|
version 1.26, 2002/06/21 05:32:54
|
version 1.34.2.2, 2005/07/10 04:36:40
|
|
Line 1
|
Line 1
|
| .TH LDAP 3 "RELEASEDATE" "OpenLDAP LDVERSION" |
.TH LDAP 3 "RELEASEDATE" "OpenLDAP LDVERSION" |
| .\" $OpenLDAP: pkg/ldap/doc/man/man3/ldap.3,v 1.25 2002/06/13 01:59:24 kurt Exp $ |
.\" $OpenLDAP: pkg/ldap/doc/man/man3/ldap.3,v 1.36 2005/07/04 04:57:10 hallvard Exp $ |
| .\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved. |
.\" Copyright 1998-2005 The OpenLDAP Foundation All Rights Reserved. |
| .\" Copying restrictions apply. See COPYRIGHT/LICENSE. |
.\" Copying restrictions apply. See COPYRIGHT/LICENSE. |
| .SH NAME |
.SH NAME |
| ldap - OpenLDAP Lightweight Directory Access Protocol API |
ldap - OpenLDAP Lightweight Directory Access Protocol API |
| .SH LIBRARY |
.SH LIBRARY |
| OpenlDAP LDAP (libldap, -lldap) |
OpenLDAP LDAP (libldap, -lldap) |
| .SH SYNOPSIS |
.SH SYNOPSIS |
| .nf |
.nf |
| .ft B |
.ft B |
|
Line 14 OpenlDAP LDAP (libldap, -lldap)
|
Line 14 OpenlDAP LDAP (libldap, -lldap)
|
| .fi |
.fi |
| .SH DESCRIPTION |
.SH DESCRIPTION |
| .LP |
.LP |
| The Lightweight Directory Access Protocol provides access to X.500 |
The Lightweight Directory Access Protocol (LDAP) (RFC 3377) provides |
| directory services. The services may be stand\-alone or part of |
access to X.500 directory services. These services may be stand\-alone |
| a distributed directory service. This API supports LDAP over TCP |
or part of a distributed directory service. This client API supports |
| (RFC2251), LDAP over SSL, and LDAP over IPC (UNIX domain sockets). |
LDAP over TCP (RFC2251), LDAP over TLS/SSL, and LDAP over IPC (UNIX |
| This API supports SASL (RFC2829) and Start TLS (RFC2830). This |
domain sockets). This API supports SASL (RFC2829) and Start TLS |
| API is based upon IETF C LDAP API draft specification, a work in |
(RFC2830) as well as a number of protocol extensions. This API is |
| progress. |
loosely based upon IETF/LDAPEXT C LDAP API draft specification, a (orphaned) |
| |
work in progress. |
| .LP |
.LP |
| The OpenLDAP Software package includes a stand\-alone server in |
The OpenLDAP Software package includes a stand\-alone server in |
| .BR slapd (8), |
.BR slapd (8), |
|
Line 34 These routines are found in the \-lldap
|
Line 35 These routines are found in the \-lldap
|
| .LP |
.LP |
| The basic interaction is as follows. A session handle is |
The basic interaction is as follows. A session handle is |
| created using |
created using |
| .BR ldap_init (3) |
|
| or |
|
| .BR ldap_initialize (3). |
|
| (The |
|
| .BR ldap_initialize (3) |
.BR ldap_initialize (3) |
| routine is preferred, but is not part of the draft specification.) |
and set the protocol version to 3 by calling |
| The underlying session is established upon first use which is |
.BR ldap_set_option (3). |
| commonly an LDAP bind operation. The LDAP bind operation is |
The underlying session is established first operation is |
| performed by calling |
issued. This would generally be a Start TLS or Bind operation. |
| |
A Start TLS operation is performed by calling |
| |
.BR ldap_start_tls_s (3). |
| |
A LDAP bind operation is performed by calling |
| .BR ldap_sasl_bind (3) |
.BR ldap_sasl_bind (3) |
| or one of its friends. Next, other operations are performed |
or one of its friends. Subsequently, other operations are performed |
| by calling one of the synchronous or asynchronous routines (e.g., |
by calling one of the synchronous or asynchronous routines (e.g., |
| .BR ldap_search_ext_s (3) |
.BR ldap_search_ext_s (3) |
| or |
or |
|
Line 58 The LDAP association and underlying conn
|
Line 58 The LDAP association and underlying conn
|
| .BR ldap_unbind_ext (3). |
.BR ldap_unbind_ext (3). |
| Errors can be interpreted by calling |
Errors can be interpreted by calling |
