White dot for spacing only
The Dice Project


How to get data from LDAP


From: Jeremy Olsen <J.Olsen@ed>
Date: Mon, 10 Jun 2002 11:28:14 +0100 (BST)

LDAP is a fairly major departure from NIS/NIS+ etc that we are all
familiar with.

Is there anywhere on DICE pages that gives an overview of what the
structure of data is within LDAP and more importantly how to do
standard lookups equivalent to {yp,nis}match <name> {hosts,passwd},
etc. I did a quick search but didn't find anything.

Ta

Jeremy


From: Simon Wilkinson <sxw@dcs.ed.ac.uk>
Date: Mon, 10 Jun 2002 11:40:38 +0100 (BST)

On Mon, 10 Jun 2002, Jeremy Olsen wrote:

> LDAP is a fairly major departure from NIS/NIS+ etc that we are all
> familiar with.
>
> Is there anywhere on DICE pages that gives an overview of what the
> structure of data is within LDAP

Not currently, no. I'd hope that each of the tasks placing information in
the LDAP service would provide documentation regarding that information.
At the bare minimum they currently have to provide schema definition files
which provide an almost readable description of attributes.

In the case of user information, RFC2306 provides the definitive
description of how we store the standard nss data.

and more importantly how to do
> standard lookups equivalent to {yp,nis}match <name> {hosts,passwd},
> etc. I did a quick search but didn't find anything.

ldapsearch is the powerful access tool. Use this if you want to see _all_
of the information held in LDAP for a particular object. For a user, do
ldapsearch "uid=<username>"
or for a host entry
ldapsearch "cn=<hostname>"

A more friendly solution is to use 'getent'. This returns information in
a similar format to that used by ypmatch and the like:

getent passwd <username>
getent hosts <hostname>

getent without the second argument is equivalent to 'ypcat'.

Cheers,

Simon.



From: Iain Rae <iainr@dcs.ed.ac.uk>
Date: Mon, 10 Jun 2002 11:48:11 +0100

Simon Wilkinson wrote:
> On Mon, 10 Jun 2002, Jeremy Olsen wrote:
>
>
>>LDAP is a fairly major departure from NIS/NIS+ etc that we are all
>>familiar with.
>>
>>Is there anywhere on DICE pages that gives an overview of what the
>>structure of data is within LDAP
>
>
> Not currently, no. I'd hope that each of the tasks placing information in
> the LDAP service would provide documentation regarding that information.
> At the bare minimum they currently have to provide schema definition files
> which provide an almost readable description of attributes.
>
> In the case of user information, RFC2306 provides the definitive
> description of how we store the standard nss data.
>
> and more importantly how to do
>
>>standard lookups equivalent to {yp,nis}match <name> {hosts,passwd},
>>etc. I did a quick search but didn't find anything.
>
>
> ldapsearch is the powerful access tool. Use this if you want to see _all_
> of the information held in LDAP for a particular object. For a user, do
> ldapsearch "uid=<username>"
> or for a host entry
> ldapsearch "cn=<hostname>"
>
> A more friendly solution is to use 'getent'. This returns information in
> a similar format to that used by ypmatch and the like:
>
> getent passwd <username>
> getent hosts <hostname>
>
> getent without the second argument is equivalent to 'ypcat'.
>
> Cheers,


If you you're used to GUI tools something like gq or kldap might worth
playing with.

from memory the FAQ and notes at http://www.openldap.org are quite good.



--
Iain Rae Tel:01316505202
Computing Officer JCMB:2148
Division of Informatics
The University of Edinburgh



From: Simon Wilkinson <simon@sxw.org.uk>
Date: Mon, 10 Jun 2002 13:28:05 +0100

On Monday 10 June 2002 11:48, Iain Rae wrote:
> If you you're used to GUI tools something like gq or kldap might worth
> playing with.

Neither gq nor kldap will work correctly against the most recent OpenLDAP
code (as deployed on stapag.inf.ed.ac.uk), as it only accepts version 3 binds.

I'm looking at patching gq to fix this.

Cheers,

Simon.

--
Simon Wilkinson <simon@sxw.org.uk> http://www.sxw.org.uk
"I don't want to live on in my work, I want to live on in my apartment."
-- Woody Allen



No. Messages: 4

[Back]


 : Doc : Howto 

Mini Informatics Logo - Link to Main Informatics Page
Please contact us with any comments or corrections.
Unless explicitly stated otherwise, all material is copyright The University of Edinburgh
Spacing Line