![]() | |
Sun Java(TM) System Directory Server 5.2 2005Q1 ºÞ²z«ü«n |
²Ä 2 ³¹
ºÞ²z¥Ø¿ý¶µ¥Ø¥»³¹°Q½×¦p¦ó¨Ï¥ÎDirectory Server Console©M«ü¥O¦æ¤½¥Îµ{¦¡ºÞ²z±zªº¥Ø¿ý¤º®e¡C¨Ã¥B¤]´yz¦p¦ó¨Ï¥ÎÄÝ©Ê¥[±K¥\¯àÀx¦sÄÝ©Ê¡A¥H¤Î¦p¦ó¨Ï¥Î DSML ¦s¨ú±zªº¥Ø¿ý¡C¦b³W¹º¤@ӥؿý³¡¸p®É¡AÀ³¸Ó´yz¦Û¤vªº¥Ø¿ý©Òn¥]§tªº¸ê®ÆÃþ«¬¯S¼x¡C«Ø¥ß¶µ¥Ø¤Îקï¹w³]¼Ò¦¡«e¡A½Ð¥ý¾\Ū Directory Server Deployment Planning Guide ¤¤ªº¬ÛÃö³¹¸`¡C
¥»³¹°²³]±z¤wÁA¸Ñ¤F¤@¨Ç LDAP ¼Ò¦¡¤Î¨ä©w¸qªºª«¥óÃþ§O©MÄݩʪ¾ÃÑ¡C¦p»Ý Directory Server ©Ò´£¨Ñªº¼Ò¦¡¤Î©Ò¦³ª«¥óÃþ§O»PÄݩʪº©w¸q²¤¶¡A½Ð°Ñ¾\ Directory Server Administration Reference¡C¦¹¥~¡A±z¥²¶·©w¸q¾A·íªº¦s¨ú±±¨î«ü¥O (ACI) ¤~¯àקï±zªº¥Ø¿ý¡C¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\²Ä 6 ³¹¡uºÞ²z¦s¨ú±±¨î¡v¡C
¥»³¹¥]§t¤U¦C³¹¸`¡G
°t¸m¶µ¥ØDirectory Server ±N©Ò¦³ªº°t¸m¸ê°TÀx¦s¦b¤U¦CÀɮפº¡G
ServerRoot/slapd-serverID/config/dse.ldif
¦¹ÀɮרϥΠLDAP ¸ê®Æ¥æ´«®æ¦¡ (LDIF)¡CLDIF ¬O¶µ¥Ø¡BÄݩʤΨäȪº¤å¦rªí¥Ü¤è¦¡¡A¦Ó¥B¬O RFC2849 (http://www.ietf.org/rfc/rfc2849) ¤¤´yzªº¼Ð·Ç®æ¦¡¡Cdse.ldif Àɮפ¤ªº Directory Server °t¸mªº²Õ¦¨¦³¡G
Directory Server Åý©Ò¦³°t¸m³]©wȳ£¥i³z¹L LDAP ¶i¦æŪ¼g¡C¨Ì¹w³]È¡A¥Ø¿ýªº cn=config ¤À¤ä¥u¯à¥Ñ Administration Server ¤¤©w¸qªº¥Ø¿ýºÞ²zû (directory administrator) ¤Î¥Ø¿ýºÞ²zû (directory manager) ¦s¨ú¡C³o¨ÇºÞ²z¨Ï¥ÎªÌ¥i¥HÀ˵ø¤Îקï°t¸m¶µ¥Ø¡A´N¦p¦P¨ä¥L¥ô¦ó¥Ø¿ý¶µ¥Ø¤@¼Ë¡C
±zÀ³¸ÓÁקK¦b cn=config ¶µ¥Ø¤U«Ø¥ß¶µ¥Ø¡A¦]¬°³o¼Ëªº¶µ¥Ø·|Àx¦s¦b dse.ldif Àɮפº¡A¦Ó³oÓÀɮפ£¹³´¶³q¶µ¥Øªº¸ê®Æ®w¤@¼Ë¨ã¦³°ª«×½Õ¾ã©Ê¡C¦]¦¹¡A¦pªG¦³³\¦h¶µ¥Ø (¯S§O¬O¥i¯à»Ýn¸g±`§ó·sªº¶µ¥Ø) Àx¦s¦b cn=config ¤U¡A¥i¯à·|°§C®Ä¯à¡CµM¦Ó¡A±N¯S©wªº¨Ï¥ÎªÌ¶µ¥Ø¡A¨Ò¦p½Æ»sºÞ²zû (´£¨ÑªÌ³sµ² DN) ¶µ¥ØÀx¦s¦b cn=config ¤U¥i¯à«Ü¦³¥Î¡A¦]¬°³o¼Ë¥i¶°¤¤ºÞ²z°t¸m¸ê°T¡C
¨Ï¥Î¥D±±¥xקï°t¸m
«Øij±z¨Ï¥Î Directory Server Console ³Ì¤W¼hªº [°t¸m] ¼ÐÅÒ¨Óקï°t¸m¡C¦¹¼ÐÅÒªº±ªO»P¹ï¸Ü¤è¶ô´£¨Ñ¥H¤u§@¬°°ò¦ªº±±¨î¶µ¡A¥iÀ°§U±z§Ö³t¡B¦³®Ä²v¦a³]©w°t¸m¡C¦¹¥~¡A¥D±±¥x¤¶±·|¬°±zºÞ²z°t¸mªº½ÆÂø©Ê»P¬Û¤¬¨Ì¦s©Ê¡C
¦b¥»¤å¥ó¡u¨Ï¥Î¥D±±¥x...¡vµ{§Ç¤¤·|¥[¥H»¡©ú¥D±±¥xªº°t¸m¤¶±¡A³o¨Çµ{§Ç»¡©ú¦p¦ó¨Ï¥Î [°t¸m] ¼ÐÅÒªº±ªO»P¹ï¸Ü¤è¶ô§¹¦¨¯S©wªººÞ²z¤u§@¡C¤¶±¥»¨·|²M·¡«ü¥ÜÀx¦s°t¸mªº¤è¦¡¥H¤Î«·s±Ò°Ê¦øªA¾¹ÅýÅܧó¥Í®Äªº®É¾÷¡C
±q«ü¥O¦æקï°t¸m
¦]¬° cn=config ¾ðª¬¤l¥Ø¿ý¥i³z¹L LDAP ¦s¨ú¡A©Ò¥H¥i¥H¥Î ldapsearch¡Bldapmodify ©M ldapdelete «ü¥OÀ˵ø¤Îקï¦øªA¾¹°t¸m¡Ccn=config ¶µ¥Ø¤Î¨ä¤U©Ò¦³¶µ¥Ø³£¥i§Q¥Î±q«ü¥O¦æºÞ²z¶µ¥Ø¤¤»¡©úªºµ{§Ç»P LDIF ®æ¦¡¶i¦æקï¡C
¦ý¬O±z¥²¶·¤F¸Ñ³o¨Ç¶µ¥Øªº·N¸q¡B¨äÄݩʪº¥Î³~¥H¤Î¤¹³\ªºÈµ¥¡C¥»¤å¥óªº¡u±q«ü¥O¦æ...¡vµ{§Ç¤¤·|¸ÑÄÀ³o¨Ç«nªº¦Ò¼{¨Æ¶µ¡A¸Óµ{§Ç·|Á|¨Ò»¡©ú±z¥i¥H³]©wªº°t¸m¶µ¥Ø»PÄÝ©Ê¡C¦p»Ý©Ò¦³°t¸m¶µ¥Ø»PÄݩʪº§¹¾ã´yz¡A¥]¬A¤¹³\Ȫº½d³ò¡A½Ð°Ñ¾\ Directory Server Administration Reference¡C
¦]¦¹¡A±q¥D±±¥xקï°t¸m·|¤ñ±q«ü¥O¦æקï§ó¥[®e©ö¡C¦ý¬O¡A¦³¤Ö¼Æ°t¸m³]©wµLªk³z¹L¥D±±¥x¶i¦æ¡A¦]¦¹¥u´£¨Ñ«ü¥O¦æµ{§Ç¡C±z¤]¥i¥H¼¶¼g¨Ï¥Î«ü¥O¦æ¤u¨ãªº«ü¥OÀÉ¡A§Q¥Î«ü¥O¦æµ{§Ç±N°t¸m¤u§@¦Û°Ê¤Æ¡C
