2018 LDAP(1)Introduction

2018 LDAP(1)Introduction

LDAP protocol - Lightweight Directory Access Protocol
high read performance, high search performance. Less write, more read.

Some popular Use Case:
Company Employee Information, name, phone, emails
Private/Public Key Pair
Company Hardware Information, server, IP address, location, made, purchase time and etc.

Entry
Item, all CRUD operation is on top of this item.
dn - distinguished Name, DN,    dn: “cn=baby, ou=marketing,ou=people,dc=mydomain,dc=org”

rdn - on the most left side, cn=baby

Base DN:  top root, dc=mydomain, dc=org

Attribute
commonName  - cn - Directory String - name - Carl
surname.           - sn - Directory String - last name - Luo
organizationUnitName - ou - Directory String - Department - Engineering
organization       - o  - Directory String - Org - example
telephoneNumber
objectClass                           Internal properties

Some more detail
https://segmentfault.com/a/1190000002607140

Schema - ObjectClass, AttributeType, Syntax - /etc/ldap/schema/

Backend and database
slapd will response to requests, data operations are handled by Backends and database.
https://linux.die.net/man/5/slapd.backends

TLS & SASL
SSL/TLS

LDIF - LDAP Data Interchange Format
Some sample format
# cat add_entry.ldif
dn: ou=Marketing, dc=example,dc=com
changetype: add
objectclass: top
objectclass: organizationalUnit
ou: Marketing
dn: cn=Pete Minsky,ou=Marketing,dc=example,dc=com
changetype: add
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Pete Minsky
sn: Pete
ou: Marketing
description: sb, sx
description: sx
uid: pminsky

ldapmodify -xWD 'cn=admin,dc=example,dc=com' -f add_entry.ldif

Some tools
http://directory.apache.org/studio/users-guide.html

Format
ldap://servername/DN
DN distinguished Name - CN, OU, DC
DC - Domain Component
CN - Common Name
OU - Organizational Unit

DC=redmond, DC=wa, DC=microsoft, DC=com
Com\Microsoft\Wa\Redmond

CN=test, OU=developer, DC=domainname, DC=com
One user test is under department developer of domain name domainname.com

LDAPJS
http://ldapjs.org/
http://ldapjs.org/guide.html
https://teakki.com/p/57dfa8253c20b02e90a0d18a

References:
http://blog.51cto.com/jueshizhanhun/1232041
https://www.suse.com/zh-cn/documentation/sles10/book_sle_reference/data/sec.ldap.tree.html
https://www.suse.com/zh-cn/documentation/sles10/book_sle_reference/data/cha.ldap.html
http://blog.51cto.com/407711169/1439623
http://blog.sina.com.cn/s/blog_6d6f5d7d0100m63i.html