NOTE: This page is currently undergoing development so be sure to check back for more content:
Anyone who has "goggled" OpenLDAP or LDAP will undoubtedly come to conclusion that in order to understand this concept (let alone implement OpenLDAP or LDAP) will require a lot of research from multiple sources at the very minimum just to have a vague understanding of this concept.
Anyone who has "goggled" OpenLDAP or LDAP will undoubtedly come to conclusion that in order to understand this concept (let alone implement OpenLDAP or LDAP) will require a lot of research from multiple sources at the very minimum just to have a vague understanding of this concept.
- basic overview of the OpenLDAP objects, objectclasses and attributes
- how to install OpenLDAP
- how to start, stop the OpenLDAP Service
- how to view information container within the OpenLDAP Service
- how to create a LDIF file
- how to add/modify/delete information contained within a OpenLDAP Directory Service
LDAP Objects:
Objects are simply network resources or ways to organize network resources. Objects stored or contained within OpenLDAP are divided into two categories or classes which are listed below:
Leaf Objects: These are objects that are typically used to reference network resources such as user accounts, groups, printers, servers, etc. All leaf objects are assigned an abbreviation cn which means common name.
Container Objects: There are objects that are used to organize leaf objects. There are a number of container objects that can be used to organize the high number of leaf objects that are found in most networks but the there are typically three main container objects that are implemented in most network designs which are listed below:
- Domain which uses an abbreviation of dc
- Organization which uses an abbreviation of o
- Organizational Unit which uses an abbreviation of ou
An Ojbectclass is very similar to the concept of adding a library to a program which allows the program to take advantage of special commands contained within the library. For those of you who are not programmers a Objectclass is used to represent information that is assigned to an user object such as a name or a title that would be commonly associated to a user. This information that is associated with an object is know as the attribute and an attribute value. It is important to note the the Objectclass must support the attribute and the attribute value that is being assigned to the object otherwise an error will result (one of my first frustrations of working with LDAP).
Please note that all objects are contained in something that is referred to as the DIT (Directory Information Tree). This is the most "senior" object which contains all other objects (both container and leaf objects).
Please note that all objects are contained in something that is referred to as the DIT (Directory Information Tree). This is the most "senior" object which contains all other objects (both container and leaf objects).
Common Container Object Classes:
- domain (used to define attributes in a dc)
- organization (used to define attributes in a o)
- organizationalUnit (used to define attributes in a ou)
Common Leaf Object Classes:
- person (used to define attributes in a cn or user account)
- organizationalPerson (used to define attributes in a cn or user account)
- inetOrgPerson (used to define attributes in a cn or user account)
- groupOfNames (used to define attributes in a cn or groupg)
How to add an object to LDAP Directory Service (DIT):
In order to add an object to the LDAP DIT you first must create a LDIF file. The function of the LIDF file is to contain information about object that you want to create, update or delete from the DIT. The LDIF file structure will change depending of what you want to do (again add an object, manage the attribute of an object, or remove an object) so you will have a number of LDIF files that will perform a specific task. Please note that you should be located in the LDAP folder on the server before you begin to create your army of LDIF files.
How to create an organization:First create a LDIF file named: oadd.ldif which will be used to create a Organization container object. Within the oadd.ldif file add the following lines (be sure to watch out for typos)
dn: o=corporation,dc=example,dc=com
objectclass: organization
o: corporation
description: Corporation organization for Example.com
So what do the above lines do in the LDIF file?
dn: defines the name of the new object as well as the container object(s) the o will be create in
objectclass: defines the objectclass of the object; in this case organization
o: this is repetative but required information; defines the object type and object name
description: this is optional statement but it defines a description for the object
How to create an organizational unit:
First create a LDIF file named: ouadd.ldif which will be used to create a Organization Unit container object. Within the ouadd.ldif file add the following lines
dn: ou=operations,o=corporation,dc=example,dc=com
objectclass: organizationalUnit
ou: operations
description: Operations; contains objects used for company operations
How to create an organization:First create a LDIF file named: oadd.ldif which will be used to create a Organization container object. Within the oadd.ldif file add the following lines (be sure to watch out for typos)
dn: o=corporation,dc=example,dc=com
objectclass: organization
o: corporation
description: Corporation organization for Example.com
So what do the above lines do in the LDIF file?
dn: defines the name of the new object as well as the container object(s) the o will be create in
objectclass: defines the objectclass of the object; in this case organization
o: this is repetative but required information; defines the object type and object name
description: this is optional statement but it defines a description for the object
How to create an organizational unit:
First create a LDIF file named: ouadd.ldif which will be used to create a Organization Unit container object. Within the ouadd.ldif file add the following lines
dn: ou=operations,o=corporation,dc=example,dc=com
objectclass: organizationalUnit
ou: operations
description: Operations; contains objects used for company operations
Could you please add some information on how to add users good sir? Thanks
ReplyDeleteThank you for sharing valuable detailed information here..
ReplyDeleteI have a CNG Car and I am looking for a CNG Pump Near Me to get fuel in my car.. Can you tell me nearest CNG Pump..