קï dse.ldif ÀÉ®×
dse.ldif ÀÉ®×¥]§t¦øªA¾¹±Ò°Ê©Î«·s±Ò°Ê®É±NŪ¨ú¤Î¨Ï¥Îªº°t¸m¡C³oÓÀɮתº LDIF ¤º®e¬O cn=config ¶µ¥Ø¤Î¨ä¾ðª¬¤l¥Ø¿ý¡C¥u¦³¦w¸Ë´Á¶¡©Ò©w¸qªº¨t²Î¨Ï¥ÎªÌ¥iŪ¼g¦¹ÀɮסC
ª½±µ½s¿è¦¹Àɮפº®e¨Óקï°t¸m¤ñ¸û®e©ö¥X¿ù¡A¦]¦¹¤£«Øij³oºØ§@ªk¡C±zÀ³¸Óª¾¹D¤U¦C¹B§@¤è¦¡¡G
- ¦b±Ò°Ê®É¥u·|Ū¨ú dse.ldif Àɮפ@¦¸¡C¤§«á¡A¦øªA¾¹°t¸m´N¥H°t¸m¶µ¥Ø¦b°O¾ÐÅ餤ªº LDAP ¼v¹³¬°·Ç¡C±N§R°£¦b°õ¦æ¦øªA¾¹®É¹ïÀɮתº×§ï¡C
- ¨Ï¥Î¥D±±¥x©Î±q«ü¥O¦æקï°t¸m·|Åܧó°t¸mªº LDAP ¼v¹³¡C¦³¨Ç¥Ø¿ý¥\¯à·|¦b©I¥s®ÉŪ¨ú¥Ø«eªº°t¸m¡A¦]¦¹¤£¥²«·s±Ò°Ê¦øªA¾¹¡C
- ¨C·í°t¸mªº LDAP ¼v¹³Åܧó®É¡A¦øªA¾¹´N·|¼g¤J dse.ldif ÀɮסC¦³¨Ç¥Ø¿ý¥\¯à¥u¦b¦øªA¾¹±Ò°Ê®ÉŪ¨ú¨ä°t¸m¡A¦Ó¼g¤JÀÉ®×¥i½T«OÅܧó·|¦s¦b¡C
¨Ï¥Î¥D±±¥xºÞ²z¶µ¥Ø±z¥i¥H¥Î Directory Server Console ¤Wªº [¥Ø¿ý] ¼ÐÅҤζµ¥Ø½s¿è¾¹¹ï¸Ü¤è¶ôÓ§O¥[¤J¡Bקï©Î§R°£¶µ¥Ø¡C¦pªGn¦P®É¾Þ§@´XÓ¶µ¥Ø¡A½Ð°Ñ¾\¨Ï¥Î¥D±±¥x°õ¦æ¤j¶q§@·~¡C
¦p»ÝÃö©ó±Ò°Ê Directory Server Console »PÂsÄý¨Ï¥ÎªÌ¤¶±ªº¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\¨Ï¥Î Directory Server Console¡C
«Ø¥ß¥Ø¿ý¶µ¥Ø
Directory Server Console ´£¨Ñ¼ÆÓ¥i«Ø¥ß¥Ø¿ý¶µ¥Øªº¦Ûq½d¥»¡C¨CÓ½d¥»¬O¯S©wÃþ«¬¤§ª«¥óÃþ§Oªº¦Ûq½s¿è¾¹¡Cªí 2-1 Åã¥Ü¨CÓ¦Ûq½s¿è¾¹©Ò¥Îªºª«¥óÃþ§O¡C
³o¨Ç¦Ûq½s¿è¾¹©Ò¥]§tªºÄæ¦ì¥Nªí©Ò¦³±j¨îÄÝ©Ê¡A¥H¤ÎÓ§Oª«¥óÃþ§O±`¥Îªº³¡¤À¿ï¥ÎÄÝ©Ê¡CYn¥Î³o¨Ç½d¥»«Ø¥ß¶µ¥Ø¡A½Ð¨Ì·Ó¨Ï¥Î¦Ûq½s¿è¾¹«Ø¥ß¶µ¥Ø¤¤ªº»¡©ú¶i¦æ¡CYn«Ø¥ß¥ô¦ó¨ä¥LÃþ«¬ªº¶µ¥Ø¡A½Ð°Ñ¾\«Ø¥ß¨ä¥LÃþ«¬ªº¶µ¥Ø¡C
¨Ï¥Î¦Ûq½s¿è¾¹«Ø¥ß¶µ¥Ø
- ¦b Directory Server Console ³Ì¤W¼hªº [¥Ø¿ý] ¼ÐÅÒ¤W¡A®i¶}¾ðª¬¥Ø¿ý¡A¥HÅã¥Ün§@¬°·s¶µ¥Ø¤÷¶µªº¶µ¥Ø¡C
- ¥H·Æ¹«¥kÁä«ö¤@¤U¤÷¶µ¡A¿ï¾Ü [·s¼W] ¥\¯àªí¶µ¥Ø¡A¦A±q¤l¥\¯àªí¤¤¿ï¾Ü¶µ¥ØÃþ«¬¡G¨Ï¥ÎªÌ¡B¸s²Õ¡B²Õ´³æ¦ì¡B¨¤¦â¡BªA°ÈÃþ§O¡B±K½Xµ¦²¤©Î°Ñ·Ó¡C©ÎªÌ¡A±z¥i¥H¦b¤÷¶µ¤W«ö¤@¤U·Æ¹«¥ªÁä¥H¿ï¾Ü¤÷¶µ¡A¦A ±q [ª«¥ó] > [·s¼W] ¥\¯àªí¤¤¿ï¾Ü¶µ¥ØÃþ«¬¡C¥X²{±z¿ï¾Ü¤§¶µ¥ØÃþ«¬ªº¦Ûq½s¿è¾¹¹ï¸Ü¤è¶ô¡C
¦Ûq½s¿è¾¹ªº¥ªÄ榳¤@³s¦êªº¼ÐÅÒ¡A¨CÓ¼ÐÅÒªºÄæ¦ì«hÅã¥Ü¦b¥kÃä¡C¨Ì¹w³]È¡A©Ò¦³¦Ûq½s¿è¾¹¶}±Ò®É·|¿ï¾Ü³Ì¤W¼hªº [¨Ï¥ÎªÌ] ©Î [¤@¯ë] ¼ÐÅÒ¡A¤W±¥]§t·s¶µ¥Øªº¦WºÙ©M»¡©úÄæ¦ì¡C
¨Ò¦p¡A¤U¹ÏÅã¥Ü¨Ï¥ÎªÌ¶µ¥Øªº¦Ûq½s¿è¾¹¡G
¹Ï 2-1 Directory Server Console - ¨Ï¥ÎªÌ¶µ¥Øªº¦Ûq½s¿è¾¹
- ¦b¦Ûq½s¿è¾¹ªºÄæ¦ì¤¤¬°±zn´£¨ÑªºÄÝ©Ê¿é¤JÈ¡C¤Z¬OÄæ¦ì¦WºÙ®Ç¦³¬P¸¹ (*) ªº±j¨îÄݩʳ£¥²¶·¿é¤JÈ¡F¨ä¥LÄæ¦ì«h¥i¥H«O¯dªÅ¥Õ¡C¦b¤¹³\¦h«ÈªºÄæ¦ì¤¤¡A±z¥i¥H«ö Return ¥H¤À¹j¼ÆÈ¡C
¦p»Ý¦U¶µ¥ØÃþ«¬ªº¦Ûq½s¿è¾¹¤¤¦³Ãö¯S©wÄæ¦ì¶i¤@¨Bªº¨ó§U¡A½Ð«ö¤@¤U [»¡©ú] «ö¶s¡C¦p»Ý [¨Ï¥ÎªÌ] »P [²Õ´³æ¦ì] ½s¿è¾¹¤W [»y¨¥] ¼ÐÅÒªº»¡©ú¡A½Ð°Ñ¾\³]©w»y¨¥¤ä´©ªºÄÝ©Ê¡C
¦p»Ý«Ø¥ß¸s²Õ¡B¨¤¦â¤ÎªA°ÈÃþ§O¶µ¥Øªº¶i¤@¨B»¡©ú¡A½Ð°Ñ¾\²Ä 5 ³¹¡uºÞ²z¨¥÷©M¨¤¦â¡v¡A¦p»Ý«Ø¥ß±K½Xµ¦²¤ªº»¡©ú¡A½Ð°Ñ¾\²Ä 7 ³¹¡uºÞ²z¨Ï¥ÎªÌ±b¤á©M±K½X¡v¡A¦p»Ý«Ø¥ß°Ñ·Óªº»¡©ú¡A½Ð°Ñ¾\³]©w°Ñ·Ó¡C
- «ö¤@¤U [½T©w] «Ø¥ß·sªº¶µ¥Ø¡A¨ÃÃö³¬¦Ûq½s¿è¾¹¹ï¸Ü¤è¶ô¡A·s¶µ¥Ø¥X²{¦b¾ðª¬¥Ø¿ý¤¤¡C
- ¦Ûq½s¿è¾¹¹ï¸Ü¤è¶ô¨Ã¤£·|¬°Ó§Oª«¥óÃþ§Oªº©Ò¦³¿ï¥ÎÄÝ©Ê´£¨ÑÄæ¦ì¡C¦pªG§Æ±æ¥[¤J¤£Åã¥Ü¦b¦Ûq½s¿è¾¹¤Wªº¿ï¥ÎÄÝ©Ê¡A½Ð¨Ì·Ó¥H¼Ð·Ç½s¿è¾¹×§ï¶µ¥Ø¤¤ªº»¡©ú¶i¦æ¡C
