The OpenLDAPService allows you to develop applications that can access LDAP compliant directories.
LDAP (Lightweight Directory Access Protocol) is a protocol that is widely accepted as the industry standard for deploying directory based applications and solutions.
LDAP is typically used for look up directories (or databases). A classic example for LDAP use is to record employee contact data, such as an email address, within a large organization. The contact information is used primarily for heavy read access by numerous systems such as your email system.
Unique objects within an LDAP directory tree are referenced by what is known as their Distinguished Name (DN).
An object within a tree has a Relative Distinguished Name (RDN), which identifies the object relative to its parents.
A DN may be defined as a collection of RDNs that, when combined, uniquely identify the DN within the entire directory.
RDN's are generally of the form attribute=value. For example, attributes might be c (country), cn (common name), o (organization). The DN is constructed by combining the RDNs of the object with those of its parents. The DN of the root of the sample tree might be ou=Sales Team, o=LANSA, c=au (this uniquely defines the Sales Team and the company, LANSA, in Australia). The RDN of a member of the sales team is Terry Briggs (cn=Terry Briggs). This gives the DN, or the Distinguished Name, of the directory object that uniquely defines that Terry Briggs as a member of the sales team in LANSA Australia is cn=Terry Briggs, ou=Sales Team, o=LANSA, c=au.
LANSA's OpenLDAPService is designed to enable you to interface easily with LDAP directories from within your application. While the main purpose of LDAP directories is for read operations, there will be times when you will want to update, create or delete entries. The OpenLDAPService provides you with the facilities to do these, should you need to.
By using the OpenLDAPService, LANSA will handle all the interface requirements to the LDAP Server, saving you having to learn how to do so yourself. The service provides the following commands to enable you to perform the standard transactions that can be performed on an LDAP directory:
|
Get |
Perform a single record fetch on a DN in the directory |
|
Add |
Add a single record DN to the directory |
|
Modify |
Attribute values of a specific DN |
|
Delete |
Delete a DN record from the directory |
|
Search |
Search through multiple DN records in the directory. |
The OpenLDAPServer also provides the necessary commands to enable your application to BIND to and UNBIND from the server. The term BIND is an industry standard term that refers to the way applications connect to an LDAP server.
OpenLDAPService supports the following commands:
