ldap man page on Solaris
[printable version]
ldap(3LDAP) LDAP Library Functions ldap(3LDAP)
NAME
ldap - Lightweight Directory Access Protocol package
SYNOPSIS
cc[ flag... ] file... -lldap[ library... ]
#include <lber.h>
#include <ldap.h>
DESCRIPTION
The Lightweight Directory Access Protocol ("LDAP") package (SUNWlldap)
includes various command line LDAP clients and a LDAP client library to
provide programmatic access to the LDAP protocol. This man page gives
an overview of the LDAP client library functions.
An application might use the LDAP client library functions as follows.
The application would initialize a LDAP session with a LDAP server by
calling ldap_init(3LDAP). Next, it authenticates to the LDAP server by
calling ldap_sasl_bind(3LDAP) and friends. It may perform some LDAP
operations and obtain results by calling ldap_search(3LDAP) and
friends. To parse the results returned from these functions, it calls
ldap_parse_result(3LDAP),ldap_next_entry(3LDAP), and
ldap_first_entry(3LDAP) and others. It closes the LDAP session by call‐
ing ldap_unbind(3LDAP).
LDAP operations can be either synchronous or asynchronous. By conven‐
tion, the names of the sychronous functions end with "_s." For example,
a synchronous binding to the LDAP server can be performed by calling
ldap_sasl_bind_s(3LDAP). Complete an asynchronous binding with
ldap_sasl_bind(3LDAP). All synchronous functions return the actual out‐
come of the operation, either LDAP_SUCCESS or an error code. Asynchro‐
nous routines provide an invocation identifier which can be used to
obtain the result of a specific operation by passing it to thel‐
dap_result(3LDAP) function.
Initializing a LDAP session
Initializing a LDAP session involves calling the ldap_init(3LDAP) func‐
tion. However, the call does not actually open a connection to the LDAP
server. It merely initializes a LDAP structure that represents the ses‐
sion. The connection is opened when the first operation is attempted.
Unlike ldap_init(), ldap_open(3LDAP) attempts to open a connection with
the LDAP server. However, the use of ldap_open() is deprecated.
Authenticating to a LDAP server
The ldap_sasl_bind(3LDAP) and ldap_sasl_bind_s(3LDAP) functions provide
general and extensible authenticaton for an LDAP client to a LDAP
server. Both use the Simple Authentication Security Layer (SASL). Sim‐
plified routines ldap_simple_bind(3LDAP) and ldap_simple_bind_s(3LDAP)
use cleartext passwords to bind to the LDAP server. Use of
ldap_bind(3LDAP) and ldap_bind_s(3LDAP)(3LDAP) is deprecated.
Searching a LDAP directory
Search for an entry in a LDAP directory by calling the
ldap_search_ext(3LDAP) or the ldap_search_ext_s(3LDAP) functions. These
functions support LDAPv3 server controls, client controls and variable
size and time limits as arguments for each search operation.
ldap_search(3LDAP) and ldap_search_s(3LDAP) are identical functions but
do not support the controls and limits as arguments to the call.
Adding or Deleting an entry
Use ldap_add_ext(3LDAP) and ldap_delete_ext(3LDAP) to add or delete
entries in a LDAP directory server. The synchronous counterparts to
these functions are ldap_add_ext_s(3LDAP) and ldap_delete_ext_s(3LDAP).
The ldap_add(3LDAP), ldap_add_s(3LDAP), ldap_delete(3LDAP), and
ldap_delete_s(3LDAP) provide identical functionality to add and to
delete entries, but they do not support LDAP v3 server and client con‐
trols.
Modifying Entries
Use ldap_modify_ext(3LDAP)
and ldap_modify_ext_s(3LDAP) to modify an existing entry in a LDAP
server that supports for LDAPv3 server and client controls. Similarly,
use ldap_rename(3LDAP) and ldap_rename_s(3LDAP) to change the name of
an LDAP entry. The ldap_modrdn(3LDAP), ldap_modrdn_s(3LDAP), ldap_mod‐
rdn2(3LDAP) and ldap_modrdn2_s(3LDAP) interfaces are deprecated.
Obtaining Results
Use ldap_result(3LDAP) to obtain the results of a previous asynchronous
operation. For all LDAP operations other than search, only one message
is returned. For the search operation,
a list of result messages can be returned.