«Ø¥ß¨ä¥LÃþ«¬ªº¶µ¥Ø
½Ð¨Ì·Ó¥H¤U¨BÆJ¬°¥ô¦ó¤£¦bªí 2-1 ¤¤¦C¥Xªºª«¥óÃþ§O«Ø¥ß¶µ¥Ø¡C¦¹µ{§Ç¤]¥i¥Î¨Ó«Ø¥ß¥Ø¿ý¼Ò¦¡¤¤¤w©w¸q¤§¥ô¦ó¦Ûqª«¥óÃþ§Oªº¶µ¥Ø¡G
- ¦b Directory Server Console ³Ì¤W¼hªº [¥Ø¿ý] ¼ÐÅÒ¤W¡A®i¶}¾ðª¬¥Ø¿ý¡A¥HÅã¥Ün§@¬°·s¶µ¥Ø¤÷¶µªº¶µ¥Ø¡C
- ¥H·Æ¹«¥kÁä«ö¤@¤U¤÷¶µ¡A¦A±q¤l¥\¯àªí¤¤¿ï¾Ü [·s¼W] > [¨ä¥L] ¶µ¥Ø¡C©ÎªÌ¡A±z¥i¥H¦b¤÷¶µ¤W«ö¤@¤U·Æ¹«¥ªÁä¥H¿ï¾Ü¤÷¶µ¡A¦A¿ï¾Ü [ª«¥ó] > [·s¼W] > [¨ä¥L] ¥\¯àªí¶µ¥Ø¡C
¥X²{ [·s¼Wª«¥ó] ¹ï¸Ü¤è¶ô¡C
- ¦b [·s¼Wª«¥ó] ¹ï¸Ü¤è¶ôªºª«¥óÃþ§O²M³æ¤¤¡A¿ï¾Ü©w¸q·s¶µ¥Øªºª«¥óÃþ§O¡A¦A«ö¤@¤U [½T©w]¡C
¦pªG¿ï¾Ü¦C¦bªí 2-1¤¤ªºª«¥óÃþ§O¡A±NÅã¥Ü¹ïÀ³ªº¦Ûq½s¿è¾¹ (°Ñ¾\¨Ï¥Î¦Ûq½s¿è¾¹«Ø¥ß¶µ¥Ø)¡C¦b¨ä¥L±¡ªp¤¤¡A«h§¡Åã¥Ü¼Ð·Ç½s¿è¾¹¡C
- «Ø¥ß·s¶µ¥Ø®É¡A¼Ð·Ç½s¿è¾¹¤¤·|¬°±z¿ï¾Üªºª«¥óÃþ§O¤¤©Ò¦³¥²nªºÄݩʦU´£¨Ñ¤@ÓÄæ¦ì¡C©Ò¦³¥²nÄݩʳ£¥²¶·¿é¤JÈ¡C¦³¨ÇÄæ¦ì¦³¼Ð·Çªº¹w¯d¦ì¸mÈ¡A¨Ò¦p New¡A±zÀ³¸Ó¥Î¹ï±zªº¶µ¥Ø¦³·N¸qªºÈ¨ú¥N¹w¯d¦ì¸mÈ¡C
- Yn©w¸q©Ò¿ïª«¥óÃþ§O¤¹³\ªº¨ä¥LÄÝ©Ê¡A±z¥²¶·©ú½T¥[¤J¡CYn¬°¿ï¥ÎÄÝ©Ê¿é¤JÈ¡G
- «ö¤@¤U [¥[¤JÄÝ©Ê] «ö¶s¥HÅã¥Ü¤¹³\ªºÄݩʲM³æ¡C
- ±q [¥[¤JÄÝ©Ê] ¹ï¸Ü¤è¶ô¤¤¿ï¾Ü¤@©Î¦hÓÄÝ©Ê¡A¦A«ö¤@¤U [½T©w]¡C
- ¦b¼Ð·Ç½s¿è¾¹¤¤·sÄݩʦWºÙ®Ç¿é¤JÈ¡C
¦p»ÝÃö©ó¦¹¹ï¸Ü¤è¶ô¤¤¨ä¥L±±¨î¶µ¶i¤@¨Bªº¸Ô²Ó¸ê®Æ¡A½Ð°Ñ¾\¥H¼Ð·Ç½s¿è¾¹×§ï¶µ¥Ø¡C
- ¨Ì·Ó¹w³]¡A·|¿ï¾Ü¨ä¤¤¤@Ó¥²nÄݩʧ@¬°©R¦WÄÝ©Ê¡A¸Ó¥²nÄÝ©Ê·|¥X²{¦b¼Ð·Ç½s¿è¾¹¤¤©ÒÅã¥Üªº¶µ¥Ø DN ¤¤¡CYnÅܧó©R¦WÄÝ©Ê¡G
- ¦b¼Ð·Ç½s¿è¾¹¤¤«ö¤@¤U [½T©w]¡A¥HÀx¦s·s¶µ¥Ø¡C
·s¶µ¥Ø¦b¾ðª¬¥Ø¿ý¤¤Åã¥Ü¬°¤÷¶µªº¤l¶µ¡C
¥Î¦Ûq½s¿è¾¹×§ï¶µ¥Ø
¹ï©ó¦C¦bªí 2-1 ¤¤ªºª«¥óÃþ§O¡A±z¥i¥H¿ï¾Ü¨Ï¥Î¹ïÀ³ªº¦Ûq½s¿è¾¹©Î¼Ð·Ç½s¿è¾¹¨Ó½s¿è¶µ¥Ø¡C¨Ï¥Î¦Ûq½s¿è¾¹¡A¥i¥H«Ü®e©ö¦a¦s¨ú³Ì±`¥ÎªºÄæ¦ì¡A¦Ó¥B¤¶±·|À°§U±z¬°½ÆÂøªºÄÝ©Ê (¨Ò¦p¨¤¦â©ÎªA°ÈÃþ§O©w¸q¤¤ªºÄÝ©Ê) ©w¸qÈ¡C
¼Ð·Ç½s¿è¾¹¥iÅý±z¹ï¶µ¥Ø°õ¦æ¤ñ¸û¶i¶¥ªº§@·~¡A¨Ò¦p¥[¤Jª«¥óÃþ§O¡B¥[¤J¤¹³\ªºÄÝ©Ê¥H¤Î³B²z¦h«ÈÄݩʵ¥¡CYn¥H¼Ð·Ç½s¿è¾¹½s¿è¶µ¥Ø¡A½Ð°Ñ¾\¥H¼Ð·Ç½s¿è¾¹×§ï¶µ¥Ø¡C
³Æµù
¦Ûq½s¿è¾¹¥u¥i¥Î¨Ó½s¿è¦C¦bªí 2-1¤¤ªºª«¥óÃþ§O¡C¦Ü©ó¥]§t¨ä¥Lµ²ºcª«¥óÃþ§Oªº¶µ¥Ø (¨Ò¦p±q inetorgperson Ä~©Ó±o¨Óªº¦ÛqÃþ§O)¡A«h¥u¯à³z¹L¼Ð·Ç½s¿è¾¹¶i¦æ½s¿è¡C
Y¶µ¥Ø°£¤F¦C¥Üªºª«¥óÃþ§O¤§¥~ÁÙ¥]§t»²§Uª«¥óÃþ§O¡A«h¸Ó¶µ¥Ø¥i¥H¥Î¦Ûq½s¿è¾¹¶i¦æºÞ²z¡C¦ý¦Ûq½s¿è¾¹¤¤¤£Åã¥Ü»²§UÃþ§O©Ò©w¸qªº¥ô¦óÄÝ©Ê¡C¦p»Ý»²§Uª«¥óÃþ§Oªº©w¸q¡A½Ð°Ñ¾\ Directory Server Administration Reference¡C
©I¥s¦Ûq½s¿è¾¹
Yn½s¿èªí 2-1 ¤¤©Ò¦Cª«¥óÃþ§Oªº¶µ¥Ø¡G
- ¦b Directory Server Console ³Ì¤W¼hªº [¥Ø¿ý] ¼ÐÅÒ¤W¡A®i¶}¾ðª¬¥Ø¿ý¡A¥HÅã¥Ün½s¿èªº¶µ¥Ø¡C
- ³s«ö¨â¤U¶µ¥Ø¡C¦³´XÓ´À¥N°Ê§@¤]¥i¥H©I¥s¶µ¥Øªº¦Ûq½s¿è¾¹¡G
- ¥H·Æ¹«¥kÁä«ö¤@¤U¶µ¥Ø¡A¦A¿ï¾Ü [¥H¦Ûq½s¿è¾¹½s¿è] ¶µ¥Ø¡C
- ¥H·Æ¹«¥ªÁä«ö¤@¤U¥H¿ï¾Ü¶µ¥Ø¡A¦A¿ï¾Ü [ª«¥ó] > [¥H¦Ûq½s¿è¾¹½s¿è] ¥\¯àªí¶µ¥Ø¡C
- ¥H·Æ¹«¥ªÁä«ö¤@¤U¥H¿ï¾Ü¶µ¥Ø¡A¦A¨Ï¥ÎÁä½L§Ö³tÁä Control-P¡C
Åã¥Ü¶µ¥Øªºª«¥óÃþ§O©Ò¨Ï¥Îªº¦Ûq½s¿è¾¹¡C¨Ò¦p¡A¹Ï 2-1¤¤Åã¥Ü [¨Ï¥ÎªÌ] ¶µ¥Øªº¦Ûq½s¿è¾¹¡C
