Browse Prior Art Database

The LDAP Application Program Interface (RFC1823)

IP.com Disclosure Number: IPCOM000004081D
Original Publication Date: 1995-Aug-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 18 page(s) / 38K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

T. Howes: AUTHOR [+2]

Abstract

This document defines a C language application program interface to the lightweight directory access protocol (LDAP). The LDAP API is designed to be powerful, yet simple to use. It defines compatible synchronous and asynchronous interfaces to LDAP to suit a wide variety of applications. This document gives a brief overview of the LDAP model, then an overview of how the API is used by an application program to obtain LDAP information. The API calls are described in detail, followed by an appendix that provides some example code demonstrating the use of the API.

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 7% of the total text.

Network Working Group T. Howes

Request for Comments: 1823 M. Smith

Category: Informational University of Michigan

August 1995

The LDAP Application Program Interface

Status of this Memo

This memo provides information for the Internet community. This memo

does not specify an Internet standard of any kind. Distribution of

this memo is unlimited.

1. Introduction

This document defines a C language application program interface to

the lightweight directory access protocol (LDAP). The LDAP API is

designed to be powerful, yet simple to use. It defines compatible

synchronous and asynchronous interfaces to LDAP to suit a wide

variety of applications. This document gives a brief overview of the

LDAP model, then an overview of how the API is used by an application

program to obtain LDAP information. The API calls are described in

detail, followed by an appendix that provides some example code

demonstrating the use of the API.

2. Overview of the LDAP Model

LDAP is the lightweight directory access protocol, described in [2]

and [7]. It can provide a lightweight frontend to the X.500 directory

[1], or a stand-alone service. In either mode, LDAP is based on a

client-server model in which a client makes a TCP connection to an

LDAP server, over which it sends requests and receives responses.

The LDAP information model is based on the entry, which contains

information about some object (e.g., a person). Entries are composed

of attributes, which have a type and one or more values. Each

attribute has a syntax that determines what kinds of values are

allowed in the attribute (e.g., ASCII characters, a jpeg photograph,

etc.) and how those values behave during directory operations (e.g.,

is case significant during comparisons).

Entries are organized in a tree structure, usually based on

political, geographical, and organizational boundaries. Each entry is

uniquely named relative to its sibling entries by its relative

distinguished name (RDN) consisting of one or more distinguished

attribute values from the entry. At most one value from each

attribute may be used in the RDN. For example, the entry for the

person Babs Jensen might be named with the "Barbara Jensen" value

from the commonName attribute. A globally unique name for an entry,

called a distinguished name or DN, is constructed by concatenating

the sequence of RDNs from the root of the tree down to the entry. For

example, if Babs worke...