendly search the directory
419 .SM ldap_ufn_search_c(3)
420 user friendly search the directory with cancel
422 .SM ldap_ufn_search_ct(3)
423 user friendly search the directory with cancel and timeout
425 .SM ldap_ufn_setfilter(3)
426 set filter file used by ldap_ufn(3) routines
428 .SM ldap_ufn_setprefix(3)
429 set prefix used by ldap_ufn(3) routines
431 .SM ldap_ufn_timeout(3)
432 set timeout used by ldap_ufn(3) routines
434 .SM ldap_is_ldap_url(3)
435 check a URL string to see if it is an LDAP URL
437 .SM ldap_url_parse(3)
438 break up an LDAP URL string into its components
440 .SM ldap_url_search(3)
441 asynchronously search using an LDAP URL
443 .SM ldap_url_search_s(3)
444 synchronously search using an LDAP URL
446 .SM ldap_url_search_st(3)
447 synchronously search using an LDAP URL and a timeout
449 .SM ldap_init_searchprefs(3)
450 initialize searchprefs routines from a file
452 .SM ldap_init_searchprefs_buf(3)
453 initialize searchprefs routines from a buffer
455 .SM ldap_free_searchprefs(3)
456 free memory allocated by searchprefs routines
458 .SM ldap_first_searchobj(3)
459 return first searchpref object
461 .SM ldap_next_searchobj(3)
462 return next searchpref object
464 .SM ldap_sort_entries(3)
465 sort a list of search results
467 .SM ldap_sort_values(3)
468 sort a list of attribute values
470 .SM ldap_sort_strcasecmp(3)
471 case insensitive string comparison
473 .SM ldap_set_string_translators(3)
474 set character set translation routines used by LDAP library
476 .SM ldap_t61_to_8859(3)
477 translate from ISO-8859 characters to the T.61 characters
479 .SM ldap_8859_to_t61(3)
480 translate from T.61 characters to the ISO-8859 characters
482 .SM ldap_translate_from_t61(3)
483 translate from the T.61 character set to another character set
485 .SM ldap_translate_to_t61(3)
486 translate to the T.61 character set from another character set
488 .SM ldap_enable_translation(3)
489 enable or disable character translation for an LDAP entry result
492 open a connectionless LDAP (CLDAP) session
494 .SM cldap_search_s(3)
495 perform a search using connectionless LDAP
497 .SM cldap_setretryinfo(3)
498 set retry and timeout information using connectionless LDAP
501 terminate a connectionless LDAP session
506 Tim Howes, Mark Smith, Gordon Good, Lance Sloan, and Steve Rothwell from
507 the University of Michigan, along with help from lots of others.
510 is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
512 is derived from University of Michigan LDAP 3.3 Release.