- ¨Ì¹w³]È¡A©Ò¦³¦Ûq½s¿è¾¹¶}±Ò®É·|¿ï¾Ü³Ì¤W¼hªº [¨Ï¥ÎªÌ] ©Î [¤@¯ë] ¼ÐÅÒ¡A¤W±¥]§t·s¶µ¥Øªº¦WºÙ©M»¡©úÄæ¦ì¡C°w¹ï±znק諸ÄÝ©Ê¡A¦b¦Ûq½s¿è¾¹ªºÄæ¦ì¤¤½s¿è©Î²¾°£È¡CÄæ¦ì¦WºÙ®Ç¥H¬P¸¹ (*) ¼Ð¥ÜªºÄÝ©ó±j¨îÄÝ©Ê¡A±z¥i¥Hקï¦ýµLªk²¾°£³oÃþÄݩʪºÈ¡C¨ä¥LÄæ¦ì«h¥i¥H«O¯dªÅ¥Õ¡C¦b¤¹³\¦h«ÈªºÄæ¦ì¤¤¡A±z¥i¥H«ö Return ¥H¤À¹j¼ÆÈ¡C
¿ï¨ú¥ªÄ椤ªº¨ä¥L¼ÐÅÒ¡A¥Hקï¹ïÀ³±ªO¤WªºÈ¡C¦p»Ý¦U¶µ¥ØÃþ«¬ªº¦Ûq½s¿è¾¹¤¤¦³Ãö¯S©wÄæ¦ì¶i¤@¨Bªº¨ó§U¡A½Ð«ö¤@¤U [»¡©ú] «ö¶s¡C
¦p»Ý [¨Ï¥ÎªÌ] »P [²Õ´³æ¦ì] ½s¿è¾¹¤W [»y¨¥] ¼ÐÅÒªº»¡©ú¡A½Ð°Ñ¾\³]©w»y¨¥¤ä´©ªºÄÝ©Ê¡C¦b²Ä 7 ³¹¡uºÞ²z¨Ï¥ÎªÌ±b¤á©M±K½X¡v¤¤»¡©ú¤F¨Ï¥ÎªÌ»P¸s²Õ¶µ¥Øªº [±b¤á] ¼ÐÅÒ¤Wªº¦UÄæ¦ì¡C¬°¡uDirectory Server ¦P¨B¤ÆªA°È¡v´£¨Ñ¤F [NT ¨Ï¥ÎªÌ] »P [Posix ¨Ï¥ÎªÌ] ¼ÐÅÒ¡A¦p»Ý¸Ô²Ó¸ê®Æ¡A½Ð¬¢¸ß Sun ¥Nªí¡C
¦p»Ýקï¸s²Õ¡B¨¤¦â¤ÎªA°ÈÃþ§O¶µ¥Øªº¶i¤@¨B»¡©ú¡A½Ð°Ñ¾\²Ä 5 ³¹¡uºÞ²z¨¥÷©M¨¤¦â¡v¡A¦p»Ýקï±K½Xµ¦²¤ªº»¡©ú¡A½Ð°Ñ¾\²Ä 7 ³¹¡uºÞ²z¨Ï¥ÎªÌ±b¤á©M±K½X¡v¡A¦p»Ýקï°Ñ·Óªº»¡©ú¡A½Ð°Ñ¾\³]©w°Ñ·Ó¡C
- «ö¤@¤U [½T©w] Àx¦s¶µ¥ØªºÅܧó¡A¨ÃÃö³¬¦Ûq½s¿è¾¹¹ï¸Ü¤è¶ô¡C¦pªGקï¤F©R¦WÄÝ©Ê (¨Ò¦p¨Ï¥ÎªÌ¶µ¥Øªº¤@¯ë¦WºÙ)¡A¾ðª¬¥Ø¿ý¤¤±N¤Ï¬M¸ÓÅܧó¡C
³]©w»y¨¥¤ä´©ªºÄÝ©Ê
¨Ï¥ÎªÌ»P²Õ´³æ¦ì¶µ¥Øªº¦Ûq½s¿è¾¹³£´£¨Ñ°ê»Ú¤Æ¥Ø¿ýªº»y¨¥¤ä´©¡C
- ¨Ì©I¥s¦Ûq½s¿è¾¹©Òz¶}±Ò±zªº¶µ¥Øªº¦Ûq½s¿è¾¹¡C
- «ö¤@¤U¥ªÄ椤ªº [»y¨¥] ¼ÐÅÒ¡C
- ¹ï©ó¨Ï¥ÎªÌ¶µ¥Ø¡A±z¥i¥H¥Î¤U©Ô¦¡²M³æ³]©w³ß¦nªº»y¨¥¡C
- ¹ï©ó¨Ï¥ÎªÌ»P²Õ´³æ¦ì¶µ¥Ø¡A±z¥i¥H¦b²M³æÅã¥Üªº¥ô¦ó»y¨¥ªº«ü©wÄæ¦ì¤¤¿é¤J·í¦a»y¨t¤ÆªºÈ¡C¿ï¾Ü»y¨¥¡AµM«á¥H¸Ó»y¨¥¿é¤J¤@©Î¦hÓÈ¡C©w¸q·í¦a»y¨t¤ÆȤ§«á¡A²M³æ¤¤ªº»y¨¥¦WºÙ·|¥H²ÊÅéÅã¥Ü¡C
¬Y¨Ç»y¨¥¤]¦³µoµÄæ¦ì¡A±z¥i¥H¦b¨ä¤¤¿é¤J·í¦a»y¨t¤ÆȪº»yµªí¥Üªk¡C
- «ö¤@¤U [½T©w] Àx¦s¶µ¥ØªºÅܧó¡A¨ÃÃö³¬¦Ûq½s¿è¾¹¹ï¸Ü¤è¶ô¡C
¥H¼Ð·Ç½s¿è¾¹×§ï¶µ¥Ø
¼Ð·Ç½s¿è¾¹¥i®Ú¾Úµn¤J¥D±±¥x©Ò¥Îªº³sµ² DN¡A¤¹³\±z¬d¬Ý¶µ¥Øªº©Ò¦³¥iŪ¨úÄÝ©Ê¡A¨Ã½s¿è¥i¼g¤JÄÝ©Ê¡C¥¦¥iÅý±z¥[¤J¨Ã²¾°£ÄÝ©Ê¡B³]©w¦h«ÈÄÝ©Ê¥H¤ÎºÞ²z¶µ¥Øªºª«¥óÃþ§O¡C¥[¤JÄݩʮɡA±z¥i¥H©w¸q¤G¶i¦ìÄÝ©Ê»P»y¨¥¤ä´©ªº¤lÃþ§O¡C
©I¥s¼Ð·Ç½s¿è¾¹
¬°¥Ø¿ý¤¤ªº¥ô¦ó¶µ¥Ø©I¥s¼Ð·Ç½s¿è¾¹
- ¦b Directory Server Console ³Ì¤W¼hªº [¥Ø¿ý] ¼ÐÅÒ¤W¡A®i¶}¾ðª¬¥Ø¿ý¡A¥HÅã¥Ün½s¿èªº¶µ¥Ø¡C
- ¥H·Æ¹«¥kÁä«ö¤@¤U¶µ¥Ø¡A¦A¿ï¾Ü [¥H¼Ð·Ç½s¿è¾¹½s¿è] ¶µ¥Ø¡C¦³´XÓ´À¥N°Ê§@¤]¥i¥H©I¥s¶µ¥Øªº¦Ûq½s¿è¾¹¡G
- ¥H·Æ¹«¥ªÁä«ö¤@¤U¥H¿ï¾Ü¶µ¥Ø¡A¦A¿ï¾Ü [ª«¥ó] > [¥Î¼Ð·Ç½s¿è¾¹½s¿è] ¥\¯àªí¶µ¥Ø¡C
- ¦pªG¶µ¥Ø¥¼¦C¦bªí 2-1 ¤¤¡A«h³s«ö¨â¤U¶µ¥Ø¡C¨Ì¹w³]È¡A¨S¦³¦Ûq½s¿è¾¹ªºª«¥óÃþ§O·|¨Ï¥Î¼Ð·Ç½s¿è¾¹¡C
Åã¥Ü¦p¤U¹Ï©Ò¥Üªº¼Ð·Ç½s¿è¾¹¡C
¹Ï 2-2 ¥Ø¿ý¦øªA¾¹¥D±±¥x - ¼Ð·Ç½s¿è¾¹
¦b¼Ð·Ç½s¿è¾¹¤¤¡A¶µ¥ØªºÄݩʨ̦r¥À¶¶§Ç±Æ¦C¡A¦Ó¥B¨CÓÄÝ©Êȧ¡¦U¦³¤@Ó¤å¦r¤è¶ô¡C©Ò¦³ÄÝ©Ê¡A¥]¬A°ßŪ»P§@·~Äݩʳ£·|Åã¥Ü¥X¨Ó¡C¥kÃ䪺±±¨î¶µ¥iÅý±zקï½s¿è¾¹¤¤ªºÅã¥Ü¡A¥H¤Î½s¿èÄݩʲM³æ¡C
- ©ÎªÌ¡A±z¥i¥H¥Î [À˵ø] ¤è¶ô¤¤ªº±±¨î¶µ×§ï¼Ð·Ç½s¿è¾¹ªºÅã¥Ü¡G
- ¿ï¾Ü [Åã¥ÜÄݩʦWºÙ] ¿ï¶µ¥HÀ˵øÄݩʳ̪ì¦b¼Ò¦¡¤¤©w¸qªº¦WºÙ¡CÄݩʲM³æ±N«·s±Æ¦C¡A¥H¨Ì¦WºÙ¦r¥À¶¶§Ç±Æ¦C¡C
- ¿ï¾Ü [Åã¥ÜÄÝ©Ê´yz] ¿ï¶µ±NÄݩʨ̴À¥N¦WºÙ±Æ¦C (¦pªG´¿¦b¼Ò¦¡¤¤©w¸q´À¥N¦WºÙ)¡C´À¥N¦WºÙ³q±`¥i¥H§ó²M·¡¦a´yzÄÝ©Ê¡CÄݩʲM³æ±N«·s±Æ¦C¡A¥H¨Ì·Ó´yz¦r¥À¶¶§Ç±Æ¦C¡C
