> developer > dnu > courses > Web Services

LDAP Libraries for C on NetWare and Windows

Reader Rating    from ratings rate this article
View an eBook Version of this course - LARGE FILE! Send this page to a friend

LDAP Libraries for C on NetWare and Windows enables you to write applications to access, manage, update, and search for information stored in eDirectory and other LDAP-aware directories.

The LDAP libraries provide access to eDirectoryeDirectory based on the C LDAP API, which is based on the draft proposed to the IETF. Portions of the source for this component are also based on the Directory SDK (Version 2.0), which is available from OpenLDAP.org

LDAP Libraries for C

LDAP (Lightweight Directory Access Protocol) is becoming an Internet standard for accessing directory information, allowing LDAP-enabled applications to access multiple directories. LDAP v3 supports such features as secure connections (through SSL and SASL), entry management, schema management, and LDAP controls and extensions for expanding LDAP's functionality.

The LDAP Libraries for C kit enables you to write applications to access, manage, update, and search for information stored in eDirectory and other LDAP-aware directories.

Installation on Windows

During installation, your PATH variables are updated to include the following directories (default location is C:\Novell): 

   C:\Novell\ndk\cldapsdk\bin\win32 
   C:\Novell\ndk\cldapsdk\tools\win32

Installation on NetWare

From the installation location on your workstation, copy the following library files to the sys:\system directory:

   ldapsdk.nlm
   ldapssl.nlm
   ldapx.nlm
   sas.nlm

From the tools directory, copy the following files to the sys:\system directory:

   ice.cfg
   ice.nlm
   ldaphdlr.nlm
   ldif.nlm
   sal.nlm
   zone.nlm
   ladd.nlm
   ldelete.nlm
   lmodify.nlm
   lsearch.nlm
   lmodrdn.nlm

Documentation on Windows

We've enabled Start menu documentation entries. After you have installed the documentation, use the "NDK Documents" entry on your Start menu to quickly locate and access NDK documentation.

To read or print the documentation, you need Adobe Acrobat Reader, a free download from http://www.adobe.com.

The documents in this download were created as standalone files; therefore, links between files in this download and links to files in other downloads will not resolve.

The download includes the following files:

  • ldap_enu.pdf (LDAP and eDirectory)which is placed in the [install location]\doc\ldapover directory

  • ldaplibc.pdf (LDAP Libraries for C) which is placed in the [install location]\doc\cldap directory

  • dsov_enu.pdf and schm_enu.pdf which are placed in the [install location]\doc\ndslib directory

Supported Platforms

In this release, the libraries can be installed on the following platforms:

  • NetWare 5 with SP4 or higher

  • NetWare 5.1

  • Microsoft Windows NT Server 4.0 with SP 4 or higher

  • Microsoft Windows NT Client 4.0 with SP 3 or higher

  • Microsoft Windows 95, 98, and 2000

The NDK has Early Access versions of libraries (in separate downloads) for the following platforms:

  • Solaris 2.6, 2.7, and 2.8

  • Red Hat Linux 6.1 and 6.2

LDAP v2 and v3 Support

This version of the LDAP Libraries for C supports both LDAP v2 and LDAP v3. However, the LDAP v2 support is for backwards compatibility with existing applications. New applications should be written using the LDAP v3 functions.

Bind

eDirectory supports simple bind. However, for non-encrypted connections, the LDAP server must be configured to allow clear-text passwords. The LDAP Libraries for C kit includes SASL functions and bind functions that perform simple binds. For secure, encrypted connections to eDirectory, use the SSL functions with certificates.

SSL Support

SSL support is provided by a companion library, ldapssl.dll (for Windows) or ldapssl.nlm (for NetWare). This library provides functions for initializing SSL and creating LDAP session handles that are SSL enabled. An SSL-enabled session handle ensures that all data is encrypted between the client and the server.

Applications using SSL need to link with the ldapssl library and the client must have NICI 1.5.4 or higher installed. (See Section 2.0 Dependencies for more details.)

The LDAP Libraries for C kit does not currently support establishing SSL connections with Microsoft and IBM LDAP servers.

LDAP Controls

LDAP servers on eDirectory (NDS 8.x) and above support the following controls:

  • Server-Side Sort Control Request 1.2.840.113556.1.4.473

  • Server-Side Sort Control Reply 1.2.840.113556.1.4.474

  • Virtual List View Control Request 2.16.840.1.113730.3.4.9

  • Virtual List View Control Reply 2.16.840.1.113730.3.4.10

The LDAP Libraries for C kit supplies functions to help applications use these controls.