| .BR ldap_err2string (3). |
.BR ldap_err2string (3). |
| .SH SEARCH FILTERS |
.SH LDAP versions |
| Search filters to be passed to the ldap search routines are to be |
This library supports version 3 of the Lightweight Directory Access |
| |
Protocol (LDAPv3) as defined in RFC 3377. It also supports a variant |
| |
of version 2 of LDAP as defined by U-Mich LDAP and, to some degree, |
| |
RFC 1777. Version 2 (all variants) should be viewed as obsolete. |
| |
Version 3 should be used instead. |
| |
.LP |
| |
For backwards compatibility reasons, the library defaults to version 2. |
| |
Hence, all new applications (and all actively maintained applications) |
| |
should use |
| |
.BR ldap_set_option (3) |
| |
to select version 3. The library manual pages assume version 3 |
| |
has been selected. |
| |
.SH INPUT and OUTPUT PARAMETERS |
| |
All character string input/output is expected to be/is UTF\-8 |
| |
encoded Unicode (version 3.2). |
| |
.LP |
| |
Distinguished names (DN) (and relative distinguished names (RDN) to |
| |
be passed to the LDAP routines should conform to RFC 2253. The |
| |
.BR ldap_explode_dn (3) |
| |
routines can be used to work with DNs. |
| |
.LP |
| |
Search filters to be passed to the search routines are to be |
| constructed by hand and should conform to RFC 2254. |
constructed by hand and should conform to RFC 2254. |
| |
.LP |
| |
LDAP URL are to be passed to routines are expected to conform |
| |
to RFC 2255. |
| |
The |
| |
.BR ldap_url (3) |
| |
routines can be used to work with LDAP URLs. |
| .SH DISPLAYING RESULTS |
.SH DISPLAYING RESULTS |
| Results obtained from the ldap search routines can be output by hand, |
Results obtained from the search routines can be output by hand, |
| by calling |
by calling |
| .BR ldap_first_entry (3) |
.BR ldap_first_entry (3) |
| and |
and |
|
Line 76 to step through an entry's attributes, a
|
Line 103 to step through an entry's attributes, a
|
| .BR ldap_get_values (3) |
.BR ldap_get_values (3) |
| to retrieve a given attribute's values. Attribute values |
to retrieve a given attribute's values. Attribute values |
| may or may not be displayable. |
may or may not be displayable. |
| .SH CONTROLS |
|
| This library supports both LDAP Version 2 and Version 3, with the Version 2 |
|
| protocol selected by default. |
|
| LDAP Version 3 operations can be extended through the use of controls. Controls |
|
| can be sent to a server or returned to the client with any LDAP message. |
|
| Extended versions of the standard routines are available for use with |
|
| controls. These routines are generally named by adding |
|
| .BR _ext |
|
| to the regular routine's name. |
|
| .SH UNIFORM RESOURCE LOCATORS (URLS) |
|
| The |
|
| .BR ldap_url (3) |
|
| routines can be used to test a URL to see if it is an LDAP URL, to parse LDAP |
|
| URLs into their component pieces, and to initiate searches directly using |
|
| an LDAP URL. |
|
| .SH CACHING |
|
| The |
|
| .BR ldap_cache (3) |
|
| routines implement a local client caching scheme, |
|
| providing a substantial performance increase for repeated queries. |
|
| Caching is experiemental. |
|
| .SH UTILITY ROUTINES |
.SH UTILITY ROUTINES |
| Also provided are various utility routines. The |
Also provided are various utility routines. The |
| .BR ldap_sort (3) |
.BR ldap_sort (3) |
|
Line 118 and
|
Line 124 and
|
| .BR lber\-types (3). |
.BR lber\-types (3). |
| .SH INDEX |
.SH INDEX |
| .TP 20 |
.TP 20 |
| .SM ldap_open(3) |
|
| open a connection to an LDAP server (deprecated, use |
|
| .BR ldap_init (3)) |
|
| .TP |
|
| .SM ldap_init(3) |
|
| initialize the LDAP library without opening a connection to a server |
|
| .TP |
|
| .SM ldap_initialize(3) |
.SM ldap_initialize(3) |
| initialize the LDAP library without opening a connection to a server |
