October 11, 2006
LDAP (Lightweight Directory Access Protocol) is an emerging Internet standard for accessing directory information, allowing LDAP-enabled applications to access multiple directories. LDAP v3 supports such features as secure connections (through SSL and SASL), entry management, schema management, and LDAP controls and extensions for expanding LDAP’s functionality.
The LDAP Libraries for C kit enables you to write applications to access, manage, update, and search for information stored in Novell eDirectory and other LDAP-aware directories.
LDAP Libraries for C is now available with the OpenSSL Libraries 0.9.8.
To read or print the documentation, you need Adobe Acrobat Reader, a free download from http://www.adobe.com.
The documents in this download were created as standalone files; therefore, links between files in this download and links to files in other downloads will not resolve.
The download includes the following files:
On Windows, installation creates an entry in the Start Menu named "NDK Documents". Use this entry to quickly locate and access NDK documentation.
The following sections details the platform-specific information.
The LDAP Libraries for C are supported on:
During installation, your PATH variable is updated to include the following directories (default location is C:\Novell):
The kit includes the following libraries:
The NMAS Client (nmas.dll,nmasmsg.dll)is not included in the SDK. Hence, the user has to download the latest version from developer.novell.com to use the nmas related functionalities with ldapsdk.
The following libraries are used by the Novell Import Convert Export Utility and are also included:
Additionally, several template files are included in the tools directory for use with the DirLoad data handler. These files can be used to generate any number of unique test objects to populate a directory. The tools directory contains 2 sub-directories - tables and templates.
The tables directory contains the files named cities, company, domain, first, initial, lastnames, titles, etc.
The templates directory contains the file named attrs.
The following sub-sections details about the CLDAP libraries for C for NetWare.
The NetWare libraries are supported on:
Two versions of the LDAP libraries are provided for NetWare. A Clib version and a LibC version. The installation process extracts the files and creates the following directories:
[install location]\cldapsdk\NetWare\Clib:
[install location]\cldapsdk\NetWare\LibC:
[install location]\samples:
[install location]\samples\cldap_sample:
The Clib library nlms are:
The LibC library nlms are:
Copy the desired set of nlm(s) to the sys:\system directory on the NetWare server.
The Novell Import Convert Export Utility (ICE) is also included with the LDAP SDK in the tools subdirectory. To use ICE, copy ice.nlm and ice.cfg to the sys:\system directory on the NetWare server.
Create a new directory called sys:\res and copy the following xlf files into this directory:
When developing NetWare Clib applications use the include files and import files in the NetWare\Clib subdirectory.
You will also need the following components Novell Developer Kit (NDK) components available at http:\\developer.novell.com.
When developing NetWare LibC applications use the include files and import files in the NetWare\LibC subdirectory.
The LibC version of the LDAP SDK exports the APIs using symbol prefixing.
The imports directory contains import files (*.imp) for linkers which directly support prefixing. The Metrowerks linker supports prefixing.
The Watcom linker doesn’t support prefixing so you must use the alias (*.ali) and import (*.wmp) files. Use the Watcom "ALIAS" and "IMPORT" directives. For example:
You will also need the following components Novell Developer Kit (NDK) components available at http:\\developer.novell.com
The SASL-GSSAPI functionality is not supported on NetWare.
The following sub-sections details about the CLDAP libraries for C for Solaris.
In this release, the Unix libraries are supported on
Extract the files to a directory on your Unix system. This process creates the following directories and populates with the files provided by the kit.
This directory contains the header files needed to built your client application.
This directory contains the following library files provided with the kit.
These library files were built with the platform’s native compiler.
The specific library files that you link depend on the type of application(s) you are building.
The following libraries are used by the Novell Import Convert Export Utility and are also included:
Additionally, several template files are included in the tools directory for use with the DirLoad data handler. These files can be used to generate any number of unique test objects to populate a directory. The tools directory contains 2 sub-directories - tables and templates.
