You should set this to the DN of the root of the subtree you are
trying to create. For example:
-> suffix "dc=example, dc=com"
+> suffix "dc=example,dc=com"
You should be sure to specify a directory where the index files
should be created:
For example:
-> rootdn "cn=Manager, dc=example, dc=com"
+> rootdn "cn=Manager,dc=example,dc=com"
> rootpw secret
These options specify a DN and password that can be used to
called {{EX:entries.ldif}} with the contents:
> # Organization for Example Corporation
-> dn: dc=example, dc=com
+> dn: dc=example,dc=com
> objectClass: dcObject
> objectClass: organization
> dc: example
> description: The Example Corporation
>
> # Organizational Role for Directory Manager
-> dn: cn=Manager, dc=example, dc=com
+> dn: cn=Manager,dc=example,dc=com
> objectClass: organizationalRole
> cn: Manager
> description: Directory Manager
You should set this to the DN of the root of the subtree you are
trying to create. For example:
-> suffix "dc=example, dc=com"
+> suffix "dc=example,dc=com"
You should be sure to specify a directory where the index files
should be created:
A line may be continued by starting the next line with a {{single}}
space or tab character. For example:
-> dn: cn=Barbara J Jensen, dc=example, dc=
+> dn: cn=Barbara J Jensen,dc=example,dc=
> com
> cn: Barbara J
> Jensen
is equivalent to:
-> dn: cn=Barbara J Jensen, dc=example, dc=com
+> dn: cn=Barbara J Jensen,dc=example,dc=com
> cn: Barbara J Jensen
Multiple attribute values are specified on separate lines. e.g.,
lines. Here's an example of an LDIF file containing three entries.
> # Barbara's Entry
-> dn: cn=Barbara J Jensen, dc=example, dc=com
+> dn: cn=Barbara J Jensen,dc=example,dc=com
> cn: Barbara J Jensen
> cn: Babs Jensen
> objectClass: person
> sn: Jensen
>
> # Bjorn's Entry
-> dn: cn=Bjorn J Jensen, dc=example, dc=com
+> dn: cn=Bjorn J Jensen,dc=example,dc=com
> cn: Bjorn J Jensen
> cn: Bjorn Jensen
> objectClass: person
> ERXRTc4UG1RV19iZ2hnPk1xeXBkeFxlZ2P/2wBDARESEhgVG
>
> # Jennifer's Entry
-> dn: cn=Jennifer J Jensen, dc=example, dc=com
+> dn: cn=Jennifer J Jensen,dc=example,dc=com
> cn: Jennifer J Jensen
> cn: Jennifer Jensen
> objectClass: person
or RDN) and concatenating the names of its ancestor entries. For
example, the entry for Barbara Jensen in the Internet naming example
above has an RDN of {{EX:uid=babs}} and a DN of
-{{EX:uid=babs, ou=People, dc=example, dc=com}}". The full DN format is
+{{EX:uid=babs,ou=People,dc=example,dc=com}}". The full DN format is
described in {{REF:RFC2253}}, "Lightweight Directory Access Protocol (v3):
UTF-8 String Representation of Distinguished Names."
and below {{EX:dc=example,dc=com}} for people with the name {{EX:Barbara
Jensen}}, retrieving the email address of each entry found. LDAP lets
you do this easily. Or you might want to search the entries directly
-below the {{EX:st=California, c=US}} entry for organizations with the
+below the {{EX:st=California,c=US}} entry for organizations with the
string {{EX:Acme}} in their name, and that have a fax number. LDAP lets
you do this too. The next section describes in more detail what you can
do with LDAP and how it might be useful to you.
