|
The Lightweight Directory Access Protocol ("LDAP") package (SUNWlldap) includes various command line LDAP clients and a LDAP client library to provide programmatic access to the LDAP protocol. This man page gives an overview of the LDAP client library functions.
An application might use the LDAP client library functions as follows. The application would initialize a LDAP session with a LDAP server by calling ldap_init(3LDAP). Next, it
authenticates to the LDAP server by calling ldap_sasl_bind(3LDAP) and friends. It may perform some LDAP operations and obtain results by calling ldap_search(3LDAP) and friends. To parse the results returned from these functions, it calls ldap_parse_result(3LDAP),ldap_next_entry(3LDAP), and ldap_first_entry (3LDAP) and
others. It closes the LDAP session by calling ldap_unbind(3LDAP).
LDAP operations can be either synchronous or asynchronous. By convention, the names of the sychronous functions end with "_s." For example, a synchronous binding to the LDAP server can be performed by calling tldap_sasl_bind_s(3LDAP). Complete an asynchronous binding with ldap_sasl_bind(3LDAP). All synchronous functions return the actual outcome of
the operation, either LDAP_SUCCESS or an error code. Asynchronous routines provide an invocation identifier which can be used to obtain the result of a specific operation by passing it to theldap_result(3LDAP) function.
Initializing a LDAP session
|
Initializing a LDAP session involves calling the ldap_init(3LDAP) function. However, the call does not actually open a connection to the LDAP server. It merely initializes a LDAP
structure that represents the session. The connection is opened when the first operation is attempted. Unlike ldap_init(), ldap_open(3LDAP) attempts to open a connection
with the LDAP server. However, the use of ldap_open() is deprecated.
|
Authenticating to a LDAP server
Searching a LDAP directory
Adding or Deleting an entry
Modifying Entries
Obtaining Results
|
Use ldap_result(3LDAP) to obtain the results of a previous asynchronous operation. For all LDAP operations other than search, only one message is returned. For the search operation,
a list of result messages can be returned.
|
Handling Errors and Parsing Results
Uniform Resource Locators (URLS)
|
You can use the ldap_url(3LDAP)functions to test a URL to verify that it is an LDAP URL, to parse LDAP URLs into their component pieces, to initiate searches directly using an LDAP
URL, and to retrieve the URL associated with a DNS domain name or a distinguished name.
|
User Friendly Naming
|
The ldap_ufn(3LDAP) functions implement a user friendly naming scheme by means of LDAP. This scheme allows you to look up entries using fuzzy, untyped names like "mark smith,
umich, us".
|
Caching
|
The ldap_memcache(3LDAP) functions provide an in-memory client side cache to store search requests. Caching improves performance and reduces network bandwidth when a
client makes repeated requests.
|
Utility Functions
|
There are also various utility functions. You can use the ldap_sort(3LDAP) functions are used to sort the entries and values returned by means of the ldap search functions.
The ldap_friendly(3LDAP) functions will map from short two letter country codes or other strings to longer "friendlier" names. Use the ldap_charset(3LDAP) functions to translate to and from the T.61 character set that is used for many character strings in the LDAP protocol.
|
Generating Filters
BER Library
|
The LDAP package includes a set of lightweight Basic Encoding Rules ("BER)" functions. The LDAP library functions use the BER functions to encode and decode LDAP protocol elements through the slightly simplified BER defined by LDAP. They are not normally used directly by An LDAP
application program will not normally use the BER functions directly. Instead, these functions provide a printf() and scanf()-like interface, as well as lower-level access.
|
|