The tables directory contains the files named cities, company, domain, first, initial, lastnames, titles, etc. The templates directory contains the file named attrs.
When running applications, add the following path to the LD_LIBRARY_PATH environment variable:
<install directory>/cldapsdk/lib
This directory contains sample programs demonstrating the use of LDAP APIs, and Novell LDAP extensions.
This directory contains the LDAP command-line tools.
This directory contains Novell Import Convert Export Utility (ICE) default configuration file, ice.conf.
This directory contains the following xlf files used by Novell Import Convert Export Utility.
This directory contains the LDAP command-line tools man pages.
To view the man pages, add the following path to the MANPATH environment variable :
<install directory>/cldapsdk/man
Set the following environment variables before running the Import Convert Export (ICE) utility.
The following sub-sections details about the CLDAP libraries for C for Linux.
The LDAP Libraries for C are supported on:
Extract the files to a directory on your Unix system. This process creates the following directories and populates with the files provided by the kit.
This directory contains the header files needed to built your client application.
This directory contains the following library files provided with the kit.
These library files were built with the platform’s native compiler.
The specific library files that you link depend on the type of application(s) you are building.
The following libraries are used by the Novell Import Convert Export Utility and are also included:
Additionally, several template files are included in the tools directory for use with the DirLoad data handler. These files can be used to generate any number of unique test objects to populate a directory. The tools directory contains 2 sub-directories - tables and templates.
The tables directory contains the files named cities, company, domain, first, initial, lastnames, titles, etc. The templates directory contains the file named attrs.
When running applications, add the following path to the LD_LIBRARY_PATH environment variable:
<install directory>/cldapsdk/lib
This directory contains the LDAP command-line tools.
This directory contains Novell Import Convert Export Utility (ICE) default configuration file, ice.conf.
This directory contains the following xlf files used by Novell Import Convert Export Utility.
This directory contains the LDAP command-line tools man pages.
To view the man pages, add the following path to the MANPATH environment variable :
<install directory>/cldapsdk/man
Set the following environment variables before running the Import Convert Export (ICE) utility.
The following sub-sections details the CLDAP libraries for C for AIX.
The LDAP Libraries for C have been tested on:
Extract the files to a directory on your Unix system. This process creates the following directories and populates with the files provided by the kit.
This directory contains the header files needed to built your client application.
This directory contains the following library files provided with the kit.
These library files were built with the platform’s native compiler. Use xlc to compile your applications.
The specific library files that you link depend on the type of application(s) you are building.
The following libraries are used by the Novell Import Convert Export Utility and are also included:
Additionally, several template files are included in the tools directory for use with the DirLoad data handler. These files can be used to generate any number of unique test objects to populate a directory. The tools directory contains 2 sub-directories - tables and templates.
The tables directory contains the files named cities, company, domain, first, initial, lastnames, titles, etc. The templates directory contains the file named attrs.
When running applications, add the following path to the LIBPATH and environment variable:
<install directory>/cldapsdk/lib
This directory contains sample programs demonstrating the use of LDAP APIs, and Novell LDAP extensions.
This directory contains the LDAP command-line tools.
This directory contains Novell Import Convert Export Utility (ICE) default configuration file, ice.conf.
This directory contains the following xlf files used by Novell Import Convert Export Utility.
This directory contains the LDAP command-line tools man pages.
To view the man pages, add the following path to the MANPATH environment variable :
<install directory>/cldapsdk/man
Set the following environment variables before running the Import Convert Export (ICE) utility.
The following sub-sections details the CLDAP libraries for C for HP-UX.
The LDAP Libraries for C have been tested on:
Extract the files to a directory on your Unix system. This process creates the following directories and populates with the files provided by the kit.
This directory contains the header files needed to built your client application.
This directory contains the following library files provided with the kit.
These library files were built with the platform’s native compiler.
The specific library files that you link depend on the type of application(s) you are building.