initialize the LDAP library without opening a connection to a server |
| .TP |
.TP |
| .SM ldap_result(3) |
.SM ldap_result(3) |
| wait for the result from an asynchronous operation |
wait for the result from an asynchronous operation |
| .TP |
.TP |
| .SM ldap_abandon(3) |
.SM ldap_abandon_ext(3) |
| abandon (abort) an asynchronous operation |
abandon (abort) an asynchronous operation |
| .TP |
.TP |
| .SM ldap_add(3) |
.SM ldap_add_ext(3) |
| asynchronously add an entry |
asynchronously add an entry |
| .TP |
.TP |
| .SM ldap_add_s(3) |
.SM ldap_add_ext_s(3) |
| synchronously add an entry |
synchronously add an entry |
| .TP |
.TP |
| .SM ldap_bind(3) |
.SM ldap_sasl_bind(3) |
| asynchronously bind to the directory |
asynchronously bind to the directory |
| .TP |
.TP |
| .SM ldap_bind_s(3) |
.SM ldap_sasl_bind_s(3) |
| synchronously bind to the directory |
synchronously bind to the directory |
| .TP |
.TP |
| .SM ldap_simple_bind(3) |
.SM ldap_unbind_ext(3) |
| asynchronously bind to the directory using simple authentication |
|
| .TP |
|
| .SM ldap_simple_bind_s(3) |
|
| synchronously bind to the directory using simple authentication |
|
| .TP |
|
| .SM ldap_unbind(3) |
|
| synchronously unbind from the LDAP server and close the connection |
synchronously unbind from the LDAP server and close the connection |
| .TP |
.TP |
| .SM ldap_unbind_s(3) |
.SM ldap_unbind_ext_s(3) |
| equivalent to |
equivalent to |
| .BR ldap_unbind (3) |
.BR ldap_unbind_ext (3) |
| .TP |
.TP |
| .SM ldap_memfree (3) |
.SM ldap_memfree(3) |
| dispose of memory allocated by LDAP routines. |
dispose of memory allocated by LDAP routines. |
| .TP |
.TP |
| .SM ldap_enable_cache(3) |
.SM ldap_compare_ext(3) |
| enable LDAP client caching |
|
| .TP |
|
| .SM ldap_disable_cache(3) |
|
| disable LDAP client caching |
|
| .TP |
|
| .SM ldap_destroy_cache(3) |
|
| disable LDAP client caching and destroy cache contents |
|
| .TP |
|
| .SM ldap_flush_cache(3) |
|
| flush LDAP client cache |
|
| .TP |
|
| .SM ldap_uncache_entry(3) |
|
| uncache requests pertaining to an entry |
|
| .TP |
|
| .SM ldap_uncache_request(3) |
|
| uncache a request |
|
| .TP |
|
| .SM ldap_set_cache_options(3) |
|
| set cache options |
|
| .TP |
|
| .SM ldap_compare(3) |
|
| asynchronously compare to a directory entry |
asynchronously compare to a directory entry |
| .TP |
.TP |
| .SM ldap_compare_s(3) |
.SM ldap_compare_ext_s(3) |
| synchronously compare to a directory entry |
synchronously compare to a directory entry |
| .TP |
.TP |
| .SM ldap_delete(3) |
.SM ldap_delete_ext(3) |
| asynchronously delete an entry |
asynchronously delete an entry |
| .TP |
.TP |
| .SM ldap_delete_s(3) |
.SM ldap_delete_ext_s(3) |
| synchronously delete an entry |
synchronously delete an entry |
| .TP |
.TP |
| .SM ldap_perror(3) |
|
| print an LDAP error indication to standard error |
|
| .TP |
|
| .SM ld_errno(3) |
.SM ld_errno(3) |
| LDAP error indication |
LDAP error indication |
| .TP |
.TP |
| .SM ldap_result2error(3) |
|
| extract LDAP error indication from LDAP result |
|
| .TP |
|
| .SM ldap_errlist(3) |
.SM ldap_errlist(3) |
| list of LDAP errors and their meanings |
list of LDAP errors and their meanings |
| .TP |
.TP |
|
Line 229 return number of entries in a search res
|
Line 195 return number of entries in a search res
|
| extract the DN from an entry |
extract the DN from an entry |
| .TP |
.TP |
| .SM ldap_explode_dn(3) |
.SM ldap_explode_dn(3) |
| convert a DN into its component parts |
convert a DN into its component parts (deprecated) |
| .TP |
.TP |
| .SM ldap_explode_rdn(3) |
.SM ldap_explode_rdn(3) |
| convert an RDN into its component parts |
convert an RDN into its component parts (deprecated) |
| .TP |
|
| .SM ldap_get_values(3) |
|
