2018 LDAP(1)Introduction
LDAP protocol - Lightweight Directory Access Protocol
high read performance, high search performance. Less write, more read.
Some popular Use Case:
Company Employee Information, name, phone, emails
Private/Public Key Pair
Company Hardware Information, server, IP address, location, made, purchase time and etc.
Entry
Item, all CRUD operation is on top of this item.
dn - distinguished Name, DN, dn: “cn=baby, ou=marketing,ou=people,dc=mydomain,dc=org”
rdn - on the most left side, cn=baby
Base DN: top root, dc=mydomain, dc=org
Attribute
commonName - cn - Directory String - name - Carl
surname. - sn - Directory String - last name - Luo
organizationUnitName - ou - Directory String - Department - Engineering
organization - o - Directory String - Org - example
telephoneNumber
objectClass Internal properties
Some more detail
https://segmentfault.com/a/1190000002607140
Schema - ObjectClass, AttributeType, Syntax - /etc/ldap/schema/
Backend and database
slapd will response to requests, data operations are handled by Backends and database.
https://linux.die.net/man/5/slapd.backends
TLS & SASL
SSL/TLS
LDIF - LDAP Data Interchange Format
Some sample format
# cat add_entry.ldif
dn: ou=Marketing, dc=example,dc=com
changetype: add
objectclass: top
objectclass: organizationalUnit
ou: Marketing
dn: cn=Pete Minsky,ou=Marketing,dc=example,dc=com
changetype: add
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Pete Minsky
sn: Pete
ou: Marketing
description: sb, sx
description: sx
uid: pminsky
ldapmodify -xWD 'cn=admin,dc=example,dc=com' -f add_entry.ldif
Some tools
http://directory.apache.org/studio/users-guide.html
Format
ldap://servername/DN
DN distinguished Name - CN, OU, DC
DC - Domain Component
CN - Common Name
OU - Organizational Unit
DC=redmond, DC=wa, DC=microsoft, DC=com
Com\Microsoft\Wa\Redmond
CN=test, OU=developer, DC=domainname, DC=com
One user test is under department developer of domain name domainname.com
LDAPJS
http://ldapjs.org/
http://ldapjs.org/guide.html
https://teakki.com/p/57dfa8253c20b02e90a0d18a
References:
http://blog.51cto.com/jueshizhanhun/1232041
https://www.suse.com/zh-cn/documentation/sles10/book_sle_reference/data/sec.ldap.tree.html
https://www.suse.com/zh-cn/documentation/sles10/book_sle_reference/data/cha.ldap.html
http://blog.51cto.com/407711169/1439623
http://blog.sina.com.cn/s/blog_6d6f5d7d0100m63i.html
LDAP protocol - Lightweight Directory Access Protocol
high read performance, high search performance. Less write, more read.
Some popular Use Case:
Company Employee Information, name, phone, emails
Private/Public Key Pair
Company Hardware Information, server, IP address, location, made, purchase time and etc.
Entry
Item, all CRUD operation is on top of this item.
dn - distinguished Name, DN, dn: “cn=baby, ou=marketing,ou=people,dc=mydomain,dc=org”
rdn - on the most left side, cn=baby
Base DN: top root, dc=mydomain, dc=org
Attribute
commonName - cn - Directory String - name - Carl
surname. - sn - Directory String - last name - Luo
organizationUnitName - ou - Directory String - Department - Engineering
organization - o - Directory String - Org - example
telephoneNumber
objectClass Internal properties
Some more detail
https://segmentfault.com/a/1190000002607140
Schema - ObjectClass, AttributeType, Syntax - /etc/ldap/schema/
Backend and database
slapd will response to requests, data operations are handled by Backends and database.
https://linux.die.net/man/5/slapd.backends
TLS & SASL
SSL/TLS
LDIF - LDAP Data Interchange Format
Some sample format
# cat add_entry.ldif
dn: ou=Marketing, dc=example,dc=com
changetype: add
objectclass: top
objectclass: organizationalUnit
ou: Marketing
dn: cn=Pete Minsky,ou=Marketing,dc=example,dc=com
changetype: add
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Pete Minsky
sn: Pete
ou: Marketing
description: sb, sx
description: sx
uid: pminsky
ldapmodify -xWD 'cn=admin,dc=example,dc=com' -f add_entry.ldif
Some tools
http://directory.apache.org/studio/users-guide.html
Format
ldap://servername/DN
DN distinguished Name - CN, OU, DC
DC - Domain Component
CN - Common Name
OU - Organizational Unit
DC=redmond, DC=wa, DC=microsoft, DC=com
Com\Microsoft\Wa\Redmond
CN=test, OU=developer, DC=domainname, DC=com
One user test is under department developer of domain name domainname.com
LDAPJS
http://ldapjs.org/
http://ldapjs.org/guide.html
https://teakki.com/p/57dfa8253c20b02e90a0d18a
References:
http://blog.51cto.com/jueshizhanhun/1232041
https://www.suse.com/zh-cn/documentation/sles10/book_sle_reference/data/sec.ldap.tree.html
https://www.suse.com/zh-cn/documentation/sles10/book_sle_reference/data/cha.ldap.html
http://blog.51cto.com/407711169/1439623
http://blog.sina.com.cn/s/blog_6d6f5d7d0100m63i.html