Appendix B. The Ten-Minute LDAP Tutorial

The Lightweight Directory Access Protocol (LDAP) is one of the pre-eminent directory services deployed in the world today. Over time, system administrators are likely to find themselves dealing with LDAP servers and clients in a number of contexts. This tutorial will give you an introduction to the LDAP nomenclature and concepts you’ll need when using the material in Chapter 6.

The action in LDAP takes place around a data structure known as an entry. Figure 2.1 is a picture to keep in mind as we look at an entry’s component parts.

The LDAP entry data structure

Figure B-1. The LDAP entry data structure

An entry has a set of named component parts called attributes that hold the data for that entry. To use database terms, they are like the fields in a database record. In Chapter 6 we’ll use Perl to keep a list of machines in an LDAP directory. Each machine entry will have attributes like name, model, location, owner, etc.

Besides its name, an attribute consists of a type and a set of values that conform to that type. If you are storing employee information, your entry might have a phone attribute that has a type of telephoneNumber. The values of this attribute might be that employee’s phone numbers. A type also has a syntax that dictates what kind of data can be used (strings, numbers, etc.), how it is sorted, and how it is used in a search (is it case-sensitive?).

Each entry ...

Get Perl for System Administration now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.