Designing LDAP

This chapter gives a brief description of what is involved to connect to an LDAP server and return a result. An assumption is made that you have a working LDAP server and that you are familiar with the LDAP language. For a detailed description of the supported commands please read the chapter External Commands Reference. The LDAP example library implements a functional interface for connecting to an LDAP server and searching and manipulating entries in an LDAP database.

Check the LDAP middle ware.

Before you can connect to your server you must make sure that your LDAP middle ware is functioning correctly. To do this you execute the LDAP AVAILABLE command.

LDAP AVAILABLE Returns #F

If flag true

    ;; LDAP is available

Else

    ;; LDAP is not available - Check the installation

End If

Example:

Connecting to an LDAP server.

Connecting to an LDAP server requires the execution of the two commands LDAP INIT and LDAP SIMPLE BIND S. LDAP INIT connects to the actual server using the given host name and port, and LDAP BIND SIMPLE S will establish your access rights using the given DN (Distinguished Name) and password.

When connecting to an LDAP version 3 compliant server you should tell the external to use UTF8 characters for communications using the LDAP USE UTF8 command.

The following example connects to a server and then disconnects using LDAP UNBIND S.

LDAP USE UTF8 (kTrue)

LDAP INIT (”10.0.0.2”,389) Returns CID

LDAP SIMPLE BIND S (CID,”cn=Manager,dc=brainydata,dc=com”,”Password”) Returns err

If not(err)

    ;; Connection test completed!

Else

    ;; Connection failed!

End If

LDAP UNBIND S (CID)

Example:

 

 

Searching an LDAP database

Searching an LDAP database and dissecting the result involves a series of commands. First you call LDAP SEARCH EXT S with a scope and a filter. Then you use LDAP FIRST ATTRIBUTE and LDAP NEXT ATTRIBUTE together with LDAP GET VALUES.

LDAP SEARCH EXT S (CID, ”dc=brainydata,dc=com”, “LDAP_SCOPE_BASE”, “(objectclass=*)”) Returns search_result

LDAP FIRST ENTRY (CID,search_result) Returns result_entry

While len(result_entry)

LDAP FIRST ATTRIBUTE (CID,result_entry,ber) Returns attribute

While len(attribute)

LDAP GET VALUES (CID,result_entry,attribute) Returns values

;; do something with the values

LDAP NEXT ATTRIBUTE (CID,result_entry,ber) Returns attribute

End While

LDAP FREE (ber)

LDAP NEXT ENTRY (CID,result_entry) Returns result_entry

End While

LDAP FREE (search_result)

Example:

 

The following example connects to a server and then disconnects using LDAP UNBIND S.

Searching MS Active Directory

The Omnis LDAP external is build against traditional LDAP client software. When connecting to a Microsoft Active Directory server some searches may not work correctly, in particular when searching root level directories using LDAP_SCOPE_ONELEVEL or LDAP_SCOPE_SUBTREE.

Connecting via the Global Catalog port 3268 usually resolves this issue. Please see the following Microsoft Technical article for full details http://technet.microsoft.com/en-gb/library/cc978012.aspx