Presentation is loading. Please wait.

Presentation is loading. Please wait.

LDAP: LDIF & DSML Fall 2004 Rev. 2. LDIF Light-weight Data Interchange Format RFC 2849 Common format to exchange data entry schema.

Published byDustin Gibbs Modified over 9 years ago

Similar presentations

Presentation on theme: "LDAP: LDIF & DSML Fall 2004 Rev. 2. LDIF Light-weight Data Interchange Format RFC 2849 Common format to exchange data entry schema."— Presentation transcript:

1 LDAP: LDIF & DSML Fall 2004 Rev. 2

2 LDIF Light-weight Data Interchange Format RFC 2849 Common format to exchange data entry schema

3 LDIF Limitations Limited to printable text Binary values MUST be Base64 encoded Too closely tied to LDAP Either new records or changes (not both)

4 LDIF Benefits Manipulate directory information in a text file Easily change data sets (mass changing of object attributes) Very simple to learn

5 LDIF Format :

6 LDIF Format : This value is the attribute name in the directory. Examples would be dn, objectClass, phone, sn

7 LDIF Format : This value is the actual value of the attribute. This should be a text string with a few exceptions. Those exceptions usually require the value to be Base64 encoded. The exceptions are NULL, LF, CR, :, < Example of Base64: would need to be base64 encoded the base64 encoded value would be: PHhtbD48L3htbD4=

8 LDIF Operations changetype: modify modrdn add delete add delete replace

9 Example version: 1 # Add a new entry dn: cn=Fiona Jensen, ou=Marketing, dc=airius, dc=com changetype: add objectclass: top objectclass: person objectclass: organizationalPerson cn: Fiona Jensen sn: Jensen uid: fiona telephonenumber: +1 408 555 1212 jpegphoto:< file:///usr/local/directory/photos/fiona.jpg # Delete an existing entry dn: cn=Robert Jensen, ou=Marketing, dc=airius, dc=com changetype: delete # Modify an entry's relative distinguished name dn: cn=Paul Jensen, ou=Product Development, dc=airius, dc=com changetype: modrdn newrdn: cn=Paula Jensen deleteoldrdn: 1

10 # Modify an entry: add an additional value to the postaladdress # attribute, completely delete the description attribute, replace # the telephonenumber attribute with two values, and delete a specific # value from the facsimiletelephonenumber attribute dn: cn=Paula Jensen, ou=Product Development, dc=airius, dc=com changetype: modify add: postaladdress postaladdress: 123 Anystreet $ Sunnyvale, CA $ 94086 - delete: description - replace: telephonenumber telephonenumber: +1 408 555 1234 telephonenumber: +1 408 555 5678 - delete: facsimiletelephonenumber facsimiletelephonenumber: +1 408 555 9876 - # Modify an entry: replace the postaladdress attribute with an empty # set of values (which will cause the attribute to be removed), and # delete the entire description attribute. Note that the first will # always succeed, while the second will only succeed if at least # one value for the description attribute is present. dn: cn=Ingrid Jensen, ou=Product Support, dc=airius, dc=com changetype: modify replace: postaladdress - delete: description -

11 LDIF Entry Example version: 1 # # Extend user objects # dn: cn=testuser,ou=utah,o=apple changetype: modify add: objectClass objectClass: posixAccount uidNumber: 1010 gidNumber: 20 homeDirectory: /Network/Servers/engserver2.apple.com/ENG2.DATA/USERS/testuser - add: objectClass objectClass: apple-user apple-user-homeurl:: PGhvbWVfZGlyPjx1cmw+YWZwOi8vYmlncmVkLmV4YW1wbGUubmV0L0VORzIuREFUQTwvdXJsPjxwYXRoPl VTRVJTL3Rlc3R1c2VyPC9wYXRoPjwvaG9tZV9kaXI+ # apple-user-homeurl:: afp://bigred.example.net/ENG2.DATA USERS/testuser

12 LDIF Schema Representation Similar to the schema files we have made “dn” is cn=schema Add or delete object classes or attributes