- ¨ú®ø¿ï¨ú [¶ÈÅã¥Ü§tȪºÄÝ©Ê] ®Ö¨ú¤è¶ô¥i¦C¥X¶µ¥Øªºª«¥óÃþ§O¤¤¥Ñ¼Ò¦¡©ú½T¤¹³\ªº©Ò¦³ÄÝ©Ê¡C¦pªG¶µ¥Ø¥]§t extensibleObject ª«¥óÃþ§O¡A©Ò¦³Äݩʳ£¬OÁô§t¤¹³\ªº¡A¦ý¤£·|¦C¥X¨Ó¡C¹w³]ª¬ªp¤U¥uÅã¥Ü¦³©w¸qȪºÄÝ©Ê¡C
- ¿ï¾Ü©Î¨ú®ø¿ï¨ú [Åã¥Ü DN] ®Ö¨ú¤è¶ô¡A¥H¤Á´«¬O§_¦bÄݩʲM³æ¤UÅã¥Ü¶µ¥Øªº¿ë§O¦WºÙ¡C
- [«·s¾ã²z] «ö¶s±N¦s¨ú¦øªA¾¹¡A¥H®Ú¾Ú¶µ¥Ø¥Ø«eªº¤º®e§ó·s©Ò¦³ÄݩʪºÈ¡C
¤U¦C¦U¸`´yz³]©wÄÝ©ÊÈ¡BºÞ²zª«¥óÃþ§O¤ÎÅܧ󶵥ةR¦WÄݩʪº±±¨î¤è¦¡¡C
קïÄÝ©ÊÈ
קïÄÝ©ÊÈ
- ¨Ì©I¥s¼Ð·Ç½s¿è¾¹©Òz¶}±Ò¼Ð·Ç½s¿è¾¹¡C
- ±²°ÊÄݩʲM³æ¡A¨Ã«ö¤@¤Unק諸ȡC
¿ï¨úªºÄÝ©Ê·|¤Ï¥ÕÅã¥Ü¡A¦Ó¥B¦b¥]§t¿ï¨úȪº¤å¦rÄæ¦ì¤º·|¥X²{½s¿è´å¼Ð¡C
- ¨Ï¥Î·Æ¹«»PÁä½L±N¤å¦r½s¿è¦¨©ÒnªºÈ¡C±z¥i¥H¥Î¨t²Î°Å¶Kï¦b¦¹Äæ¦ì¤¤½Æ»s¡B°Å¤U¤Î¶K¤W¤å¦r¡C
¦pªGµLªk½s¿è¤å¦rÄæ¦ìªº¤º®e¡Aªí¥ÜÄݩʬO°ßŪªº¡A©Î±z¨S¦³×§ïÄݩʪº¼g¤JÅv¡C
- ½s¿è¨ä¥L¥ô¦óÈ¡A©Î¨Ì»Ýn¹ï¦¹¶µ¥Ø°õ¦æ¨ä¥Lקï¡A¦A«ö¤@¤U [½T©w] Àx¦sÅܧó¡A¨ÃÃö³¬¼Ð·Ç½s¿è¾¹¡C
½s¿è¦h«ÈÄÝ©Ê
YÄݩʦb¥Ø¿ý¼Ò¦¡¤¤©w¸q¬°¦h«È¡A«h¸ÓÄݩʦb¼Ð·Ç½s¿è¾¹¤¤¥i¥H¦³¦hÓÄæ¦ì¡C¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\²Ä 9 ³¹¡u©µ¦ù¥Ø¿ý¼Ò¦¡¡v¡C
Yn¬°¦h«ÈÄÝ©Ê¥[¤J·sÈ¡G
- ¨Ì©I¥s¼Ð·Ç½s¿è¾¹©Òz¶}±Ò¼Ð·Ç½s¿è¾¹¡C
- ±²°ÊÄݩʲM³æ¡A¨Ã«ö¤@¤UÄݩʩΨ䤤¤@ÓÈ¡C¿ï¨úªºÄÝ©Ê·|¤Ï¥ÕÅã¥Ü¡A¨Ã±Ò°Ê [¥[¤JÈ] «ö¶s¡C¦pªG¥¼±Ò°Ê¦¹«ö¶s¡Aªí¥Ü¿ï¨úªºÄݩʤ£¬O©w¸q¬°¦h«È¡A©ÎÄݩʬO°ßŪªº¡A©Î¬O±z¨S¦³×§ïÄݩʪº¼g¤JÅv¡C
- «ö¤@¤U [¥[¤JÈ] «ö¶s¡C²M³æ¤¤ÄݩʦWºÙ®Ç¥X²{·sªºªÅ¥Õ¤å¦rÄæ¦ì¡C
- ¦b·sªº¤å¦rÄæ¦ì¤¤¿é¤J¦¹Äݩʪº·sÈ¡C±z¥i¥H¥Î¨t²Î°Å¶Kï¦b¦¹Äæ¦ì¤¤½Æ»s¡B°Å¤U¤Î¶K¤W¤å¦r¡C
- ½s¿è¨ä¥L¥ô¦óÈ¡A©Î¨Ì»Ýn¹ï¦¹¶µ¥Ø°õ¦æ¨ä¥Lקï¡A¦A«ö¤@¤U [½T©w] Àx¦sÅܧó¡A¨ÃÃö³¬¼Ð·Ç½s¿è¾¹¡C
Yn²¾°£¦h«ÈÄݩʪºÈ¡G
- ¨Ì©I¥s¼Ð·Ç½s¿è¾¹©Òz¶}±Ò¼Ð·Ç½s¿è¾¹¡C
- ±²°ÊÄݩʲM³æ¡A¨Ã«ö¤@¤Un²¾°£ªº¯S©wÈ¡C¿ï¨úªºÄÝ©Ê·|¤Ï¥ÕÅã¥Ü¡A¨Ã±Ò°Ê [§R°£È] «ö¶s¡C¦pªG¥¼±Ò°Ê¦¹«ö¶s¡Aªí¥Ü¿ï¨úªºÄݩʬO°ßŪªº¡A©Î±z¨S¦³×§ïÄݩʪº¼g¤JÅv¡C
- «ö¤@¤U [§R°£È] «ö¶s¡C´N·|²¾°£¥]§t¿ï¨úȪº¤å¦rÄæ¦ì¡C
- ½s¿è¨ä¥L¥ô¦óÈ¡A©Î¨Ì»Ýn¹ï¦¹¶µ¥Ø°õ¦æ¨ä¥Lקï¡A¦A«ö¤@¤U [½T©w] Àx¦sÅܧó¡A¨ÃÃö³¬¼Ð·Ç½s¿è¾¹¡C
¥[¤JÄÝ©Ê
¦b±z¥i±NÄÝ©Ê¥[¤J¶µ¥Ø¤¤¤§«e¡A¸Ó¶µ¥Ø¥²¶·¤w¸g¥]§t»Ýn©Î¤¹³\Äݩʪºª«¥óÃþ§O¡C¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ºÞ²zª«¥óÃþ§O»P²Ä 9 ³¹¡u©µ¦ù¥Ø¿ý¼Ò¦¡¡v¡C
Yn±NÄÝ©Ê¥[¤J¶µ¥Ø¤¤¡G
- ¨Ì©I¥s¼Ð·Ç½s¿è¾¹©Òz¶}±Ò¼Ð·Ç½s¿è¾¹¡C
- ½T©w¤w®Ö¨ú [¶ÈÅã¥Ü§tȪºÄÝ©Ê] ¿ï¶µ¡C
- «ö¤@¤U [¥[¤JÄÝ©Ê] «ö¶s¥HÅã¥Ü¥]§tÄݩʲM³æªº¹ï¸Ü¤è¶ô¡C¦¹²M³æ¥u¥]§t°w¹ï¶µ¥Ø©Ò©w¸q¤§ª«¥óÃþ§O¤¹³\ªºÄÝ©Ê¡C
- ¦b [¥[¤JÄÝ©Ê] ¹ï¸Ü¤è¶ô¤¤¿ï¾Ün¥[¤Jªº¤@©Î¦hÓÄÝ©Ê¡C
- ©ÎªÌ¡A±z¥i¥H±q¹ï¸Ü¤è¶ô¤W¤èªº¤U©Ô¦¡²M³æ¤¤¿ï¾Ü¤U¦C¨âÓ¤lÃþ«¬©Î¨ä¤¤¤§¤@¡G
- ¿ï¾ÜÄݩʤΨä¿ï¥Î¤lÃþ«¬«á«ö¤@¤U [½T©w]¡CÄÝ©Ê·|¨Ì¦r¥À¶¶§Ç¥[¤J¼Ð·Ç½s¿è¾¹ªº²M³æ¤¤¡C
- ¦b·sÄݩʦWºÙ®ÇªºªÅ¥Õ¤å¦rÄæ¦ì¤¤¿é¤J¦¹Äݩʪº·sÈ¡C±z¥i¥H¥Î¨t²Î°Å¶Kï¦b¦¹Äæ¦ì¤¤½Æ»s¡B°Å¤U¤Î¶K¤W¤å¦r¡C
- ½s¿è¨ä¥L¥ô¦óÈ¡A©Î¨Ì»Ýn¹ï¦¹¶µ¥Ø°õ¦æ¨ä¥Lקï¡A¦A«ö¤@¤U [½T©w] Àx¦sÅܧó¡A¨ÃÃö³¬¼Ð·Ç½s¿è¾¹¡C
²¾°£ÄÝ©Ê
Yn±q¶µ¥Ø¤¤²¾°£ÄݩʤΨä©Ò¦³È¡G
- ¨Ì©I¥s¼Ð·Ç½s¿è¾¹©Òz¶}±Ò¼Ð·Ç½s¿è¾¹¡C
