LDAP Data Interchange Format

How to configure Websphere for LDAP using Microsoft Active ...

src: i.ytimg.com

LDAP Data Interchange Formats ( LDIF ) is a standard plain text data exchange format to represent LDAP (Lightweight Directory Access Protocol) directory content and update requests. LDIF delivers directory content as a set of records, one note for each object (or entry). It also represents the update request, such as Add, Change, Delete, and Rename, as a set of records, one note for each update request.

LDIF was designed in the early 1990s by Tim Howes, Mark C. Smith, and Gordon Good while at the University of Michigan. LDIF was updated and extended in the late 1990s for use with Version 3 of LDAP. This LDIF version is called version 1 and is officially specified in RFC 2849, RFC IETF Standard Track. RFC 2849 was written by Gordon Good and published in June 2000. Currently the Proposed Standard.

A number of extensions for LDIF have been proposed over the years. One extension has been formally defined by the IETF and published. RFC 4525, written by Kurt Zeilenga, extends LDIF to support the LDAP-Changing Change extension. It is expected that additional extensions will be published by the IETF in the future.

Video LDAP Data Interchange Format

Content Record Format

Each content record is represented as a group of attributes, with separate notes from each other by a blank line. The individual attributes of a record are represented as single logic lines (represented as one or more physical lines through a folding-line mechanism), consisting of a "name: value" pair. Incorrect value data in a portable subset of ASCII characters is marked with '::' after the attribute name and encoded to ASCII using base64 encoding. The content recording format is part of the Internet Information Directory type.RFC 2425

Maps LDAP Data Interchange Format

Tools using LDIF

The OpenLDAP utility includes tools for exporting data from the LDAP server to the LDIF content record ( ldapsearch ), importing data from the LDIF content record to the LDAP server ( ldapadd ), and applying the LDIF record changes to the LDAP server ( ldapmodify ).

LDIF is one of the formats for importing and exporting address book data which is the address book in Netscape Communicator and in the Mozilla Application Suite support.

Microsoft Windows 2000 Server and Windows Server 2003 include an LDIF-based command-line tool named LDIFDE to import and export information in Active Directory.

JXplorer is a cross-platform open source java application that can browse and perform basic editing of LDIF files.

src: federationworkshopreinvent2016.s3-website-us-east-1.amazonaws.com

LDIF field

dn: honorable name; This refers to a name that uniquely identifies an entry in the directory.
dc: domain component; This refers to each component of the domain. For example www.google.com will be written as DC = www, DC = google, DC = com
ou: organizational unit; This refers to organizational units (or sometimes user groups) that are part of the user. If the user is part of more than one group, you can specify that, for example, OU = Attorney, OU = Judge.
cn: common name; This refers to an individual object (person's name, meeting room, prescription name, job title, etc.) for whom/you queried.

Step by Step OpenLDAP Server Configuration on RHEL7/Centos7

src: 3.bp.blogspot.com

Example LDIF

This is an example of a simple directory entry with multiple attributes, represented as a record in LDIF:

  Ã‚ dn: cn = The Postmaster, dc = example, dc = com  Ã‚ objectClass: organizationRole  Ã‚ cn: The Postmaster

This is an example of LDIF data that modifies some single-valued attributes for two different directory entries (this format is used by the Microsoft LDIFDE tool):

    Ã‚ dn: CN = John Smith, OU = Law, DC = example, DC = com  Ã‚ changetype: change  Ã‚ replace: employeeID  Ã‚ employeeID: 1234  Ã‚ -  Ã‚ replace: employeeNumber  EmployeeNumber: 98722  Ã‚ -  Ã‚ replace: extensionAttribute6  Ã‚ extensionAttribute6: JSmith98  Ã‚ -  Ã‚  Ã‚ dn: CN = Jane Smith, OU = Accounting, DC = example, DC = com  Ã‚ changetype: change  Ã‚ replace: employeeID  Ã‚ employeeID: 5678  Ã‚ -  Ã‚ replace: employeeNumber  EmployeeNumber: 76543  Ã‚ -  Ã‚ replace: extensionAttribute6  Ã‚ extensionAttribute6: JSmith14  Ã‚ -

Note: the "-" character between each attribute change is required. Note also that every directory entry ends with "-" followed by a blank line. "-" end is required by the Microsoft LDIFDE tool, but is not required by most ldif implementations.

This is an example of an LDIF file that adds a phone number to an existing user:

  Ã‚ dn: cn = Peter Michaels, ou = Artist, l = San Francisco, c = AS  Ã‚ changetype: change  Ã‚ add: telephonenumber  Ã‚ telephonenumber: 1 415 555 0002

An LDIF example containing the controls:

  Ã‚ version 1  Ã‚ dn: o = test, dc = example, dc = com  Kontrol control: 1.3.6.1.1.13.1 cn fake  Ã‚ changetype: add  Ã‚ objectClass: top  Ã‚ objectClass: organization  Ã‚ o: testing

Cisco Unified Communications SRND Based on Cisco Unified ...

src: www.cisco.com

RFCs

RFC 2849 - LDAP Data Interchange Format (LDIF) - Technical Specifications
RFC 4510 - Lightweight Directory Access Protocol (LDAP): Road Map Technical Specification
RFC 4525 - LDAP Upgrade-Enhancement Extension