The following libraries are used by the Novell Import Convert Export Utility and are also included:
Additionally, several template files are included in the tools directory for use with the DirLoad data handler. These files can be used to generate any number of unique test objects to populate a directory. The tools directory contains 2 sub-directories - tables and templates.
The tables directory contains the files named cities, company, domain, first, initial, lastnames, titles, etc. The templates directory contains the file named attrs.
When running applications, add the following path to the SHLIB_PATH environment variable:
<install directory>/cldapsdk/lib
This directory contains sample programs demonstrating the use of LDAP APIs, and Novell LDAP extensions.
This directory contains the LDAP command-line tools.
This directory contains Novell Import Convert Export Utility (ICE) default configuration file, ice.conf.
This directory contains the following xlf files used by Novell Import Convert Export Utility.
This directory contains the LDAP command-line tools man pages.
To view the man pages, add the following path to the MANPATH environment variable :
<install directory>/cldapsdk/man
Set the following environment variables before running the Import Convert Export (ICE) utility.
A directory named "samples" contains dozens of complete sample programs demonstrating the use of most LDAP APIs.
The directory "samples\extensions" contains samples of Novell LDAP extensions. Novell’s eDirectory supports several LDAP extensions such as obtaining effective rights, managing replicas and partitions, and refreshing the LDAP server.
A directory named "samples" on Unix platforms and "samples\cldap_sample" on Windows/NetWare contains dozens of complete sample programs demonstrating the use of most LDAP APIs.
The directory "samples\cldap_sample\extensions" contains samples of Novell LDAP extensions. Novell’s eDirectory supports several LDAP extensions such as obtaining effective rights, managing replicas and partitions, and refreshing the LDAP server.
A simple batch file or makefile is also supplied in the samples directory to aid you in building samples or test programs. You must edit a few lines in the batch files to indicate the location of the LDAP SDK and the compiler in your environment.
bldw32.bat - For Win32 platforms, using the MSVC compiler
bldclib.bat - For NetWare platforms using CLIB, with the Metrowerks compiler.
Makefile - For Unix systems.
This version of the LDAP Libraries for C supports mainly LDAPv3. Since the consensus in the LDAP community is to encourage everyone to update to LDAPv3, Novell has not made a commitment to ensure that these libraries support LDAPv2 servers.
eDirectory supports simple bind. However, for non-encrypted connections, the LDAP server must be configured to allow clear-text passwords. The LDAP Libraries for C kit includes SASL functions and bind functions that perform simple binds.
For secure, encrypted connections to eDirectory, use the SSL connections with certificates.
SSL support is provided by a companion library (ldapssl or libldapssl). Applications using SSL need to link with this library. It provides functions for initializing SSL and creating LDAP session handles that are SSL enabled. An SSL-enabled session handle ensures that all data is encrypted between the client and the server.
This product uses OpenSSL Version 0.9.6k.
LDAP servers may support controls. Query the root DSE to get a list of supported controls. See the GetDSE.c sample for coding example.
The LDAP Libraries for C kit supplies functions to help applications use these controls.
SDK support for LDAP extensions are provided by a companion library (ldapx or libldapx). Applications using extensions need to link with this library.