- ±²°ÊÄݩʲM³æ¡A¨Ã«ö¤@¤Un²¾°£ªºÄݩʦWºÙ¡C¿ï¨úªºÄÝ©Ê·|¤Ï¥ÕÅã¥Ü¡A¨Ã±Ò°Ê [§R°£ÄÝ©Ê] «ö¶s¡C¦pªG¥¼±Ò°Ê¦¹«ö¶s¡Aªí¥Ü¿ï¨úªºÄݩʬO°ßŪªº¡A©Î±z¨S¦³×§ïÄݩʪº¼g¤JÅv¡C
³Æµù
¼Ð·Ç½s¿è¾¹¤¹³\±z²¾°£¥i¬°¦¹ÄÝ©Ê©w¸q¤§ª«¥óÃþ§O©Ò»ÝªºÄÝ©Ê¡C¦pªG¹Á¸ÕÀx¦s¨S¦³¥²nÄݩʪº¶µ¥Ø¡A¦øªA¾¹±N¦^À³ª«¥óÃþ§O¹H³W¡C½Ð½T»{±zªº¶µ¥Ø¥]§t¥¦©w¸q¤§©Ò¦³ª«¥óÃþ§Oªº¥²nÄÝ©Ê¡C
- «ö¤@¤U [§R°£ÄÝ©Ê] «ö¶s¡C´N·|²¾°£ÄݩʤΨä©Ò¦³¤å¦rÄæ¦ìÈ¡C
- ½s¿è¨ä¥L¥ô¦óÈ¡A©Î¨Ì»Ýn¹ï¦¹¶µ¥Ø°õ¦æ¨ä¥Lקï¡A¦A«ö¤@¤U [½T©w] Àx¦sÅܧó¡A¨ÃÃö³¬¼Ð·Ç½s¿è¾¹¡C
ºÞ²zª«¥óÃþ§O
¶µ¥Øªºª«¥óÃþ§O¬O¥Ñ¦h«Èªº objectclass ÄÝ©Ê©Ò©w¸q¡Cק惡ÄݩʮɡA¼Ð·Ç½s¿è¾¹·|´£¨Ñ¯S®íªº¹ï¸Ü¤è¶ô¡AÀ°§U±zºÞ²z©w¸qªºª«¥óÃþ§O¡C
Yn¬°¶µ¥Ø¥[¤Jª«¥óÃþ§O¡G
- ¨Ì©I¥s¼Ð·Ç½s¿è¾¹©Òz¶}±Ò¼Ð·Ç½s¿è¾¹¡C
- ±²°ÊÄݩʲM³æ¡A¨Ã¿ï¾Ü objectclass ÄÝ©Ê¡C´N·|±Ò°Ê [¥[¤JÈ] «ö¶s¡C¦pªG¥¼±Ò°Ê¦¹«ö¶s¡Aªí¥Ü±z¨S¦³Åv¡AµLªkק惡¶µ¥Øªºª«¥óÃþ§O¡C
- «ö¤@¤U [¥[¤JÈ] «ö¶s¡C
¥X²{ [¥[¤Jª«¥óÃþ§O] ¹ï¸Ü¤è¶ô¡C¦¹µøµ¡Åã¥Ü±z¥i¥[¤J¶µ¥Ø¤¤ªºª«¥óÃþ§O²M³æ¡C
- ½Ð¿ï¾Ü±z·Qn¥[¤J¦¹¶µ¥Ø¤¤ªº¤@©Î¦hÓª«¥óÃþ§O¡A¦A«ö¤@¤U [½T©w]¡C±z©Ò¿ï¨úªºª«¥óÃþ§O§YÅã¥Ü¦b objectclass ÄÝ©ÊȲM³æ¤¤¡C
- ¦pªG·sª«¥óÃþ§O¾Ö¦³ÁÙ¤£¦s¦b¶µ¥Ø¤¤ªº¥²nÄÝ©Ê¡A¼Ð·Ç½s¿è¾¹±N¦Û°ÊÀ°±z¥[¤J¡C±z¥²¶·¬°©Ò¦³¥²nÄÝ©Ê´£¨ÑÈ¡C
- ½s¿è¨ä¥L¥ô¦óÈ¡A©Î¨Ì»Ýn¹ï¦¹¶µ¥Ø°õ¦æ¨ä¥Lקï¡A¦A«ö¤@¤U [½T©w] Àx¦sÅܧó¡A¨ÃÃö³¬¼Ð·Ç½s¿è¾¹¡C
Yn±q¶µ¥Ø¤¤²¾°£ª«¥óÃþ§O¡G
- ¨Ì©I¥s¼Ð·Ç½s¿è¾¹©Òz¶}±Ò¼Ð·Ç½s¿è¾¹¡C
- ±²°ÊÄݩʲM³æ¡A¨Ã«ö¤@¤Un²¾°£¤§ objectclass Äݩʪº¯S©wÈ¡C¦pªG¼Ò¦¡¤¹³\²¾°£¿ï¨úªºª«¥óÃþ§O¡A¦Ó¥B±z¦³Åv¥iק惡¶µ¥Øªºª«¥óÃþ§O¡A´N·|±Ò°Ê [§R°£È] «ö¶s¡C
- «ö¤@¤U [§R°£È] «ö¶s¡C´N·|²¾°£¯S©wªºª«¥óÃþ§O¡C
·í±z²¾°£ª«¥óÃþ§O®É¡A¼Ð·Ç½s¿è¾¹±N¦Û°Ê²¾°£¨ä¾lª«¥óÃþ§O¤£¤¹³\©Î¥²nªº¥ô¦óÄÝ©Ê¡C¦pªG²¾°£©R¦WÄݩʤ§¤@¡A±N¦Û°Ê¿ï¾Ü¥t¤@Ó©R¦WÄÝ©Ê¡A¦Ó¥B¥D±±¥x±N³qª¾±z½T»{¦¹Åܧó¡C
- ½s¿è¨ä¥L¥ô¦óÈ¡A©Î¨Ì»Ýn¹ï¦¹¶µ¥Ø°õ¦æ¨ä¥Lקï¡A¦A«ö¤@¤U [½T©w] Àx¦sÅܧó¡A¨ÃÃö³¬¼Ð·Ç½s¿è¾¹¡C
§R°£¥Ø¿ý¶µ¥Ø
Yn¨Ï¥Î Directory Server Console ¨Ó§R°£¶µ¥Ø¡G
- ¦b Directory Server Console ³Ì¤W¼hªº [¥Ø¿ý] ¼ÐÅÒ¤W¡A®i¶}¾ðª¬¥Ø¿ý¡A¥HÅã¥Ün²¾°£ªº¶µ¥Ø¡C
±z¤]¥i¥H¿ï¾Ü¾ðª¬¤l¥Ø¿ýªº®Ú¸`ÂI¡A¥H§R°£¥Ø¿ýªº¾ãÓ¤À¤ä¡C
- ¥H·Æ¹«¥kÁä«ö¤@¤U¶µ¥Ø¡A¦A¿ï¾Ü [§R°£] ¶µ¥Ø¡C¼ÆÓ´À¥N°Ê§@¤]·|§R°£¶µ¥Ø¡G
- ¥H·Æ¹«¥ªÁä«ö¤@¤U¥H¿ï¾Ü¶µ¥Ø¡A¦A¿ï¾Ü [½s¿è] > [§R°£] ¥\¯àªí¶µ¥Ø¡C¦pªGn±N¦¹¶µ¥Ø¶K¨ì¥Ø¿ýªº¨ä¥L¦ì¸m¡A±z¤]¥i¥H¨Ï¥Î [½s¿è] > [°Å¤U] ¥\¯àªí¶µ¥Ø¡C
- ¥H·Æ¹«¥ªÁä«ö¤@¤U¥H¿ï¾Ü¶µ¥Ø¡A¦A¨Ï¥ÎÁä½L§Ö³tÁä Control-D¡C
·í±z¿ï¾Ü [À˵ø] > [§G§½] ¿ï¶µ¥H¦b Directory Server Console ¥k±ªO¤¤Åã¥Ü¤l¶µ«á¡A±z¥i¥H¥Î Control+«ö¤@¤U©Î Shift+«ö¤@¤Uªº«öÁä²Õ¦X¿ï¾Ü¦hÓn§R°£ªº¶µ¥Ø¡C
- ½T»{±zn§R°£¶µ¥Ø¡A©Î¾ðª¬¤l¥Ø¿ý¤Î¨ä©Ò¦³¤º®e¡C
¦øªA¾¹¥i¥ß§Y§R°£¤@©Î¦hÓ¶µ¥Ø¡C¨S¦³´_ì¡C¦pªG§R°£¦hÓ¶µ¥Ø¡A¥D±±¥x±NÅã¥Ü¸ê°T¹ï¸Ü¤è¶ô¡A¦C¥X§R°£¶µ¥Ø¼Æ¤Îµo¥Íªº¥ô¦ó¿ù»~¡C
¨Ï¥Î¥D±±¥x°õ¦æ¤j¶q§@·~
±z¥i¥H¥Î LDIF ÀÉ®×¥[¤J¦hÓ¶µ¥Ø¡B°õ¦æ²V¦X§@·~©Î¶×¤J¾ãÓ§À½X¡CYn¨Ï¥Î LDIF ÀɮפΠDirectory Server Console ¥[¤J¶µ¥Ø¡G