LDAP Extensions

eDirectory supports the following LDAP extensions for obtaining effective rights, managing replicas and partitions, and refreshing the LDAP server:

2.16.840.1.113719.1.27.100.1  ndsToLdapResponse
2.16.840.1.113719.1.27.100.2  ndsToLdapRequest
2.16.840.1.113719.1.27.100.3  createNamingContextRequest
2.16.840.1.113719.1.27.100.4  createNamingContextResponse
2.16.840.1.113719.1.27.100.5  mergeNamingContextRequest
2.16.840.1.113719.1.27.100.6  mergeNamingContextResponse
2.16.840.1.113719.1.27.100.7  addReplicaRequest
2.16.840.1.113719.1.27.100.8  addReplicaResponse
2.16.840.1.113719.1.27.100.9  refreshLDAPServerRequest
2.16.840.1.113719.1.27.100.10 refreshLDAPServerResponse
2.16.840.1.113719.1.27.100.11 removeReplicaRequest
2.16.840.1.113719.1.27.100.12 removeReplicaResponse
2.16.840.1.113719.1.27.100.13 namingContextEntryCountRequest
2.16.840.1.113719.1.27.100.14 namingContextEntryCountResponse
2.16.840.1.113719.1.27.100.15 changeReplicaTypeRequest
2.16.840.1.113719.1.27.100.16 changeReplicaTypeResponse
2.16.840.1.113719.1.27.100.17 getReplicaInfoRequest
2.16.840.1.113719.1.27.100.18 getReplicaInfoResponse
2.16.840.1.113719.1.27.100.19 listReplicaRequest
2.16.840.1.113719.1.27.100.20 listReplicaResponse
2.16.840.1.113719.1.27.100.21 receiveAllUpdatesRequest
2.16.840.1.113719.1.27.100.22 receiveAllUpdatesResponse
2.16.840.1.113719.1.27.100.23 sendAllUpdatesRequest
2.16.840.1.113719.1.27.100.24 sendAllUpdatesResponse
2.16.840.1.113719.1.27.100.25 requestNamingContextSyncRequest
2.16.840.1.113719.1.27.100.26 requestNamingContextSyncResponse
2.16.840.1.113719.1.27.100.27 requestSchemaSyncRequest
2.16.840.1.113719.1.27.100.28 requestSchemaSyncResponse
2.16.840.1.113719.1.27.100.29 abortNamingContextOperationRequest
2.16.840.1.113719.1.27.100.30 abortNamingContextOperationResponse
2.16.840.1.113719.1.27.100.31 getContextIdentityNameRequest
2.16.840.1.113719.1.27.100.32 getContextIdentityNameResponse
2.16.840.1.113719.1.27.100.33 getEffectivePrivilegesRequest
2.16.840.1.113719.1.27.100.34 getEffectivePrivilegesResponse
2.16.840.1.113719.1.142.100.1 startFramedProtocolRequest
2.16.840.1.113719.1.142.100.2 startFramedProtocolResponse
2.16.840.1.113719.1.142.100.4 endFramedProtocolRequest
2.16.840.1.113719.1.142.100.5 endFramedProtocolResponse
2.16.840.1.113719.1.142.100.6 lburpOperationRequest
2.16.840.1.113719.1.142.100.7 lburpOperationResponse

To use these extensions, the LDAP server must be running on eDirectory 8.5 or a higher version. To obtain a copy, see Novell's developer product site: http://developer.novell.com/edirectory/.

The LDAP Libraries for C kit includes functions to help applications use these extensions.

If you used an early beta version of eDirectory 8.5, be aware that the OIDs for the extensions changed for beta 5 and the final release.

LDAP Utilities

This release includes the command line version of the Novell Import Covert Export utility (ice.exe or ice.nlm). This utility performs all the functions of the legacy LDAP utilities. Novell recommends using this utility instead of the legacy LDAP utilities.

NetWare NLMs are limited to names with a maximum of 8 characters; therefore the NetWare platform requires shorter names for the LDAP utilities. They have been renamed as follows for the NetWare platform:

LDAP Utility NetWare Name
Ldapadd
ladd
Ldapdelete
ldelete
Ldapmodify
lmodify
Ldapsearch
lsearch
Ldapmodrdn
lmodrdn

These utilities are located in the tools directory. You need to either copy them to the system directory or include the directory in the PATH variable.

Dependencies

For full functionality, the LDAP Libraries for C kit is dependent upon the following:

  • SSL Connections on NetWare. NetWare requires SAS 1.40 or higher. The LDAP Libraries for C download includes SAS 1.40 in the package directory. NetWare also requires NICI 1.5.4 or higher. The latest version of NICI is available at http://www.novell.com/products/cryptography/.

  • SSL Connections on NT. The NT server requires NICI 1.3.1 or higher. The latest version of NICI is available at http://www.novell.com/products/cryptography/.

  • If your NT workstation is both your eDirectory server and your LDAP client, you will receive an error when you try to install the client NICI on the server. The already installed server NICI will work for the client.

  • SSL Connections on Windows. Windows clients require NICI 1.5.2 or higher. The latest version of NICI is available at http://www.novell.com/products/cryptography/.

  • LDAP Extensions. The LDAP extensions for partition and replica management, getting effective rights, and refreshing the LDAP server require eDirectory 8.5. To obtain a version, see eDirectory for ISVs and Developers at http://developer.novell.com/nds/edirectory.

  • LDAP Controls. The LDAP controls for server-side sorting and virtual list view require eDirectory (NDS 8) or higher.

  • The verpass.c Sample Code. This example requires the LDAP server in eDirectory 8.5. To obtain a version, see eDirectory for ISVs and Developers at http://developer.novell.com/nds/edirectory.


Previous blank Table of Contents blank Next