H2: What is LDAP?
{{I:Slapd}}'s model for directory service is based on a global directory
-model called {{LDAP}}. LDAP stands for the {{Lightweight Directory
-Access Protocol}}. LDAP is a directory access protocol that runs over
-{{TCP/IP}}. The nitty-gritty details of LDAP are defined in RFC 2251
-"The Lightweight Directory Access Protocol (v3)." This section gives
-an overview of LDAP from a user's perspective.
+model called {{TERM:LDAP}}. LDAP stands for {{TERM[expand]LDAP}}.
+LDAP is a directory access protocol that runs over
+{{TCP/IP}}. The nitty-gritty details of LDAP are defined in
+{{REF:RFC2251}} "The Lightweight Directory Access Protocol (v3)."
+This section gives an overview of LDAP from a user's perspective.
{{I:What kind of information can be stored in the directory?}}
The LDAP information model is based on {{entries}}. An entry is a
on the attribute type is. For example, {{EX:cn}} attribute might
be the value {{EX: Babs Jensen}}. A {{EX:mail}} attribute might
contain the value "{{EX:babs@openldap.org}}". A {{EX:jpegPhoto}}
-attribute would contain a photograph in the JPEG/JFIF (binary) format.
+attribute would contain a photograph in the JPEG (binary) format.
{{I:How is the information arranged?}}
In LDAP, directory entries are arranged in a hierarchical tree-like
or just about anything else you can think of. Figure 1.1 shows an
example LDAP directory tree using traditional naming.
-!import "intro_tree.gif"; align="center"; title="LDAP directory tree (traditional naming)"
+!import "intro_tree.gif"; align="center"; \
+ title="LDAP directory tree (traditional naming)"
FT[align="Center"] Figure 1.1: LDAP directory tree (traditional naming)
The tree may also be arranged based upon Internet domain names.
Figure 1.2 shows an example using this increasing popular naming approach.
-!import "intro_dctree.gif"; align="center"; title="LDAP directory tree (Internet naming)"
+!import "intro_dctree.gif"; align="center"; \
+ title="LDAP directory tree (Internet naming)"
FT[align="Center"] Figure 1.2: LDAP directory tree (Internet naming)
In addition, LDAP allows you to control which attributes are required
example, the entry for Barbara Jensen in the Internet naming example
above has an RDN of {{EX:uid=babs}} and a DN of
{{EX:uid=babs, ou=People, dc=OpenLDAP, dc=com}}". The full DN format is
-described in RFC 2253, "Lightweight Directory Access Protocol (v3):
+described in {{REF:RFC2253}}, "Lightweight Directory Access Protocol (v3):
UTF-8 String Representation of Distinguished Names."
{{I:How is the information accessed?}}
{{I:slurpd}} handles retrying failed requests automatically.
{{I:Slapd}} and {{I:slurpd}} communicate through a simple text
file that is used to log changes.
-
-PB:
-
# document's copyright
P2[notoc] Copyright
-Copyright 1998-2000, The OpenLDAP Foundation, All Rights Reserved.
+Copyright 1998-2000, The {{ORG[expand]OLF}}, All Rights Reserved.
-Copyright 1992-1996, University of Michigan, All Rights Reserved.
+Copyright 1992-1996, Regents of the {{ORG[expand]UM}}, All Rights Reserved.
-# acknowledge U-M. Probably should be placed in a separate file.
P2[notoc] Acknowledgements
-The {{OpenLDAP Project}} ({{URL:http://www.openldap.org/}}) is comprised
-of a team of volunteers. This document would not be possible
-without their contribution of time and energy.
+The {{ORG[expand]OLP}} is comprised of a team of volunteers. This document
+would not be possible without their contribution of time and energy.
-The OpenLDAP Project would also like to thank the {{University of Michigan
-LDAP Team}} ({{URL::http://www.umich.edu/~dirsvcs/ldap/}}) for building
-the foundation of LDAP software and information
+The OpenLDAP Project would also like to thank the {{ORG[expand]UMLDAP}}
+for building the foundation of LDAP software and information
to which we build upon.
or {{URL: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release.tgz}}.
If you are reading this guide, you have probably already done this.
-
+.{{S: }}
+{{B:Unpack the distribution}}.
.Pick a directory for the LDAP source to live under and change
name of the release.
+.{{S: }}
+{{B: Configure the software}}.
.You will need to run the configure script to configure slapd.
..{{EX:su root}}
..{{EX:make install}}
+
+.{{S: }}
+{{B:Edit the configuration file}}.
.Use this section as a brief guide. For more details on the configuration
file, see chapter 5.
.Now we need to edit the default configuration file that was
-installed earlier. By default the configuration file for slapd
-is located at {{F:/usr/local/etc/openldap/slapd.conf}}. If
-you specified the {{EX:--prefix}} option when you ran configure,
+installed earlier. The slapd configuration file {{I:slapd.conf}}(5)
+for is normally located at {{F:/usr/local/etc/openldap/slapd.conf}}.
