Red Hat Linux 6.2: The Official Red Hat Linux Reference Guide | ||
---|---|---|
Prev | Chapter 8. Lightweight Directory Access Protocol (LDAP) | Next |
OpenLDAP configuration files are installed into the /etc/openldap directory. If you do an ls on /etc/openldap, you'll see something like:
$ ls ldap.conf ldapsearchprefs.conf slapd.at.conf slapd.oc.conf ldapfilter.conf ldaptemplates.conf slapd.conf $ |
The files you should know about are slapd.conf, slapd.at.conf and slapd.oc.conf. The slapd.conf file contains configuration information for the slapd daemon and for all of the database back-ends. You will need to make some changes to slapd.conf before you start the slapd daemon.
The slapd.at.conf file holds attribute syntax definitions for the LDAP directory. Attribute syntax definitions describe the type of information that the attribute provides. You have five choices:
bin -- binary information
ces -- case exact string (a string whose case matters)
cis -- case ignore string (a string whose case doesn't matter)
tel -- a telephone number (blank spaces and hyphens are ignored)
dn -- the distinguished name
For example, here are attribute syntax definitions from a typical slapd.at.conf:
attribute photo bin attribute personalsignature bin attribute jpegphoto bin attribute audio bin attribute labeledurl ces attribute ref ces attribute userpassword ces attribute telephonenumber tel |
Certain LDAP-enabled applications may require that you edit the slapd.at.conf file, usually to add particular attribute syntax definitions.
The slapd.oc.conf file includes the objectclass definitions for an LDAP directory. The objectclass definitions state which attributes are required and which attributes are optional for particular objectclasses.
The following excerpt from a typical slapd.oc.conf file contains the objectclass definitions for the top, alias, and referral objectclasses:
objectclass top requires objectClass objectclass alias requires aliasedObjectName, objectClass objectclass referral requires ref, objectClass |
You may need to edit the objectclass definitions in your slapd.oc.conf, depending upon how you're going to use your LDAP directory. For example, if you're creating an LDAP directory of employees for use in your organization, you'll probably have specific required attributes for certain objectclasses that might not be used outside the organization (e.g., an employee ID number internal to your organization might be a required attribute for an objectclass of "person").