LDAP stores data in a structure as described in RFC 1617, which also offers guidelines as to how your naming style might look. While there are many ways to implement a data hierarchy in LADP, you can implement your directory structure so that all entries live under a single root that represents your organization. For example, you can import all your Unix account data for your.domain into a directory server with the following:
object: your.domain Organizational Unit: People Type for login name: uid
Your Unix account information would be stored in LDAP like so:
uid=youruser,ou=People,o=your.domain
At the simplest level, data as imported into LDAP by way of the LDAP Directory Interchange Format (LDIF). LDIF is a standard data format that specifies all the information about a record that you will insert into the directory. Take, for instance, a Unix account that lives in /etc/passwd:
nvp:-password-:1000:1000:Nathan V. Patwardhan:/home/nvp:/usr/bin/bash
When you break the password entry down, the following fields exist:
login nvp password -password- uid 1000 gid 1000 gecos Nathan V. Patwardhan home directory /users/nvp shell /usr/bin/bash
The Unix /etc/passwd entries correspond to entries that you’ve created in LDAP, with the following naming differences:
UNIX LDAP equivalent login uid password userPassword uid uidNumber gid gidNumber gecos cn, gecos home directory homeDirectory shell loginShell
Every LDIF begins with a DN, or distinguished name, which describes where the
entry will live in the directory. Without the distinguished name, the
LDIF is invalid. Unix accounts might live under ou=People
, while addressbook entries might
live under ou=Addresses
. The LDIF
also contains all of the attributes for a given entry and their
corresponding values. For the Unix password entry shown above, the
LDIF would look like:
dn: uid=nvp,ou=People,o=your.domain uid: nvp cn: Nathan Patwardhan givenname: Nathan sn: Patwardhan objectClass: person objectClass: organizationalPerson objectClass: account objectClass: shadowAccount objectClass: top userPassword: {crypt}/-password- loginShell: /usr/bin/bash uidNumber: 1000 gidNumber: 1000 homeDirectory: /users/nvp
Net::LDAP can output an LDIF file for the data that you give it (from which you can use a tool such as ldapadd to add it to the directory) or add the record to the directory.
18.224.54.255