| return an attribute's values |
|
| .TP |
.TP |
| .SM ldap_get_values_len(3) |
.SM ldap_get_values_len(3) |
| return an attribute's values with lengths |
return an attribute's values with lengths |
| .TP |
.TP |
| .SM ldap_value_free(3) |
|
| free memory allocated by ldap_get_values(3) |
|
| .TP |
|
| .SM ldap_value_free_len(3) |
.SM ldap_value_free_len(3) |
| free memory allocated by ldap_get_values_len(3) |
free memory allocated by ldap_get_values_len(3) |
| .TP |
.TP |
| .SM ldap_count_values(3) |
|
| return number of values |
|
| .TP |
|
| .SM ldap_count_values_len(3) |
.SM ldap_count_values_len(3) |
| return number of values |
return number of values |
| .TP |
.TP |
| .SM ldap_modify(3) |
.SM ldap_modify_ext(3) |
| asynchronously modify an entry |
asynchronously modify an entry |
| .TP |
.TP |
| .SM ldap_modify_s(3) |
.SM ldap_modify_ext_s(3) |
| synchronously modify an entry |
synchronously modify an entry |
| .TP |
.TP |
| .SM ldap_mods_free(3) |
.SM ldap_mods_free(3) |
| free array of pointers to mod structures used by ldap_modify(3) |
free array of pointers to mod structures used by ldap_modify_ext(3) |
| .TP |
.TP |
| .SM ldap_modrdn2(3) |
.SM ldap_rename(3) |
| asynchronously modify the RDN of an entry |
asynchronously rename an entry |
| .TP |
.TP |
| .SM ldap_modrdn2_s(3) |
.SM ldap_rename_s(3) |
| synchronously modify the RDN of an entry |
synchronously rename an entry |
| .TP |
|
| .SM ldap_modrdn(3) |
|
| deprecated - use ldap_modrdn2(3) |
|
| .TP |
|
| .SM ldap_modrdn_s(3) |
|
| depreciated - use ldap_modrdn2_s(3) |
|
| .TP |
.TP |
| .SM ldap_msgfree(3) |
.SM ldap_msgfree(3) |
| free results allocated by ldap_result(3) |
free results allocated by ldap_result(3) |
|
Line 282 return the message type of a message fro
|
Line 233 return the message type of a message fro
|
| .SM ldap_msgid(3) |
.SM ldap_msgid(3) |
| return the message id of a message from ldap_result(3) |
return the message id of a message from ldap_result(3) |
| .TP |
.TP |
| .SM ldap_search(3) |
.SM ldap_search_ext(3) |
| asynchronously search the directory |
asynchronously search the directory |
| .TP |
.TP |
| .SM ldap_search_s(3) |
.SM ldap_search_ext_s(3) |
| synchronously search the directory |
synchronously search the directory |
| .TP |
.TP |
| .SM ldap_search_st(3) |
|
| synchronously search the directory with timeout |
|
| .TP |
|
| .SM ldap_is_ldap_url(3) |
.SM ldap_is_ldap_url(3) |
| check a URL string to see if it is an LDAP URL |
check a URL string to see if it is an LDAP URL |
| .TP |
.TP |
|
Line 306 sort a list of attribute values
|
Line 254 sort a list of attribute values
|
| .SM ldap_sort_strcasecmp(3) |
.SM ldap_sort_strcasecmp(3) |
| case insensitive string comparison |
case insensitive string comparison |
| .SH SEE ALSO |
.SH SEE ALSO |
| |
.BR ldap.conf (5), |
| .BR slapd (8), |
.BR slapd (8), |
| .BR draft-ietf-ldapext-ldap-c-api-xx.txt \ <http://www.ietf.org> |
.BR draft-ietf-ldapext-ldap-c-api-xx.txt \ <http://www.ietf.org> |
| .SH ACKNOWLEDGEMENTS |
.SH ACKNOWLEDGEMENTS |
| .B OpenLDAP |
.B OpenLDAP |
| is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). |
is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). |
| .B OpenLDAP |
.B OpenLDAP |
| is derived from University of Michigan LDAP 3.3 Release. |
is derived from University of Michigan LDAP 3.3 Release. |
| .LP |
.LP |
| These API manual pages are based upon descriptions provided in the |
These API manual pages are loosely based upon descriptions provided |
| IETF C LDAP API Internet Draft, a work in progress, edited by |
in the IETF/LDAPEXT C LDAP API Internet Draft, a (orphaned) work |
| Mark Smith. |
in progress. |
| |
|
![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to ldap.3 CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [OpenLDAP] / doc / man / man3