Finding Information in an LDAP Directory Info. Tech. Svcs. University of Hawaii Russell Tokuyama 05/02/01 University of Hawaii © 2001.

Slides:



Advertisements
Similar presentations
Grouper Training Developers and Architects LDAP Shilen Patel Duke University This work licensed under a Creative Commons Attribution-NonCommercial 3.0.
Advertisements

Directory Services DIT Design Jim Rommel Perot Systems Corporation.
LDAP Lightweight Directory Access Protocol LDAP.
Directory & Naming Services CS-328 Dick Steflik. A Directory.
CS603 Directory Services January 30, Name Resolution: What would you like? Historical? –Mail –Telephone DNS? X.500 / LDAP? DCE? ActiveDirectory?
Distributed Systems CS Naming – Part II Lecture 6, Sep 26, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH.
Login Screen This is the Sign In page for the Dashboard Enter Id and Password to sign In New User Registration.
03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.
LDAP: Information Model Part 2 CNS 4650 Fall 2004 Rev. 2.
LDAP Lightweight Directory Access Protocol LDAP.
23/4/2001LDAP Overview - HEPix - LAL 2001 LDAP Overview HEPix – LAL Apr Michel Jouvin
Netprog: LDAP1 Lightweight Directory Access Protocol (LDAP) Refs: –Netscape LDAP server docs – U. of Michigan LDAP docs – docs –RFCs:
LDAP Search Criteria Fall 2004 Rev. 2. LDAP Searches Can be performed on Single directory entry Contents of a single container Entire subtree Required.
01 February 2002 Directories are Fundamental Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University.
GRID Centralized management of the Globus grid-mapfile Carlo Rocca INFN, Catania.
Directory Server Campus Booster ID: Copyright © SUPINFO. All rights reserved OpenLDAP.
Introduce LDAP 张海鹏 SOA Mult - Little system User Manager System (share between other systems) How to store user Information How to access.
The Directory A distributed database Distributed maintenance.
Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS)
1 LDAP and Java Naming Services Murali. M.Nagendranath.
Information Technologies Jeremy Mortis 1 hi LDAP The Online Directory.
LDAP: LDIF & DSML Fall 2004 Rev. 2. LDIF Light-weight Data Interchange Format RFC 2849 Common format to exchange data entry schema.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
HPD Overview Carl Leitner IntraHealth OpenHIE Provider Registry Community Call March 6,
The DSpace Course Module – Configuring LDAP. Module objectives  By the end of this module you will:  Understand how DSpace uses LDAP for authentication.
Authorization Package for TB1 Authorization Working Group Third DataGrid Project Conference 3-5 October 2001, Frascati.
Implementing LDAP Client/Server System for Directory Service By Maochun Sun Project Advisor: Dr. Chung-E Wang Department of Computer Science California.
Introduction to Lightweight Directory Access Protocol Introduction Danny Conte Conte Consultants Inc. Jan 31 st 2002.
Sonoma State White Pages Implementation Barry Blackburn Andru Luvisi Brian Biggs.
LDAP Authentication Copyright © Liferay, Inc. All Rights Reserved. No material may be reproduced electronically or in print without written permission.
LDAP (Lightweight Directory Access Protocol ) Speaker: Chang-Yu Wu Adviser: Quincy Wu Date:2007/08/22.
Identity Management Technical Training LDAP and Directory Services Joachim Andres Guillaume Andru Renaud Métrich Sun Microsystems, Inc.
1 COP 4343 Unix System Administration Unit 13: LDAP.
Page 1 Active Directory and DNS Lecture 2 Hassan Shuja 09/14/2004.
LDAP: Accessing Operational Information CNS 4650 Fall 2004 Rev. 2.
The HEP White Pages Project Ray Jackson CERN / IT - Internet Services Group 23rd April HEPiX/HEPNT Conference, LAL-Orsay, France.
FTLOA Go to User Name: first last name lower case.
AACLS Documentation LDAP and releasing information issue ACL and ACI AACLS Model Physical Architecture Logical Architecture Example : a French university.
LDAP (Lightweight Directory Access Protocol)
GRID Centralized Management of the Globus grid-mapfile Carlo Rocca, INFN Catania.
LDAP- Protocol and Applications. Role of LDAP Allow clients to access a directory service Directories hold hierarchical structured information Clients.
What’s new in ADO 2.5 Greg Hinkel Program Manager Data Access Group
Review on Active Directory. Aim Enable users to find network resources easily Central and easy administration of users and resources in a domain Improve.
LDAP Namespace CNS 4650 Fall 2004 Rev. 2. What is a namespace? Different from XML, C++, Java, etc. Names permitted and used in a directory Can include.
CEG 2400 Fall 2012 Directory Services Active Directory Tree Domain.
LDAP Lightweight Directory Access Protocol LDAP.
© 2013 IBM Corporation LDAP Fundamentals & LDAP for CLM Bruce Besch IBM Rational Services.
LDAP: Creating Object Classes and Attributes CNS 4650 Fall 2004 Rev. 2.
LDAP: Synchronizing LDAP Information CNS 4650 Fall 2004 Rev. 2.
The University directory system Bob Dowling 12 th October 2005.
University of Michigan
Introduction to LDAP Frank A. Kuse.
KX-NSX1000/2000 LDAP Rev Nov.,
LDAP
CONFIGURING LDAP Authentication (rsso 9.1)
Index Object Schema and Replication Infrastructure
Lecture 7: Name and Directory Servers
Lecture 7: Name and Directory Servers
CEG 2400 Fall 2012 Directory Services - LDAP
LDAP – Light Weight Directory Access Protocol
Lecture 8: Name and Directory Servers
Distributed Systems CS
Active Directory (November 7, 2016) © Abdou Illia, Fall 2016.
EGEE Middleware: gLite Information Systems (IS)
Introduction to Active Directory Directory Services
Provisioning of Services Authentication Requirements
Developing with uConnect
Presentation transcript:

Finding Information in an LDAP Directory Info. Tech. Svcs. University of Hawaii Russell Tokuyama 05/02/01 University of Hawaii © 2001

2 What’s the phone number? You just left a meeting and forgot to get some important information. Now, you need to call someone whose name you wrote down but don’t know their office phone number or address. A scenario:

3 What’s the phone number? Where to look? What do I ask for? How do I ask for it? What will I get back?

4 Where do I look? White pages (phone book) UH INFO - h ttp:// An application using LDAP

5 LDAP Directory DIT - directory information tree hierarchical - like a file system subtrees - groups search area

6 What do I ask for? Thing(s) to match –All fields –Selected fields –No fields (presence

7 How do I ask for it? Host:port of LDAP server Search base Scope Search filter Attributes to return Attributes only

8 What will I get back? Zero or more entries Attributes Value(s) for each attribute present

9 Demo Someone with last name sounds like roads /ou=people,o=hawaii.edu??sub?(sn~=road) /ou=people,o=hawaii.edu??sub?(sn=r*oad*)

10 LDAP Terminology Namespace Schema Object class Attribute, Entry, Value Distinguished Name

11 LDAP Terminology Namespace –What do you call things –How things are organized –Hierarchical DIT Contains entries Entries contain entries o=uh ou=people ou=uh ou=lcc ou=uhh

12 LDAP Terminology Schema –What data can be stored –Object classes –Attributes in the classes Name Type Value

13 LDAP Terminology Object class –Grouping of attributes required optional –Inheritance extend existing classes orgPerson inetOrgPerson person

14 LDAP Terminology person –surname –common name –user password (opt) –phone number (opt) –see also (opt) –description (opt) orgPerson inetOrgPerson person

15 LDAP Terminology orgPerson inetOrgPerson person organizationalPerson –surname –common name –user password, phone, descr, etc. (opt) –title, orgUnit, etc. (opt)

16 LDAP Terminology orgPerson inetOrgPerson person inetOrgPerson –surname –common name –user password, phone, descr, etc. (opt) –title, orgUnit, etc. (opt) –givenName, uid, mail, etc. (opt)

17 LDAP Terminology Attribute –Type (syntax) kind of information to be stored –character how searched for –ignore case –Value single or multiple values

18 LDAP Terminology Entry –Attributes –Types –Values attr typevalue

19 LDAP Terminology Entry –Attributes –Types –Values uidcntelNum stringJohn Q Doe cn

20 LDAP Terminology Distinguished Name (DN) –name of an entry –uniquely identifies entry –composed of attributes

21 LDAP Terminology Distinguished Name (DN) o=hawaii.edu ou=People, o=hawaii.edu ou=Groups, o=hawaii.edu ou=UH, o=hawaii.edu

22 LDAP Terminology Distinguished Name (DN) dc=hawaii, dc=edu ou=People, dc=hawaii, dc=edu ou=Groups, dc=hawaii, dc=edu ou=UH, dc=hawaii, dc=edu

23 LDAP Terminology Distinguished Name (DN) o=University of Hawaii, c=US ou=People, o=University of Hawaii, c=US ou=Groups, o=University of Hawaii, c=US ou=UH, o=University of Hawaii, c=US

24 More LDAP Terminology Search base –What part of the DIT to look in Scope –Base, One, Sub Search filter –What to use as a comparison

25 ou=UH, o=hawaii.edu More LDAP Terminology Search base –What part of the DIT to look in o=hawaii.edu ou=People, o=hawaii.edu ou=Groups, o=hawaii.edu

26 More LDAP Terminology Scope –Base - main entry –One - main entry and immediate children –Sub - main entry and all descendants

27 More LDAP Terminology Search filter –What to use as a comparison –One or more attributes firstname=John, lastname=Doe, department=Leeward CC

28 How to find it LDAP URL (RFC 2255) –host:port –Search base –Scope –Search filter ldap://host:port/base?attributes?scope?filter

29 How to find it LDAP URL (RFC 2255) ldap://host:port/base?attributes?scope?filter /ou=people,o=hawaii.edu??sub?(sn=Doe)

30 How to find it LDAP URL (RFC 2255) –Attributes - default is all –Scope - default is base (main entry) /ou=people,o=hawaii.edu??sub?(sn=Doe)

31 Search Filters Search Attribute(s) –Exact match –Approximate match partial key regular expression –Substring

32 Search Filters Search Attribute(s) –Exact match (sn=Doe) (& (sn=Doe) (givenName=John) )

33 Search Filters Search Attribute(s) –Approximate match (sn~=road) (& (sn~=Doe) (givenName=John) )

34 Search Filters Search Attribute(s) –Substring (sn=do*) (& (sn=r*oa*) (givenName=sam*) )

35 Search Filters More examples (& (sn=do*) (! (givenName=jo*)) ) (&(givenName=Jo*n) (|(sn=Do*)(sn=Sm*)))

36 Attributes Returned All Only those of interest telephone,mail,cn o=hawaii.edu?telephone,mail,cn?sub?(sn=Doe)

37 What’s in LDAP? uid (ITS username) cn (last, first middle) givenName (first name) sn (last name) employeeType (faculty, staff, student) ou (home campus)

38 What’s coming next? Refine schema Refine data sources Enable more applications Engage more people

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.