13 LDIF Schema Example dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( 1.3.6.1.4.1.63.1000.1.1.1.1.15 NAME 'apple-user-authenticationhint' DESC 'password hint' EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) # # User auxiliary object class. # dn: cn=schema changetype: modify add: objectclasses objectclasses: ( 1.3.6.1.4.1.63.1000.1.1.2.1 NAME 'apple-user' SUP top AUXILIARY DESC 'user account' MAY ( apple-user-homeurl $ apple-user-class $ apple-user-homequota $ apple-user-mailattribute $ apple-user- printattribute $ apple-mcxflags $ apple-mcxsettings $ apple-user-adminlimits $ apple-user-picture $ apple-user- authenticationhint ) )

14 DSML Dan Sinema CNS 4650

15 Why XML? Common representation of data Easy to transfer of data Easy to manipulate data

16 DSML v1 Represent directory entries Represent schema Defined in dsml.dtd, dsml.xdr, dsml.xsd Namespace http://dsml.org/DSML

17 DSML Document Types Type 1 contains only directory entries does not reference schema Type 2 contains only directory entries references schema in external doc Type 3 contains only directory schema Type 4 contains directory entries and schema

18 DSML Document Format... This may also contain a XML attribute named “complete” The value can either be “true” or “false” true - if the document contains all the schema for the entries in the document false - the schema is referenced in an other document

19 DSML Entries Elements Object Classes This may also contain a XML attribute named “ref”, this points to the definition of the objectclass

20 DSML Entries Example person top organizationalPerson Object Classes

21 DSML Entries Example person top organizationalPerson Object Classes

22 DSML Entries Elements Attributes This may also contain a XML attribute named “ref”, this points to the definition of the objectclass

23 DSML Entries Example dsinema@company.com dan@company.com Attributes

24 DSML Entries Example XZKiASLiWNDAL92jJ= Binary values must still be encoded. At this point still in Base64, this limitation is because of LDAP. NOTE: that values in LDIF that were not binary that had to be base64 encoded DO NOT need to be encoded (example is a string starting with a : or <) Attributes

25 DSML Entries Elements Schema

26 DSML Entries Elements Schema - ObjectClass can have one more attribute “obsolete” the value is either true or false the default is false

27 DSML Entries Elements Schema - Attributes can have a couple more attributes “obsolete”, “single-value”, “user-modification”

28 Schema Example Attribute ObjectClass ( 1.3.6.1.4.1.17946.1.2.1 NAME 'cartoon-character' SUP top STRUCTURAL DESC 'Cartoon character and all his/her attributes' MUST ( cartoon-catchPhrase $ cartoon-homeNetwork ) MAY ( cartoon-biography ) ) ( 1.3.6.1.4.1.17946.1.1.1 NAME 'cartoon-catchPhrase' DESC 'Each cartoon character MUST have a catch phrase, an example would be D'oh' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ( 1.3.6.1.4.1.17946.1.1.2 NAME 'cartoon-homeNetwork' DESC 'Each cartoon character must have a home network, and example would be Fox Channel, Disney Channel' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) ( 1.3.6.1.4.1.17946.1.1.3 NAME 'cartoon-biography' DESC 'This is a URL that should point to a web page that contains this characters biography' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

29 cartoon-character Cartoon character and all his/her attributes 1.3.6.1.4.1.17946.1.2.1 cartoon-catchPhrase Each cartoon character MUST have a catch phrase, an example would be D'oh 1.3.6.1.4.1.17946.1.1.1 1.3.6.1.4.1.1466.115.121.1.15 2.5.13.2 cartoon-homeNetwork Each cartoon character must have a home network example Fox Channel 1.3.6.1.4.1.17946.1.1.2 1.3.6.1.4.1.1466.115.121.1.15 2.5.13.2 cartoon-biography This is a URL 1.3.6.1.4.1.17946.1.1.2 1.3.6.1.4.1.1466.115.121.1.15 2.5.13.2 DSML Schema

Download ppt "LDAP: LDIF & DSML Fall 2004 Rev. 2. LDIF Light-weight Data Interchange Format RFC 2849 Common format to exchange data entry schema."

Similar presentations

PHP Modules LDAP and MySQL. External Functions In addition to the usual programming functions (arrays, date and time, typing, mathematical, etc), PHP.

PHP Modules LDAP and MySQL. External Functions In addition to the usual programming functions (arrays, date and time, typing, mathematical, etc), PHP.
LDAP Lightweight Directory Access Protocol LDAP.