Handling Errors and Parsing Results
Use the ldap_parse_result(3LDAP), ldap_parse_sasl_bind_result(3LDAP),
and the ldap_parse_extended_result(3LDAP) functions to extract required
information from results and and to handle the returned errors. To
covert a numeric error code into a null-terminated character string
message describing the error, use ldap_err2string(3LDAP). The
ldap_result2error(3LDAP) and ldap_perror(3LDAP) functions are depre‐
cated. To step through the list of messages in a result returned by
ldap_result(), use ldap_first_message(3LDAP) and ldap_next_mes‐
sage(3LDAP). ldap_count_messages(3LDAP) returns the number of messages
contained in the list.
You can use ldap_first_entry(3LDAP) and ldap_next_entry(3LDAP) to step
through and obtain a list of entries from a list of messages returned
by a search result. ldap_count_entries(3LDAP) returns the number of
entries contained in a list of messages. Call either
ldap_first_attribute(3LDAP) and ldap_next_attribute(3LDAP) to step
through a list of attributes associated with an entry. Retrieve the
values of a given attribute by calling ldap_get_values(3LDAP) and
ldap_get_values_len(3LDAP). Count the number of values returned by
using ldap_count_values(3LDAP) and ldap_count_values_len(3LDAP).
Use the ldap_get_lang_values(3LDAP) and ldap_get_lang_values_len(3LDAP)
to return an attribute's values that matches a specified language sub‐
type. The ldap_get_lang_values() function returns an array of
an attribute's string values that matches a specified language sub‐
type. To retrieve the binary data from an attribute, call the
ldap_get_lang_values_len() function instead.
Uniform Resource Locators (URLS)
You can use the ldap_url(3LDAP)functions to test a URL to verify that
it is an LDAP URL, to parse LDAP URLs into their component pieces, to
initiate searches directly using an LDAP URL, and to retrieve the URL
associated with a DNS domain name or a distinguished name.
User Friendly Naming
The ldap_ufn(3LDAP) functions implement a user friendly naming scheme
by means of LDAP. This scheme allows you to look up entries using
fuzzy, untyped names like "mark smith, umich, us".
Caching
The ldap_memcache(3LDAP) functions provide an in-memory client side
cache to store search requests. Caching improves performance and
reduces network bandwidth when a client makes repeated requests.
Utility Functions
There are also various utility functions. You can use the
ldap_sort(3LDAP) functions are used to sort the entries and values
returned by means of the ldap search functions. The
ldap_friendly(3LDAP) functions will map from short two letter country
codes or other strings to longer "friendlier" names. Use the
ldap_charset(3LDAP) functions to translate to and from the T.61 charac‐
ter set that is used for many character strings in the LDAP protocol.
Generating Filters
Make calls to ldap_init_getfilter(3LDAP) and ldap_search(3LDAP) to gen‐
erate filters to be used in ldap_search(3LDAP) and
ldap_search_s(3LDAP). ldap_init_getfilter() reads ldapfilter.conf(4),
the LDAP configuration file, while ldap_init_getfilter_buf() reads the
configuration information from buf of length buflen. ldap_getfil‐
ter_free(3LDAP) frees memory that has been allocated by means of
ldap_init_getfilter().
BER Library
The LDAP package includes a set of lightweight Basic Encoding Rules
("BER)" functions. The LDAP library functions use the BER functions to
encode and decode LDAP protocol elements through the slightly simpli‐
fied BER defined by LDAP. They are not normally used directly by an
LDAP application program will not normally use the BER functions
directly. Instead, these functions provide a printf() and scanf()-like
interface, as well as lower-level access.
LIST OF INTERFACES
ldap_open(3LDAP) Deprecated. Use
ldap_init(3LDAP).
ldap_init(3LDAP) Initialize a session with a
LDAP server without opening a
connection to a server.
ldap_result(3LDAP) Obtain the result from a previ‐
ous asynchronous operation.
ldap_abandon(3LDAP) Abandon or abort an asynchro‐
nous operation.
ldap_add(3LDAP) Asynchronously add an entry
ldap_add_s(3LDAP) Synchronously add an entry.
ldap_add_ext(3LDAP) Asynchronously add an entry
with support for LDAPv3 con‐
trols.
ldap_add_ext_s(3LDAP) Synchronously add an entry with
support for LDAPv3 controls.