to contain an LDBM database definition of the form:
..{{EX:database ldbm}}
-..{{EX:suffix "dc=<MY-DOMAIN>, dc=<COM>"}}
-..{{EX:rootdn "cn=Manager, dc=<MY-DOMAIN>, dc=<COM>"}}
+..{{EX:suffix "dc=<MY-DOMAIN>,dc=<COM>"}}
+..{{EX:rootdn "cn=Manager,dc=<MY-DOMAIN>,dc=<COM>"}}
..{{EX:rootpw secret}}
..{{EX:directory /usr/local/var/openldap-ldbm}}
example, for {{EX:example.com}}, use:
..{{EX:database ldbm}}
-..{{EX:suffix "dc=example, dc=com"}}
-..{{EX:rootdn "cn=Manager, dc=example, dc=com"}}
+..{{EX:suffix "dc=example,dc=com"}}
+..{{EX:rootdn "cn=Manager,dc=example,dc=com"}}
..{{EX:rootpw secret}}
..{{EX:directory /usr/local/var/openldap-ldbm}}
{{EX:eng.uni.edu.eu}}, use:
..{{EX:database ldbm}}
-..{{EX:suffix "dc=eng, dc=uni, dc=edu, dc=eu"}}
-..{{EX:rootdn "cn=Manager, dc=eng, dc=uni, dc=edu, dc=eu"}}
+..{{EX:suffix "dc=eng,dc=uni,dc=edu,dc=eu"}}
+..{{EX:rootdn "cn=Manager,dc=eng,dc=uni,dc=edu,dc=eu"}}
..{{EX:rootpw secret}}
..{{EX:directory /usr/local/var/openldap-ldbm}}
special characters from being interpreted by the shell. This should return:
..{{EX:dn:}}
-..{{EX:namingContexts: dc=example, dc=com}}
+..{{EX:namingContexts: dc=example,dc=com}}
. Details regarding running {{slapd}}(8) can be found
in the {{slapd}}(8) manual page and the
. Use your favorite editor and create an LDIF file that contains:
-..{{EX:dn: dc=<MY-DOMAIN>, dc=<COM>}}
+..{{EX:dn: dc=<MY-DOMAIN>,dc=<COM>}}
..{{EX:objectclass: dcObject}}
..{{EX:objectclass: organization}}
..{{EX:o: <MY ORGANIZATION>}}
..{{EX:dc: <MY-DOMAIN>}}
..{{EX:}}
-..{{EX:dn: cn=Manager, dc=<MY-DOMAIN>, dc=<COM>}}
+..{{EX:dn: cn=Manager,dc=<MY-DOMAIN>,dc=<COM>}}
..{{EX:objectclass: organizationalRole}}
..{{EX:cn: Manager}}
with the name of your organization. If you cut and paste, be sure
to trim any leading and trailing whitespace from the example.
-..{{EX:dn: dc=example, dc=com}}
+..{{EX:dn: dc=example,dc=com}}
..{{EX:objectclass: dcObject}}
..{{EX:objectclass: organization}}
..{{EX:o: Example Company}}
..{{EX:dc: example}}
..{{EX:}}
-..{{EX:dn: cn=Manager, dc=example, dc=com}}
+..{{EX:dn: cn=Manager,dc=example,dc=com}}
..{{EX:objectclass: organizationalRole}}
..{{EX:cn: Manager}}
. Now, you may run {{ldapadd}}(1) to insert these entries into
your directory.
-..{{EX:ldapadd -D "cn=Manager, dc=<MY-DOMAIN>, dc=<COM>" -W -f example.ldif}}
+..{{EX:ldapadd -D "cn=Manager,dc=<MY-DOMAIN>,dc=<COM>" -W -f example.ldif}}
. Be sure to replace {{EX:<MY-DOMAIN>}} and {{EX:<COM>}} with the
appropriate domain components of your domain name. You will be
prompted for the "{{EX:secret}}" specified in {{F:slapd.conf}}.
For example, for {{EX:example.com}}, use:
-..{{EX:ldapadd -x -D "cn=Manager, dc=example, dc=com" -W -f example.ldif}}
+..{{EX:ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f example.ldif}}
. where {{F:example.ldif}} is the file you created above.
..{{EX: }}
to another server {{EX:b.example.net}}, the following named referral
object would be added to {{EX:a.example.net}}:
-> dn: dc=subtree, dc=example, dc=net
+> dn: dc=subtree,dc=example,dc=net
> objectClass: referral
> objectClass: extensibleObject
> dc: subtree
to the entry {{EX:dc=subtree,dc=example,dc=net}} in server B indicating
that A holds the immediate superior naming context.
-> dn: dc=subtree, dc=example, dc=net
+> dn: dc=subtree,dc=example,dc=net
> changetype: modify
> add: ref
> ref: ldap://a.example.net/
> replica: slave.example.com:389
> time: 809618633
-> dn: uid=bjensen, dc=example, dc=com
+> dn: uid=bjensen,dc=example,dc=com
> changetype: modify
> replace: multiLineDescription
> description: A dreamer...