LDAP Lightweight Directory Access Protocol LDAP.
Introduction to XLink Transparency No. 1 XML Information Set W3C Recommendation 24 October 2001 (1stEdition) 4 February 2004 (2ndEdition) Cheng-Chia Chen.

Introduction to XLink Transparency No. 1 XML Information Set W3C Recommendation 24 October 2001 (1stEdition) 4 February 2004 (2ndEdition) Cheng-Chia Chen.
GGF2 -GIS WG \ GOS Grid Object Specification Presented by Gregor von Laszewski Developed under discussion by the whole working group and more July, 2001.

GGF2 -GIS WG \ GOS Grid Object Specification Presented by Gregor von Laszewski Developed under discussion by the whole working group and more July, 2001.
Peoplesoft: Building and Consuming Web Services

Peoplesoft: Building and Consuming Web Services
LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH.

LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH.
CIT 470: Advanced Network and System Administration

CIT 470: Advanced Network and System Administration
Configuration Management Supplement 67 Robert Horn, Agfa Healthcare.

Configuration Management Supplement 67 Robert Horn, Agfa Healthcare.
ECA 228 Internet/Intranet Design I Intro to XML. ECA 228 Internet/Intranet Design I HTML markup language very loose standards browsers adjust for non-standard.

ECA 228 Internet/Intranet Design I Intro to XML. ECA 228 Internet/Intranet Design I HTML markup language very loose standards browsers adjust for non-standard.
INFORMATION FOR NETWORK OPERATION. CONTENT Directory service Standard X.500 LDAP.

INFORMATION FOR NETWORK OPERATION. CONTENT Directory service Standard X.500 LDAP.
XP New Perspectives on XML Tutorial 4 1 XML Schema Tutorial – Carey ISBN 0-619- 10187-3 Working with Namespaces and Schemas.

XP New Perspectives on XML Tutorial 4 1 XML Schema Tutorial – Carey ISBN Working with Namespaces and Schemas.
Chapter 9 Web Services Architecture and XML. Objectives By study in the chapter, you will be able to: Describe what is the goal of the Web services architecture.

Chapter 9 Web Services Architecture and XML. Objectives By study in the chapter, you will be able to: Describe what is the goal of the Web services architecture.
LDAP: Information Model Part 2 CNS 4650 Fall 2004 Rev. 2.

LDAP: Information Model Part 2 CNS 4650 Fall 2004 Rev. 2.
1 Week 3 Secure and Efficient Administration of Act. Dir. Work with Active Directory Snap-Ins Custom Consoles and Least Privilege Find Objects in Active.

1 Week 3 Secure and Efficient Administration of Act. Dir. Work with Active Directory Snap-Ins Custom Consoles and Least Privilege Find Objects in Active.
Chapter 5 Java Script And Forms JavaScript, Third Edition.

Chapter 5 Java Script And Forms JavaScript, Third Edition.
Netprog: LDAP1 Lightweight Directory Access Protocol (LDAP) Refs: –Netscape LDAP server docs – U. of Michigan LDAP docs – www.openldap.org docs –RFCs:

Netprog: LDAP1 Lightweight Directory Access Protocol (LDAP) Refs: –Netscape LDAP server docs – U. of Michigan LDAP docs – docs –RFCs:
LDAP Search Criteria Fall 2004 Rev. 2. LDAP Searches Can be performed on Single directory entry Contents of a single container Entire subtree Required.

LDAP Search Criteria Fall 2004 Rev. 2. LDAP Searches Can be performed on Single directory entry Contents of a single container Entire subtree Required.
Introduce LDAP 张海鹏 2008-07-25. SOA Mult - Little system User Manager System (share between other systems) How to store user Information How to access.

Introduce LDAP 张海鹏 SOA Mult - Little system User Manager System (share between other systems) How to store user Information How to access.
SPARCS 10 이대근 (harry). Contents  Directory Service  What is LDAP?  Installation  Configuration  ldap-utils  User authentication with LDAP.

SPARCS 10 이대근 (harry). Contents  Directory Service  What is LDAP?  Installation  Configuration  ldap-utils  User authentication with LDAP.
1 LDAP and Java Naming Services Murali. M.Nagendranath.

1 LDAP and Java Naming Services Murali. M.Nagendranath.

Similar presentations

Ads by Google