eDirectory supports the following LDAP extensions for obtaining effective rights, managing replicas and partitions, and refreshing the LDAP server:
2.16.840.1.113719.1.27.100.1 Nds To Ldap Response
2.16.840.1.113719.1.27.100.2 Nds To Ldap Request
2.16.840.1.113719.1.27.100.3 Split Partition Request
2.16.840.1.113719.1.27.100.4 Split Partition Response
2.16.840.1.113719.1.27.100.5 Merge Partition Request
2.16.840.1.113719.1.27.100.6 Merge Partition Response
2.16.840.1.113719.1.27.100.7 Add Replica Request
2.16.840.1.113719.1.27.100.8 Add Replica Response
2.16.840.1.113719.1.27.100.9 Refresh Server Request
2.16.840.1.113719.1.27.100.10 Refresh Server Response
2.16.840.1.113719.1.27.100.11 Remove Replica Request
2.16.840.1.113719.1.27.100.12 Remove Replica Response
2.16.840.1.113719.1.27.100.13 Partition Entry Count Request
2.16.840.1.113719.1.27.100.14 Partition Entry Count Response
2.16.840.1.113719.1.27.100.15 Change Replica Type Request
2.16.840.1.113719.1.27.100.16 Change Replica Type Response
2.16.840.1.113719.1.27.100.17 Get Replica Info Request
2.16.840.1.113719.1.27.100.18 Get Replica Info Response
2.16.840.1.113719.1.27.100.19 List Replica Request
2.16.840.1.113719.1.27.100.20 List Replica Response
2.16.840.1.113719.1.27.100.21 Receive All Updates Request
2.16.840.1.113719.1.27.100.22 Receive All Updates Response
2.16.840.1.113719.1.27.100.23 Send All Updates Request
2.16.840.1.113719.1.27.100.24 Send All Updates Response
2.16.840.1.113719.1.27.100.25 Request Partition Sync Request
2.16.840.1.113719.1.27.100.26 Request Partition Sync Response
2.16.840.1.113719.1.27.100.27 Request Schema Sync Request
2.16.840.1.113719.1.27.100.28 Request Schema Sync Response
2.16.840.1.113719.1.27.100.29 Abort Partition Operation Request
2.16.840.1.113719.1.27.100.30 Abort Partition Operation Response
2.16.840.1.113719.1.27.100.31 Get Bind DN Request
2.16.840.1.113719.1.27.100.32 Get Bind DN Response
2.16.840.1.113719.1.27.100.33 Get Effective Privileges Request
2.16.840.1.113719.1.27.100.34 Get Effective Privileges Response
2.16.840.1.113719.1.27.100.35 Set Replication Filter Request
2.16.840.1.113719.1.27.100.36 Set Replication Filter Response
2.16.840.1.113719.1.27.100.37 Get Replication Filter Request
2.16.840.1.113719.1.27.100.38 Get Replication Filter Response
2.16.840.1.113719.1.27.100.39 Create Orphan Partition Request
2.16.840.1.113719.1.27.100.40 Create Orphan Partition Response
2.16.840.1.113719.1.27.100.41 Remove Orphan Partition Request
2.16.840.1.113719.1.27.100.42 Remove Orphan Partition Response
Extensions to trigger eDirectory background processes via ldap_trigger_back_process():
2.16.840.1.113719.1.27.100.43 Trigger Backlinker Request
2.16.840.1.113719.1.27.100.44 Trigger Backlinker Response
2.16.840.1.113719.1.27.100.47 Trigger Janitor Request
2.16.840.1.113719.1.27.100.48 Trigger Janitor Response
2.16.840.1.113719.1.27.100.49 Trigger Limber Request
2.16.840.1.113719.1.27.100.50 Trigger Limber Response
2.16.840.1.113719.1.27.100.51 Trigger Skulker Request
2.16.840.1.113719.1.27.100.52 Trigger Skulker Response
2.16.840.1.113719.1.27.100.53 Trigger Schema Synch Request
2.16.840.1.113719.1.27.100.54 Trigger Schema Synch Response
2.16.840.1.113719.1.27.100.55 Trigger Partition Purge Request
2.16.840.1.113719.1.27.100.56 Trigger Partition Purge Response
2.16.840.1.113719.1.27.100.79 Monitor Events Request
2.16.840.1.113719.1.27.100.80 Monitor Events Response
2.16.840.1.113719.1.27.100.81 Event Notification
The Novell Import Convert Export utility uses the following extensions. They are not general extensions designed for developer use but are designed to support the LDAP Bulk Update Replication Protocol (LBURP).