ldap_bind(3LDAP) Deprecated. Use
ldap_sasl_bind(3LDAP) or
ldap_simple_bind(3LDAP).
ldap_sasl_bind(3LDAP) Asynchronously bind to the
directory using SASL authenti‐
cation
ldap_sasl_bind_s(3LDAP) Synchronously bind to the
directory using SASL authenti‐
cation
ldap_bind_s(3LDAP) Deprecated. Use
ldap_sasl_bind_s(3LDAP) or
ldap_simple_bind_s(3LDAP).
ldap_simple_bind(3LDAP) Asynchronously bind to the
directory using simple authen‐
tication.
ldap_simple_bind_s(3LDAP) Synchronously bind to the
directory using simple authen‐
tication.
ldap_unbind(3LDAP) Synchronously unbind from the
LDAP server, close the connec‐
tion, and dispose the session
handle.
ldap_unbind_ext(3LDAP) Synchronously unbind from the
LDAP server and close the con‐
nection. ldap_unbind_ext()
allows you to explicitly
include both server and client
controls in the unbind request.
ldap_set_rebind_proc(3LDAP) Set callback function for
obtaining credentials from a
referral.
ldap_memcache_init(3LDAP) Create the in-memory client
side cache.
ldap_memcache_set(3LDAP) Associate an in-memory cache
that has been already created
by calling the ldap_mem‐
cache_init(3LDAP) function with
an LDAP connection handle.
ldap_memcache_get(3LDAP) Get the cache associated with
the specified LDAP structure.
ldap_memcache_flush(3LDAP) Flushes search requests from
the cache.
ldap_memcache_destroy(3LDAP) Frees the specified LDAPMem‐
Cache structure pointed to by
cache from memory.
ldap_memcache_update(3LDAP) Checks the cache for items that
have expired and removes them.
ldap_compare(3LDAP) Asynchronous compare with a
directory entry.
ldap_compare_s(3LDAP) Synchronous compare with a
directory entry.
ldap_compare_ext(3LDAP) Asynchronous compare with a
directory entry, with support
for LDAPv3 controls.
ldap_compare_ext_s(3LDAP) Synchronous compare with a
directory entry, with support
for LDAPv3 controls.
ldap_control_free(3LDAP) Dispose of an LDAP control.
ldap_controls_free(3LDAP) Dispose of an array of LDAP
controls.
ldap_delete(3LDAP) Asynchronously delete an entry.
ldap_delete_s(3LDAP) Synchronously delete an entry.
ldap_delete_ext(3LDAP) Asynchronously delete an entry,
with support for LDAPv3 con‐
trols.
ldap_delete_ext_s(3LDAP) Synchronously delete an entry,
with support for LDAPv3 con‐
trols.
ldap_init_templates(3LDAP) Read a sequence of templates
from a LDAP template configura‐
tion file.
ldap_init_templates_buf(3LDAP) Read a sequence of templates
from a buffer.
ldap_free_templates(3LDAP) Dispose of the templates allo‐
cated.
ldap_first_reference(3LDAP) Step through a list of continu‐
ation references from a search
result.
ldap_next_reference(3LDAP) Step through a list of continu‐
ation references from a search
result.
ldap_count_references(3LDAP) Count the number of messages in
a search result.
ldap_first_message(3LDAP) Step through a list of messages
in a search result.
ldap_count_messages(3LDAP) Count the messages in a list of
messages in a search result.
ldap_next_message(3LDAP) Step through a list of messages
in a search result.
ldap_msgtype(3LDAP) Return the type of LDAP mes‐
sage.
ldap_first_disptmpl(3LDAP) Get first display template in a
list.
ldap_next_disptmpl(3LDAP) Get next display template in a
list.
ldap_oc2template(3LDAP) Return template appropriate for
the objectclass.
ldap_name2template(3LDAP) Return named template
ldap_tmplattrs(3LDAP) Return attributes needed by the
template.
ldap_first_tmplrow(3LDAP) Return first row of displayable
items in a template.
ldap_next_tmplrow(3LDAP) Return next row of displayable
items in a template.
ldap_first_tmplcol(3LDAP) Return first column of dis‐
playable items in a template.
ldap_next_tmplcol(3LDAP) Return next column of dis‐
playable items in a template.
ldap_entry2text(3LDAP) Display an entry as text by
using a display template.
