Presentation is loading. Please wait.

Presentation is loading. Please wait.

Finding Information in an LDAP Directory Info. Tech. Svcs. University of Hawaii Russell Tokuyama 05/02/01 University of Hawaii © 2001.

Published byRandell Perry Modified over 8 years ago

Similar presentations

Presentation on theme: "Finding Information in an LDAP Directory Info. Tech. Svcs. University of Hawaii Russell Tokuyama 05/02/01 University of Hawaii © 2001."— Presentation transcript:

1 Finding Information in an LDAP Directory Info. Tech. Svcs. University of Hawaii Russell Tokuyama 05/02/01 University of Hawaii © 2001

2 2 What’s the phone number? You just left a meeting and forgot to get some important information. Now, you need to call someone whose name you wrote down but don’t know their office phone number or email address. A scenario:

3 3 What’s the phone number? Where to look? What do I ask for? How do I ask for it? What will I get back?

4 4 Where do I look? White pages (phone book) UH INFO - h ttp://www.hawaii.edu/dir/ An application using LDAP

5 5 LDAP Directory DIT - directory information tree hierarchical - like a file system subtrees - groups search area

6 6 What do I ask for? Thing(s) to match –All fields –Selected fields –No fields (presence

7 7 How do I ask for it? Host:port of LDAP server Search base Scope Search filter Attributes to return Attributes only

8 8 What will I get back? Zero or more entries Attributes Value(s) for each attribute present

9 9 Demo Someone with last name sounds like roads /ou=people,o=hawaii.edu??sub?(sn~=road) /ou=people,o=hawaii.edu??sub?(sn=r*oad*)

10 10 LDAP Terminology Namespace Schema Object class Attribute, Entry, Value Distinguished Name

11 11 LDAP Terminology Namespace –What do you call things –How things are organized –Hierarchical DIT Contains entries Entries contain entries o=uh ou=people ou=uh ou=lcc ou=uhh

12 12 LDAP Terminology Schema –What data can be stored –Object classes –Attributes in the classes Name Type Value

13 13 LDAP Terminology Object class –Grouping of attributes required optional –Inheritance extend existing classes orgPerson inetOrgPerson person

14 14 LDAP Terminology person –surname –common name –user password (opt) –phone number (opt) –see also (opt) –description (opt) orgPerson inetOrgPerson person

15 15 LDAP Terminology orgPerson inetOrgPerson person organizationalPerson –surname –common name –user password, phone, descr, etc. (opt) –title, orgUnit, etc. (opt)

16 16 LDAP Terminology orgPerson inetOrgPerson person inetOrgPerson –surname –common name –user password, phone, descr, etc. (opt) –title, orgUnit, etc. (opt) –givenName, uid, mail, etc. (opt)

17 17 LDAP Terminology Attribute –Type (syntax) kind of information to be stored –character how searched for –ignore case –Value single or multiple values

18 18 LDAP Terminology Entry –Attributes –Types –Values attr typevalue

19 19 LDAP Terminology Entry –Attributes –Types –Values uidcntelNum stringJohn Q Doe cn

20 20 LDAP Terminology Distinguished Name (DN) –name of an entry –uniquely identifies entry –composed of attributes

21 21 LDAP Terminology Distinguished Name (DN) o=hawaii.edu ou=People, o=hawaii.edu ou=Groups, o=hawaii.edu ou=UH, o=hawaii.edu

22 22 LDAP Terminology Distinguished Name (DN) dc=hawaii, dc=edu ou=People, dc=hawaii, dc=edu ou=Groups, dc=hawaii, dc=edu ou=UH, dc=hawaii, dc=edu

23 23 LDAP Terminology Distinguished Name (DN) o=University of Hawaii, c=US ou=People, o=University of Hawaii, c=US ou=Groups, o=University of Hawaii, c=US ou=UH, o=University of Hawaii, c=US

24 24 More LDAP Terminology Search base –What part of the DIT to look in Scope –Base, One, Sub Search filter –What to use as a comparison

25 25 ou=UH, o=hawaii.edu More LDAP Terminology Search base –What part of the DIT to look in o=hawaii.edu ou=People, o=hawaii.edu ou=Groups, o=hawaii.edu

26 26 More LDAP Terminology Scope –Base - main entry –One - main entry and immediate children –Sub - main entry and all descendants

27 27 More LDAP Terminology Search filter –What to use as a comparison –One or more attributes firstname=John, lastname=Doe, department=Leeward CC

28 28 How to find it LDAP URL (RFC 2255) –host:port –Search base –Scope –Search filter ldap://host:port/base?attributes?scope?filter

29 29 How to find it LDAP URL (RFC 2255) ldap://host:port/base?attributes?scope?filter /ou=people,o=hawaii.edu??sub?(sn=Doe)

30 30 How to find it LDAP URL (RFC 2255) –Attributes - default is all –Scope - default is base (main entry) /ou=people,o=hawaii.edu??sub?(sn=Doe)