> -
> replace: modifiersName
-> modifiersName: uid=bjensen, dc=example, dc=com
+> modifiersName: uid=bjensen,dc=example,dc=com
> -
> replace: modifyTimestamp
> modifyTimestamp: 20000805073308Z
> ERROR: No such attribute
> replica: slave.example.com:389
> time: 809618633
-> dn: uid=bjensen, dc=example, dc=com
+> dn: uid=bjensen,dc=example,dc=com
> changetype: modify
> replace: description
> description: A dreamer...
> -
> replace: modifiersName
-> modifiersName: uid=bjensen, dc=example, dc=com
+> modifiersName: uid=bjensen,dc=example,dc=com
> -
> replace: modifyTimestamp
> modifyTimestamp: 20000805073308Z
Name OID Description
binary 1.3.6.1.4.1.1466.115.121.1.5 BER/DER data
boolean 1.3.6.1.4.1.1466.115.121.1.7 boolean value
-distinguishedName 1.3.6.1.4.1.1466.115.121.1.15 DN
+distinguishedName 1.3.6.1.4.1.1466.115.121.1.12 DN
directoryString 1.3.6.1.4.1.1466.115.121.1.15 UTF-8 string
IA5String 1.3.6.1.4.1.1466.115.121.1.26 ASCII string
Integer 1.3.6.1.4.1.1466.115.121.1.27 integer
Entry-based Example:
-> rootdn "cn=Manager, dc=example, dc=com"
+> rootdn "cn=Manager,dc=example,dc=com"
SASL-based Example:
\Example:
-> suffix "dc=example, dc=com"
+> suffix "dc=example,dc=com"
-Queries with a DN ending in "dc=example, dc=com"
+Queries with a DN ending in "dc=example,dc=com"
will be passed to this backend.
Note: When the backend to pass a query to is selected, slapd
Entry-based Example:
-> updatedn "cn=Update Daemon, dc=example, dc=com"
+> updatedn "cn=Update Daemon,dc=example,dc=com"
SASL-based Example:
should be used to separate components. An example
normalized DN is "cn=Babs Jensen,dc=example,dc=com".
An example of a non-normalized DN is
-"cn=Babs Jensen; dc=example, dc=com".
+"cn=Babs Jensen,dc=example,dc=com".
Or, entries may be selected by a filter matching some
attribute(s) in the entry:
> by dn=".*,dc=example,dc=com" search
> by anonymous auth
-This example applies to entries in the "{{EX:dc=example, dc=com}}"
+This example applies to entries in the "{{EX:dc=example,dc=com}}"
subtree. To all attributes except {{EX:homePhone}}, the entry itself
can write them, other {{EX:example.com}} entries can search by them,
anybody else has no access ((implicit {{EX:by * none}}) excepting for
E: 5. # ldbm definition for the example.com
E: 6. database ldbm
-E: 7. suffix "dc=example, dc=com"
+E: 7. suffix "dc=example,dc=com"
E: 8. directory /usr/local/var/openldap
-E: 9. rootdn "cn=Manager, dc=example, dc=com"
+E: 9. rootdn "cn=Manager,dc=example,dc=com"
E: 10. rootpw secret
E: 11. # replication directives
E: 12. replogfile /usr/local/var/openldap/slapd.replog
E: 13. replica host=slave1.example.com:389
-E: 14. binddn="cn=Replicator, dc=example, dc=com"
+E: 14. binddn="cn=Replicator,dc=example,dc=com"
E: 15. bindmethod=simple credentials=secret
E: 16. replica host=slave2.example.com
-E: 17. binddn="cn=Replicator, dc=example, dc=com"
+E: 17. binddn="cn=Replicator,dc=example,dc=com"
E: 18. bindmethod=simple credentials=secret
E: 19. # indexed attribute definitions
E: 20. index uid pres,eq
E: 33. # ldbm definition for example.net
E: 34. database ldbm
-E: 35. suffix "dc=example, dc=net"
+E: 35. suffix "dc=example,dc=net"
E: 36. directory /usr/local/var/ldbm-example-net
-E: 37. rootdn "cn=Manager, dc=example, dc=com"
+E: 37. rootdn "cn=Manager,dc=example,dc=com"
E: 38. access to * by users read
projects / openldap / commitdiff