- ¥Î¥H¤W¦U¸`©ÒÅã¥Üªº»yªk¦b LDIF Àɮפ¤©w¸q¶µ¥Ø©Î§@·~¡C¦pªG¥un¥[¤J¶µ¥Ø©Îªì©l¤Æ§À½X¡A´N¤£»Ýn changetype ÃöÁä¦r¡A¦Ó¥B LDIF ÀÉ®×¥i¥H¥u¥]§t¶µ¥Ø¡C¦pªGn°õ¦æ²V¦Xªº§@·~¡A¨CÓ DN ¨ä«á³£À³¸Ó¸òµÛ¤@Ó changetype¡A¦Ó¥Bµø»Ýn¥[¤W¯S©w§@·~©ÎÄÝ©ÊÈ¡C
- ±q Directory Server Console ¶×¤J LDIF ÀɮסC¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\¶×¤J LDIF ÀɮסC
¦pªGn°õ¦æ²V¦Xªº§@·~¡A°È¥²¨ú®ø¿ï¨ú [¶×¤J LDIF] ¹ï¸Ü¤è¶ô¤Wªº [¶È¥[¤J]¡AÅý¦øªA¾¹·|°õ¦æ©Ò¦³ LDIF §@·~¡C
±q«ü¥O¦æºÞ²z¶µ¥Øldapmodify ©M ldapdelete «ü¥O¦æ¤½¥Îµ{¦¡´£¨Ñ¥[¤J¡B½s¿è»P§R°£¥Ø¿ý¶µ¥Øªº§¹¾ã¥\¯à¡C±z¥i¥H¥Î¥¦ÌºÞ²z¦øªA¾¹ªº°t¸m¶µ¥Ø©M¨Ï¥ÎªÌ¶µ¥Ø¤¤ªº¸ê®Æ¡C³o¨âÓ¤½¥Îµ{¦¡¤]¥i¥Î¨Ó¼¶¼g«ü¥OÀÉ¡A¥H°õ¦æ¤@©Î¦hӥؿýªº¤j¶qºÞ²z¤u§@¡C
ldapmodify ©M ldapdelete «ü¥O¥Î¦b¥»®Ñ¦U³Bªºµ{§Ç¤¤¡C¤U¦C¦U¸`´yz°õ¦æ³o¨ÇºÞ²zµ{§Ç©Ò»Ýªº©Ò¦³°ò¥»§@·~¡C¦p»ÝÃö©ó ldapmodify ©M ldapdelete «ü¥Oªº¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ Directory Server Man Page Reference¡C
«ü¥O¦æ¤½¥Îµ{¦¡ªº¿é¤J©l²×±Ä¥Î LDIF ®æ¦¡¡A±z¥i¥Hª½±µ±q«ü¥O¦æ¿é¤J¡A©Î³z¹L¿é¤JÀÉ´£¨Ñ¡C¤U¸`´£¨Ñ¦³Ãö LDIF ¿é¤Jªº¸ê°T¡AÀH«á¦U¸`´yz¨CºØקïÃþ«¬ªº LDIF¡C
´£¨Ñ LDIF ¿é¤J
©Ò¦³¥Ø¿ý¸ê®Æ¨Ï¥Î Unicode ªº UTF-8 ½s½XÀx¦s¡C¦]¦¹±z´£¨Ñªº¥ô¦ó LDIF ¿é¤J¤]¥²¶·¥H UTF-8 ½s½X¡CLDIF ®æ¦¡ªº¸Ô²Ó´yz¦b Directory Server Administration Reference ªº¡uLDAP Data Interchange Format Reference¡v ¤¤¡C
·í±z´£¨Ñ LDIF ¿é¤JȮɡA½Ð¦Ò¼{¤U¦C´XÂI¡G
- ª«¥ó¬O¤@Ӫťզæ¡A¨ä«á¸òµÛ¥H dn: ¶}ÀYªº¦æ¡C¦¹¦æ¬Oª«¥óªº¿ë§O¦WºÙ¡C©Ò¦³¨ä¥L¦æ¬Oª«¥óªºÄÝ©Ê¡C
- µù¸Ñ¥H # ¶}ÀY (¨Ã¥H EOL µ²§À)¡C
- ¥H¤@ӪŮæ¶}ÀYªº¦æ¬OÄ~Äò¤W¤@¦æ¡C
- ¤G¶i¦ìȬO¥H base-64 ½s½X¡A¨Ã¥B¦bÄݩʦWºÙ¤§«á¥H¤@ÓÂù«_¸¹ (::) ªí¥Ü¡C
- ´«¦æ¦r¤¸¤Î´«¦æ²Å¸¹¦b LDIF Ȥ¤¤£¦w¥þ¡AÀ³¸Ó¥H base-64 ½s½X¡C
- ·í±z¨Ï¥Î ldapmodify «ü¥OÅܧóÄÝ©ÊȮɡA½Ð¤Å¦bÄÝ©ÊȪº¥½§À¤£¤p¤ß¯d¤U§ÀÀHªÅ¥Õ¡C¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\קïÄÝ©ÊÈ¡C
¦b«ü¥O¦æ¤¤¤î LDIF ¿é¤J
ldapmodify ©M ldapdelete ¤½¥Îµ{¦¡Åª¨ú±z¦b«ü¥O«á¿é¤Jªº LDIF ±Ôz¸ò±qÀÉ®×Ū¨ú¬O§¹¥þ¤@¼Ëªº¤è¦¡¡C·í±z§¹¦¨´£¨Ñ¿é¤J®É¡A½Ð¿é¤J¦Û¤vªº Shell ·|¿ëÃѬ°ÀÉ®×µ²§ô (end of file¡AEOF) ¶h¥X¶¶§Çªº¦r¤¸¡C
¥H¤U½d¨ÒÅã¥Ü¦p¦ó¤¤¤î ldapmodify «ü¥Oªº¿é¤J¡G
prompt> ldapmodify -h host -p port -D bindDN -w password
dn:cn=Barry Nixon,ou=People,dc=example,dc=com
changetype:modify
delete:telephonenumber
^D
prompt>¬°¤F²¤Æ¤Î¥iÄâ©Ê¡A¥»¤å¥ó¤¤ªº½d¨Ò¤£Åã¥Ü´£¥Ü©Î EOF ¶¶§Ç¡C
¨Ï¥Î¯S®í¦r¤¸
¦b«ü¥O¦æ¿é¤J«ü¥O¿ï¶µ®É¡A±z¥i¯à¥²¶·©¿²¤¤@¨Ç¹ï«ü¥O¦æ¸ÑĶ¾¹¨ã¦³¯S®í·N¸qªº¦r¤¸¡A¦pªÅ®æ ( )¡B¬P¸¹ (*)¡B¤Ï±×½u (\) µ¥¡C¨Ò¦p¡A³\¦h DN ¥]§tªÅ®æ¡An¥Î¦b¤j³¡¤À UNIX Shell ¤¤¡A±z¥²¶·±Nȸm©óÂù¤Þ¸¹ ("") ¤º¡G
-D "cn=Barbara Jensen,ou=Product Development,dc=example,dc=com"
¨Ì«ü¥O¦æ¸ÑĶ¾¹¦Ó©w¡A±zÀ³¸Ó¨Ï¥Î³æ¤Þ¸¹©ÎÂù¤Þ¸¹°µ¦¹¥Î³~¡C¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\±zªº§@·~¨t²Î¤å¥ó¡C
¦¹¥~¡A¦pªG±z¨Ï¥Î¥]§t³r¸¹ªº DN¡A¥²¶·¥H¤Ï±×½u (\) ©¿²¤³r¸¹¡C¨Ò¦p¡G
-D "cn=Patricia Fuentes,ou=People,o=example.com Bolivia\,S.A."