ldap_entry2text_search(3LDAP) Search for and display an entry
as text by using a display tem‐
plate.
ldap_vals2text(3LDAP) Display values as text.
ldap_entry2html(3LDAP) Display an entry as HTML
(HyperText Markup Language) by
using a display template.
ldap_entry2html_search(3LDAP) Search for and display an entry
as HTML by using a display tem‐
plate.
ldap_vals2html(3LDAP) Display values as HTML.
ldap_perror(3LDAP) Deprecated. Use
ldap_parse_result(3LDAP).
ldap_result2error(3LDAP) Deprecated. Use
ldap_parse_result(3LDAP).
ldap_err2string(3LDAP) Convert LDAP error indication
to a string.
ldap_first_attribute(3LDAP) Return first attribute name in
an entry.
ldap_next_attribute(3LDAP) Return next attribute name in
an entry.
ldap_first_entry(3LDAP) Return first entry in a chain
of search results.
ldap_next_entry(3LDAP) Return next entry in a chain of
search results.
ldap_count_entries(3LDAP) Return number of entries in a
search result.
ldap_friendly_name(3LDAP) Map from unfriendly to friendly
names.
ldap_free_friendlymap(3LDAP) Free resources used by
ldap_friendly(3LDAP).
ldap_get_dn(3LDAP) Extract the DN from an entry.
ldap_explode_dn(3LDAP) Convert a DN into its component
parts.
ldap_explode_dns(3LDAP) Convert a DNS-style DN into its
component parts (experimental).
ldap_is_dns_dn(3LDAP) Check to see if a DN is a DNS-
style DN (experimental).
ldap_dns_to_dn(3LDAP) Convert a DNS domain name into
an X.500 distinguished name.
ldap_dn2ufn(3LDAP) Convert a DN into user friendly
form.
ldap_get_values(3LDAP) Return an attribute's values.
ldap_get_values_len(3LDAP) Return an attribute's values
with lengths.
ldap_value_free(3LDAP) Free memory allocated by
ldap_get_values(3LDAP).
ldap_value_free_len(3LDAP) Free memory allocated by
ldap_get_values_len(3LDAP).
ldap_count_values(3LDAP) Return number of values.
ldap_count_values_len(3LDAP) Return number of values.
ldap_init_getfilter(3LDAP) Initialize getfilter functions
from a file.
ldap_init_getfilter_buf(3LDAP) Initialize getfilter functions
from a buffer.
ldap_getfilter_free(3LDAP) Free resources allocated by
ldap_init_getfilter(3LDAP).
ldap_getfirstfilter(3LDAP) Return first search filter.
ldap_getnextfilter(3LDAP) Return next search filter.
ldap_build_filter(3LDAP) Construct an LDAP search filter
from a pattern.
ldap_setfilteraffixes(3LDAP) Set prefix and suffix for
search filters.
ldap_modify(3LDAP) Asynchronously modify an entry.
ldap_modify_s(3LDAP) Synchronously modify an entry.
ldap_modify_ext(3LDAP) Asynchronously modify an entry,
return value, and place mes‐
sage.
ldap_modify_ext_s(3LDAP) Synchronously modify an entry,
return value, and place mes‐
sage.
ldap_mods_free(3LDAP) Free array of pointers to mod
structures used by ldap_mod‐
ify(3LDAP).
ldap_modrdn2(3LDAP) Deprecated. Use
ldap_rename(3LDAP) instead.
ldap_modrdn2_s(3LDAP) Deprecated. Use
ldap_rename_s(3LDAP) instead.
ldap_modrdn(3LDAP) Deprecated. Use
ldap_rename(3LDAP) instead.
ldap_modrdn_s(3LDAP) Depreciated. Use
ldap_rename_s(3LDAP) instead.
ldap_rename(3LDAP) Asynchronously modify the name
of an LDAP entry.
ldap_rename_s(3LDAP) Synchronously modify the name
of an LDAP entry.
ldap_msgfree(3LDAP) Free result messages.
ldap_parse_result(3LDAP) Search for a message to parse.
ldap_parse_extended_result(3LDAP) Search for a message to parse.
ldap_parse_sasl_bind_result(3LDAP) Search for a message to parse.
ldap_search(3LDAP) Asynchronously search the
directory.
ldap_search_s(3LDAP) Synchronously search the direc‐
tory.