+If you specified the {{EX:--prefix}} option when you ran configure,
then replace {{F:/usr/local}} with the value you gave as the
prefix. For example, if you ran configure as
..{{EX:database ldbm}}
-.This marks the begining of the database configuration for slapd. Everything
-you will need to change for this example is located after this line.
+.This marks the begining of the database configuration for slapd.
+Everything you will need to change for this example is located
+after this line.
.Listed below are the default settings for the database in
-{{F:slapd.conf}}(8). Lines that begin with a # are considered
-to be comments by slapd, they have been removed from the listing
-below to save space. If a line starts with white space it is
-considered a continuation of the preceeding line.
+{{F:slapd.conf}}(5). Lines that begin with a sharp sign ('#')
+are considered to be comments by slapd, they have been removed
+from the listing below to save space. If a line starts with
+white space it is considered a continuation of the preceeding
+line.
..{{EX:suffix "dc=my-domain, dc=com"}}
..{{EX:rootdn "cn=Manager, dc=my-domain, dc=com"}}
in the {{F:slapd.conf}} file. The directory must exist before
you start the server.
+
+.{{S: }}
+{{B:Starting the server}}.
.You are now ready to start the server by running the command
..{{EX:dn:}}
..{{EX:namingContexts: dc=example, dc=net}}
+
+.{{S: }}
+{{B:Create a database}}.
. This is a two-step process. The first step is to create a file
.Where {{F:example.ldif}} is the file you created above.
+.{{S: }}
+{{B:See if it works}}.
.Now we're ready to verify the added entries are in your directory.
# Copyright 1999-2000, The OpenLDAP Foundation, All Rights Reserved.
# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
-H1: The {{I: slapd}} Configuration File
+H1: The slapd Configuration File
Once the software has been built and installed, you are ready to configure it
for use at your site. All slapd runtime configuration is accomplished through
-the {{EX: slapd.conf}} file, installed in the {{EX: ETCDIR}}
-directory you specified in the {{EX: Make-common}} file.
+the {{I:slapd.conf}}(5) file, normally installed in the
+{{EX:/usr/local/etc/openldap}} directory.
An alternate configuration file can be specified via a
command-line option to slapd or slurpd (see Sections 5 and 8,
E: # comment - these options apply to every database
E: <global config options>
+E:
E: # first database definition & config options
E: database <backend 1 type>
E: <config options specific to backend 1>
+E:
E: # second database definition & config options
E: database <backend 2 type>
E: <config options specific to backend 2>
+E:
E: # subsequent database definitions & config options
E: ...
# Paths are relative to the main subdirectories
#
-!define DOC_AUTHOR "OpenLDAP <{{URL:http://www.openldap.org/}}>"
+!define DOC_AUTHOR "The OpenLDAP Project <{{URL:http://www.openldap.org/}}>"
!define DOC_NAME "OpenLDAP"
!define DOC_TYPE "Guide"
!define HTML_URL_CATALOG "../index.html"
!block organisations; data
-Name Long Jump
-OpenLDAP OpenLDAP http://www.openldap.org/
-OLF The OpenLDAP Foundation http://www.openldap.org/foundation/
-OLP The OpenLDAP Project http://www.openldap.org/project/
-UM University of Michigan http://www.umich.edu/
-IETF Internet Engineering Task Force http://www.ietf.org/
+Name Long Jump
+OpenLDAP OpenLDAP http://www.openldap.org/
+OLF OpenLDAP Foundation http://www.openldap.org/foundation/
+OLP OpenLDAP Project http://www.openldap.org/project/
+UM University of Michigan http://www.umich.edu/
+UMLDAP University of Michigan LDAP http://www.umich.edu/~dirsrvs/ldap/
+IETF Internet Engineering Task Force http://www.ietf.org/
+RFC RFC Editor http://www.rfc-editor.org/
!endblock
!block terms; data
Term Definition
+BCP Best Common Practice
+DAP Directory Access Protocol
FAQ Frequently Asked Questions
+FYI For Your Information
+I-D Internet Draft
+IP Internet Protocol
ITS Issue Tracking System
LDAP Lightweight Directory Access Protocol
+PS Proposed Standard
RFC Request for Comments
+TCP Transmission Control Protocol
+TLS Transport Security Layer
+STD Internet Standard
URL Uniform Resource Locator
WWW World Wide Web
!endblock
+
+!block references; data
+Reference Document Jump
+RFC2251 RFC2251 http://www.rfc-editor.org/rfc2251.txt
+RFC2252 RFC2252 http://www.rfc-editor.org/rfc2252.txt
+RFC2253 RFC2253 http://www.rfc-editor.org/rfc2253.txt
+RFC2254 RFC2254 http://www.rfc-editor.org/rfc2254.txt
+RFC2255 RFC2255 http://www.rfc-editor.org/rfc2255.txt
+RFC2256 RFC2256 http://www.rfc-editor.org/rfc2256.txt
+!endblock
This work is derived from the University of Michigan LDAP v3.3
distribution. Information concerning is available at:
-.{{URL:http://www.umich.edu/~dirsvcs/ldap/ldap/}}.
+.{{URL:http://www.umich.edu/~dirsvcs/ldap/}}.
This work also contains materials derived from public sources.
projects / openldap / commitdiff