2.16.840.1.113719.1.142.100.1 Start Framed Protocol Request
2.16.840.1.113719.1.142.100.2 Start Framed Protocol Response
2.16.840.1.113719.1.142.100.4 End Framed Protocol Request
2.16.840.1.113719.1.142.100.5 End Framed Protocol Response
2.16.840.1.113719.1.142.100.6 Lburp Operation Request
2.16.840.1.113719.1.142.100.7 Lburp Operation Response
To use any Novell extensions, the LDAP server must be running on eDirectory version 8.5 or higher. To obtain a copy, see Novell’s developer product site:
http://www.novell.com/download/
The LDAP Libraries for C kit includes functions to help applications use these extensions.
If you used an early beta version of eDirectory 8.5, be aware that the OIDs for the extensions changed for beta 5 and the final release.
This release includes the command line version of the Novell Import Convert Export utility (ice, ice.exe, or ice.nlm). This utility performs all the functions of the legacy LDAP utilities. Novell recommends using this utility instead of the legacy LDAP utilities. Note that the Novell Import Convert Export utility will work on any LDAP v2 or v3 server. However, it will take advantage of the fast LBURP protocol with eDirectory 8.5 or higher.
NetWare NLMs are limited to names with a maximum of 8 characters; therefore the NetWare platform requires shorter names for the LDAP utilities. They have been renamed as follows for the NetWare platform:
LDAP Utility |
NetWare Name |
ldapadd |
ladd |
ldapdelete |
ldelete |
ldapmodify |
lmodify |
ldapsearch |
lsearch |
ldapmodrdn |
lmodrdn |
ndsindex |
nindex |
These utilities are located in the tools directory. You need to either copy them to the system directory or include the directory in the PATH variable.
The following sections details the prerequisites and procedure to build the LDAP libraries for C component on different platforms.
Source: Download the latest CLDAP source package from the Novell Forge site .
Unpack: To unpack the source package: create a directory anywhere in your work area, copy the source package into the directory, and unzip/untar. For example, D:\mywork\cldap
Read: We recommend you read the Copyright, License, Readme and Install documents provided in the package. The Copyright and License provide information on acceptable use, copying, and warranty limitations of the software.
Set the appropriate CodeWarrior compiler path and nmake.exe path in file settools-nw.bat in the root directory.
By default, the paths are set to LDAP_TOOLS=D:\cldap_tools and MAKE_TOOL=D:\cldap_tools\nmake\nmake.exe
Run the following command at the command prompt:
For full functionality, the LDAP Libraries for C kit is dependent upon the following:
OR
Portions of the source for the LDAP Libraries for C are based on the Directory SDK (Version 2.0) available from OpenLDAP.org. The following have contributed to the source code.
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).
The following sub-sections outlines all changes made to the LDAP Libraries for C SDK (in reverse chronological order):
Kerberos authentication through ldap_gssbind()on Windows is supported and is implemented using the SSPI interface.
Added the make.ini file in the sample code with the following note:
The makefiles for LDAP SDK and LDAP Extensions were released with the CLDAP SDK in the March 2006 NDK release. Novell supports the libraries that are available at the Novell NDK site (http://www.developer.novell.com/ndk/cldap.htm), and does not support any libraries built by using or modifying the published makefiles.
The following section gives the changes for the October 2005 NDK release.
The following section gives the changes for the June 2005 NDK release.
The following sections gives the changes for the October 2004 NDK release.
Most of the OS vendors provide GSSAPI libraries. Check their distribution or Website for these libraries.
Alternatively, other free implementations include Heimdal, MIT, and others.
Heimdal: http://www.pdc.kth.se/heimdal/
In this documentation, a greater-than symbol (>) is used to separate actions within a step and items in a cross-reference path.
A trademark symbol (® , TM, etc.) denotes a Novell trademark; an asterisk (*) denotes a third-party trademark.
Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classification to export, re-export or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. Please refer to www.novell.com/info/exports/ for more information on exporting Novell software. Novell assumes no responsibility for your failure to obtain any necessary export approvals.
Copyright © 2006 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher.
For Novell trademarks, see Novell Trademark and Service Mark list (http://www.novell.com/company/legal/trademarks/tmlist.html)
All third-party products are the property of their respective owners.