ldap_search_ext(3LDAP) Asynchronously search the
directory with support for
LDAPv3 controls.
ldap_search_ext_s(3LDAP) Synchronously search the direc‐
tory with support for LDAPv3
controls.
ldap_search_st(3LDAP) Synchronously search the direc‐
tory with support for a local
timeout value.
ldap_ufn_search_s(3LDAP) User friendly search the direc‐
tory.
ldap_ufn_search_c(3LDAP) User friendly search the direc‐
tory with cancel.
ldap_ufn_search_ct(3LDAP) User friendly search the direc‐
tory with cancel and timeout.
ldap_ufn_setfilter(3LDAP) Set filter file used by
ldap_ufn(3LDAP) functions.
ldap_ufn_setprefix(3LDAP) Set prefix used by
ldap_ufn(3LDAP) functions.
ldap_ufn_timeout(3LDAP) Set timeout used by
ldap_ufn(3LDAP) functions.
ldap_is_ldap_url(3LDAP) Check a URL string to see if it
is an LDAP URL.
ldap_url_parse(3LDAP) Break up an LDAP URL string
into its components.
ldap_free_urldesc(3LDAP) Free an LDAP URL structure.
ldap_url_search(3LDAP) Asynchronously search by using
an LDAP URL.
ldap_url_search_s(3LDAP) Synchronously search by using
an LDAP URL.
ldap_url_search_st(3LDAP) Asynchronously search by using
an LDAP URL, with support for a
local timeout value.
ldap_dns_to_url(3LDAP) Locate the LDAP URL associated
with a DNS domain name.
ldap_dn_to_url(3LDAP) Locate the LDAP URL associated
with a distinguished name.
ldap_init_searchprefs(3LDAP) Initialize searchprefs func‐
tions from a file.
ldap_init_searchprefs_buf(3LDAP) Initialize searchprefs func‐
tions from a buffer.
ldap_free_searchprefs(3LDAP) Free memory allocated by
searchprefs functions.
ldap_first_searchobj(3LDAP) Return first searchpref object.
ldap_next_searchobj(3LDAP) Return next searchpref object.
ldap_sort_entries(3LDAP) Sort a list of search results.
ldap_sort_values(3LDAP) Sort a list of attribute val‐
ues.
ldap_sort_strcasecmp(3LDAP) Case insensitive string compar‐
ison.
ldap_set_string_translators(3LDAP) Set character set translation
functions used by LDAP library.
ldap_translate_from_t61(3LDAP) Translate from the T.61 charac‐
ter set to another character
set.
ldap_translate_to_t61(3LDAP) Translate to the T.61 character
set from another character set.
ldap_enable_translation(3LDAP) Enable or disable character
translation for an LDAP entry
result.
ldap_version(3LDAP) Get version information about
the LDAP SDK for C.
ldap_get_lang_values(3LDAP) Return an attribute's value
that matches a specified lan‐
guage subtype.
ldap_get_lang_values_len(3LDAP) Return an attribute's value
that matches a specified lan‐
guage subtype along with
lengths.
ldap_get_entry_controls(3LDAP) Get the LDAP controls included
with a directory entry in a
set of search results.
ldap_get_option(3LDAP) Get session preferences in an
LDAP structure.
ldap_set_option(3LDAP) Set session preferences in an
LDAP structure.
ldap_memfree(3LDAP) Free memory allocated by LDAP
API functions.
ATTRIBUTES
See attributes(5) for a description of the following attributes:
┌─────────────────────────────┬─────────────────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE │
├─────────────────────────────┼─────────────────────────────┤
│VALUE │ │
├─────────────────────────────┼─────────────────────────────┤
│Availability │SUNWcsl (32-bit) │
├─────────────────────────────┼─────────────────────────────┤
│ │SUNWcslx (64-bit) │
├─────────────────────────────┼─────────────────────────────┤
│Stability Level │Evolving │
└─────────────────────────────┴─────────────────────────────┘
SEE ALSO
attributes(5)
SunOS 5.10 27 Jan 2002 ldap(3LDAP)
[top]
List of man pages available for Solaris
Copyright (c) for man pages and the logo by the respective OS vendor.
For those who want to learn more, the polarhome community provides shell access and support.
[legal]
[privacy]
[GNU]
[policy]
[cookies]
[netiquette]
[sponsors]
[FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
|
Vote for polarhome
|