LDAP is a vendor-independent, open, network PROTOCOL standard and thus is as platform-independent as you can get. LDAP is supported by a lot of vendors (Netscape, Sun, Microsoft, Novell, IBM, ...)
Disclaimer: This page started on March 30, 1999. I am NO LDAP expert AT ALL ! I just got fed up with manually administering email lists of our few students.
Alias Country Locality Organization Organizational Unit Person
dn: uid=roiron,o=tecfa.unige.chNote: The relative dn is context dependent, e.g. uid for persons in the Netscape directory, cn for groupOfUniqueNames, etc.
Note: If you have a Netscape Server installed clicking on Directory-Server->Schema in the Admin Server or checking the Directory Administration Manual (in particular Appendix B-Attributes and Appendix A (Object Classes)
cn CommonName (in principle: givenname + SN) co Country (or sometimes c?) dc DomainComponent description Describes the Entry dn DistinguishedName (Owner) drink favorite drink of a Person employeeType fax facsimileTelephoneNumber givenname First Name homePhone homePostalAddress (each line must be separated with a $) keywords keywords for the entry. l Locality Name labeledURI URL that is relevant in some way to the entry mail Email mailAlternateAddress manager dn of the entry's manager member dn for each member of the group memberURL URL associated with each member of a group mobile entry's mobile or cellular phone number o Organization Name organizationalStatus person's role in an organization ou Organizational Unit Name personalTitle like Mr. postalAddress (each line must be separated with a $) roomNumber room number of an object sa Street Address secretary entry's secretary or administrative assistant seeAlso related information sn SurName st State or Province Name street entry's house number and street name telephonenumber title Job Title userClass Specifies a category of computer user userpasswordNote: The Netscape Directory Server may contain a lot of entries for their groupware applications (Calendar).
attribute OPERATOR valueOperators:
= equal >= bigger than (including alphabetic) <= =* all entries that have this attribute ~= aprroximate match & and, entries match ALL criteria | or, one of entries must match ! notExample:
(| (sn=roiron) (&ou=tecfa) (sn=muller)) .. returns all roiron + all muller that are members of tecfa
dn: o=tecfa.unige.ch objectclass: top objectclass: organization o: tecfa.unige.ch
dn: ou=tecfa,o=tecfa.unige.ch objectclass: top objectclass: organizationalUnit ou: tecfa description: TECFA
dn: uid=roiron,o=tecfa.unige.ch userpassword: .... objectclass: top objectclass: person objectclass: organizationalPerson objectclass: inetOrgPerson objectclass: nsCalUser givenname: Cyril sn: Roiron cn: Cyril Roiron uid: roiron mail: firstname.lastname@example.org title: Assistant telephonenumber: 9696
Filter Syntax (much simplified, see also RFC-1558):
ldap://SERVER/BASE_DN/?ATTRIBUTES?ITEMS?FILTER SERVER = ldap server URL BASE_DN = The Base DN ATTRIBUTES = What attributes to return for found entries ITEMS = How many (of the same) attributes to return FILTER = Entries must have these attribute value pairs
Some LDAP queries printing WHOLE entries