31 31 Search Filters Search Attribute(s) –Exact match –Approximate match partial key regular expression –Substring

32 32 Search Filters Search Attribute(s) –Exact match (sn=Doe) (& (sn=Doe) (givenName=John) )

33 33 Search Filters Search Attribute(s) –Approximate match (sn~=road) (& (sn~=Doe) (givenName=John) )

34 34 Search Filters Search Attribute(s) –Substring (sn=do*) (& (sn=r*oa*) (givenName=sam*) )

35 35 Search Filters More examples (& (sn=do*) (! (givenName=jo*)) ) (&(givenName=Jo*n) (|(sn=Do*)(sn=Sm*)))

36 36 Attributes Returned All Only those of interest telephone,mail,cn o=hawaii.edu?telephone,mail,cn?sub?(sn=Doe)

37 37 What’s in LDAP? uid (ITS username) cn (last, first middle) givenName (first name) sn (last name) employeeType (faculty, staff, student) ou (home campus)

38 38 What’s coming next? Refine schema Refine data sources Enable more applications Engage more people

Download ppt "Finding Information in an LDAP Directory Info. Tech. Svcs. University of Hawaii Russell Tokuyama 05/02/01 University of Hawaii © 2001."

Similar presentations

Grouper Training Developers and Architects LDAP Shilen Patel Duke University This work licensed under a Creative Commons Attribution-NonCommercial 3.0.

Grouper Training Developers and Architects LDAP Shilen Patel Duke University This work licensed under a Creative Commons Attribution-NonCommercial 3.0.
Directory Services DIT Design Jim Rommel Perot Systems Corporation.

Directory Services DIT Design Jim Rommel Perot Systems Corporation.
LDAP Lightweight Directory Access Protocol LDAP.

LDAP Lightweight Directory Access Protocol LDAP.
Directory & Naming Services CS-328 Dick Steflik. A Directory.

Directory & Naming Services CS-328 Dick Steflik. A Directory.
CS603 Directory Services January 30, 2002. Name Resolution: What would you like? Historical? –Mail –Telephone DNS? X.500 / LDAP? DCE? ActiveDirectory?

CS603 Directory Services January 30, Name Resolution: What would you like? Historical? –Mail –Telephone DNS? X.500 / LDAP? DCE? ActiveDirectory?
Distributed Systems CS 15-440 Naming – Part II Lecture 6, Sep 26, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.

Distributed Systems CS Naming – Part II Lecture 6, Sep 26, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.

UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH.

LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH.
Login Screen This is the Sign In page for the Dashboard Enter Id and Password to sign In New User Registration.

Login Screen This is the Sign In page for the Dashboard Enter Id and Password to sign In New User Registration.
03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.

03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.
LDAP: Information Model Part 2 CNS 4650 Fall 2004 Rev. 2.

LDAP: Information Model Part 2 CNS 4650 Fall 2004 Rev. 2.
LDAP Lightweight Directory Access Protocol LDAP.

LDAP Lightweight Directory Access Protocol LDAP.
23/4/2001LDAP Overview - HEPix - LAL 2001 LDAP Overview HEPix – LAL Apr. 2001 Michel Jouvin

23/4/2001LDAP Overview - HEPix - LAL 2001 LDAP Overview HEPix – LAL Apr Michel Jouvin
Netprog: LDAP1 Lightweight Directory Access Protocol (LDAP) Refs: –Netscape LDAP server docs – U. of Michigan LDAP docs – www.openldap.org docs –RFCs:

Netprog: LDAP1 Lightweight Directory Access Protocol (LDAP) Refs: –Netscape LDAP server docs – U. of Michigan LDAP docs – docs –RFCs:
LDAP Search Criteria Fall 2004 Rev. 2. LDAP Searches Can be performed on Single directory entry Contents of a single container Entire subtree Required.

LDAP Search Criteria Fall 2004 Rev. 2. LDAP Searches Can be performed on Single directory entry Contents of a single container Entire subtree Required.
01 February 2002 Directories are Fundamental Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University.

01 February 2002 Directories are Fundamental Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University.
GRID Centralized management of the Globus grid-mapfile Carlo Rocca INFN, Catania.

GRID Centralized management of the Globus grid-mapfile Carlo Rocca INFN, Catania.
Directory Server Campus Booster ID: 351 www.supinfo.com Copyright © SUPINFO. All rights reserved OpenLDAP.

Directory Server Campus Booster ID: Copyright © SUPINFO. All rights reserved OpenLDAP.
Introduce LDAP 张海鹏 2008-07-25. SOA Mult - Little system User Manager System (share between other systems) How to store user Information How to access.

Introduce LDAP 张海鹏 SOA Mult - Little system User Manager System (share between other systems) How to store user Information How to access.
The Directory A distributed database Distributed maintenance.

The Directory A distributed database Distributed maintenance.

Similar presentations

Ads by Google