½Ðª`·N¡Aldapmodify «ü¥O«áªº LDIF ±Ôz¬O¥Ñ«ü¥O¸ÑĶ¡A¦Ó«D¥Ñ Shell ¸ÑĶ¡A¦]¦¹¤£»Ýn¯S®íªº¦Ò¼{¨Æ¶µ¡C
¨Ï¥ÎÄÝ©Ê OID
ÄݩʦWºÙ¤¤¹w³]¬°¤£¤ä´©ÄÝ©Ê OID¡C¦b¬Y¨Çª©¥»ªº Directory Server ¤¤¤£¬O³oºØ±¡ªp¡C¦pªG±z¦bª©¥»ªº Directory Server ¤¤¨Ï¥ÎÄÝ©Ê OID §@¬°ÄݩʦWºÙ¡A«h¥²¶·±NÄÝ©Ê nsslapd-attribute-name-exceptions ³]¬° on¡A¤~¯à¨ÏÄÝ©Ê OID ³Q±µ¨ü¡C
¼Ò¦¡Àˬd
¥[¤J©Îקﶵ¥Ø®É¡A©Ò¨Ï¥ÎªºÄÝ©Ê¥²¶·¬O¶µ¥Ø¤¤ªºª«¥óÃþ§O¥²n©Î¤¹³\ªºÄÝ©Ê¡A¦Ó¥B±zªºÄÝ©Ê¥²¶·¥]§t»P©w¸q»yªk¬Û²ÅªºÈ¡C
קﶵ¥Ø®É¡ADirectory Server ·|¦b¾ãÓ¶µ¥Ø¤W°õ¦æ¼Ò¦¡Àˬd¡A¦Ó¤£¶È¦b³Qק諸ÄݩʤW¶i¦æÀˬd¡C¦]¦¹¡A¦pªG¶µ¥Ø¤¤ªº¥ô¦óª«¥óÃþ§O©ÎÄݩʤ£²Å¦X¼Ò¦¡¡A§@·~³£¥i¯à·|¥¢±Ñ¡C¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\¼Ò¦¡Àˬd¡C
±Æ¦C LDIF ¶µ¥Øªº¶¶§Ç
¦b¥[¤J¶µ¥Øªº¥ô¦ó LDIF ¤å¦r¶¶§Ç¤¤¡A¤£½×¬O¦b«ü¥O¦æ©Î¦bÀɮפ¤¡A¤÷¶µ³£¥²¶·¦C¦b¤l¶µ«e¡C¦p¦¹¤@¨Ó¡A·í¦øªA¾¹³B²z LDIF ¤å¦r®É¡A´N·|¥ý«Ø¥ß¤÷¶µ¦A«Ø¥ß¤l¶µ¡C
¨Ò¦p¡A¦pªGn¦b People ¾ðª¬¤l¥Ø¿ý¤¤«Ø¥ß¤£¦s¦b¥Ø¿ý¤¤ªº¶µ¥Ø¡A¥²¶·¥ý¦C¥X¥Nªí People ®e¾¹ªº¶µ¥Ø¡A¦A¦C¥X¾ðª¬¤l¥Ø¿ý¤¤ªº¶µ¥Ø¡G
dn:dc=example,dc=com
dn:ou=People,dc=example,dc=com
...
People subtree entries
...
dn:ou=Group,dc=example,dc=com
...
Group subtree entries
...±z¥i¥H¨Ï¥Î ldapmodify «ü¥O¦æ¤½¥Îµ{¦¡«Ø¥ß¥Ø¿ý¤¤ªº¥ô¦ó¶µ¥Ø¡A¦ý¬O§À½X©Î¤l§À½Xªº®Ú³¡¬O¯S®í¶µ¥Ø¡A¥²¶·»P¥²nªº°t¸m¶µ¥Ø²£¥ÍÃöÁp¡CYn¥[¤J·sªº®Ú§À½X©Î¤l§À½X¤Î¨ä¬ÛÃöªº°t¸m¶µ¥Ø¡A½Ð°Ñ¾\±q«ü¥O¦æ«Ø¥ß§À½X¡C
ºÞ²z¤j«¬¶µ¥Ø
¥[¤J©Îקï§t¦³·¥¤j«¬ÄÝ©ÊȪº¶µ¥Ø«e¡A¦øªA¾¹¥i¯à¥²¶·¸g¹L°t¸m¤~¯à±µ¨ü³oÃþ¶µ¥Ø¡C¬°«OÅ@¦øªA¾¹¥H¨¾t¸ü¹L«¡A¥Î¤áºÝ¹w³]¬°¶È¯à¶Ç°e¤£¶W¹L 2 MB ªº¸ê®Æ¡C
¦pªG¥[¤Jªº¶µ¥Ø¤j©ó¦¹¨î¡A©Îק諸ÄÝ©ÊȤj©ó¦¹¨î¡A¦øªA¾¹±N©Úµ´°õ¦æ§@·~¡A¨Ã¥ß§YÃö³¬³s½u¡C¨Ò¦p¡A¦b¶µ¥Øªº¤@©Î¦hÓÄݩʤ¤¦pªG¦³¦h´CÅ餺®eµ¥¤G¶i¦ì¸ê®Æ¡A´N¥i¯à¶W¹L¦¹¨î¡C
¦Ó¥B¡A©w¸q¤j«¬ÀRºA¸s²Õªº¶µ¥Ø¥i¯à¥]§t¤Ó¦h¦¨û¡A¥HP©ó¨äªí¥Üªk¶W¹L¨î¡C¦ý°ò©ó®Ä¯àªºì¦]¡A¨Ã¤£«Øij¨Ï¥Î³o¼Ëªº¸s²Õ¡A±zÀ³¸Ó¦Ò¼{«·s³]p¥Ø¿ýµ²ºc¡C¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ºÞ²z¸s²Õ¡C
Ynקï¦øªA¾¹¹ï¥Î¤áºÝ¶Ç°eªº¸ê®Æ±j¨îªº¤j¤p¨î¡G
- ¬° cn=config ¶µ¥Øªº nsslapd-maxbersize Äݩʳ]©w·sÈ¡C
- Yn¨Ï¥Î¥D±±¥x°õ¦æ¦¹°Ê§@¡A½Ð¥HºÞ²zû©Î¥Ø¿ýºÞ²zûªº¨¥÷µn¤J¡A¨Ã®Ú¾Ú¥H¼Ð·Ç½s¿è¾¹×§ï¶µ¥Ø¤¤ªºµ{§Ç½s¿è cn=config ¶µ¥Ø¡C±N nsslapd-maxbersize Äݩʳ]¬°¥Î¤áºÝ¥i¤@¦¸¶Ç°eªº³Ì¤j¦ì¤¸¼Æ¡C
- Yn±q«ü¥O¦æ°õ¦æ¦¹°Ê§@¡A½Ð¨Ï¥Î¤U¦C«ü¥O¡G
ldapmodify -h host -p port -D "cn=Directory Manager" -w password
dn:cn=config
changetype:modify
replace:nsslapd-maxbersize
nsslapd-maxbersize:sizeLimitInBytes
^D¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ Directory Server Administration Reference ¤¤ªº¡unsslapd-maxbersize¡v¡C
- ¨Ì±Ò°Ê©M°±¤î Directory Server ©Òz¡A«·s±Ò°Ê¦øªA¾¹¡C
¿ù»~³B²z
«ü¥O¦æ¤u¨ã·|´`§Ç³B²z LDIF ¿é¤J¤¤ªº©Ò¦³¶µ¥Ø©Îקï¡C·í²Ä¤@Ó¿ù»~µo¥Í®É¡A¹w³]ªº¹B§@¤è¦¡¬O·|°±¤î³B²z¡C¨Ï¥Î -c ¿ï¶µ¥i¤£²z·|¥ô¦ó¿ù»~Ä~Äò³B²z©Ò¦³¿é¤J¡C±z·|¦b¤u¨ãªº¿é¥X¤¤¬Ý¨ì¿ù»~ª¬ªp¡C
°£¤F¤Wz¦Ò¼{¨Æ¶µ¤§¥~¡A±`¨£ªº¿ù»~¥]¬A¡G
¦p»ÝÃö©ó©Ò¥X²{ªº¿ù»~ª¬ªp¤Î¦p¦ó°jÁ× ldapmodify ©M ldapdelete «ü¥Oªº¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ Directory Server Man Page Reference¡C
¨Ï¥Î ldapmodify ¥[¤J¶µ¥Ø
±z¥i¥H¥Î ldapmodify ªº -a ¿ï¶µ¦b¥Ø¿ý¤¤¥[¤J¤@©Î¦hÓ¶µ¥Ø¡C¤U¦C½d¨Ò«Ø¥ß¤@Óµ²ºc¶µ¥Ø¥H¥]§t¨Ï¥ÎªÌ¡AµM«á¦A«Ø¥ß¨Ï¥ÎªÌ¶µ¥Ø¡G
ldapmodify -a -h host -p port -D "cn=Directory Manager" -w password
dn:ou=People,dc=example,dc=com
objectclass:top
objectclass:organizationalUnit
ou:People
description:Container for user entries
dn:uid=bjensen,ou=People,dc=example,dc=com
objectclass:top
objectclass:person
objectclass:organizationalPerson
objectclass:inetorgPerson
uid:bjensen
givenName:Barbara
sn:Jensen
cn:Babs Jensen
telephoneNumber: (408) 555-3922
facsimileTelephoneNumber: (408) 555-4000
mail:bjensen@example.com
userPassword:clearPassword-D ©M -w ¿ï¶µ¤À§O«ü©w¦³Åv«Ø¥ß³o¨Ç¶µ¥Ø¤§¨Ï¥ÎªÌªº³sµ² DN ©M±K½X¡C-a ¿ï¶µ¥]§t LDIF ¤¤§Y±N¥[¤Jªº©Ò¦³¶µ¥Ø¡CµM«á¥H DN ¤ÎÄÝ©ÊÈ«ü©w¨CÓ¶µ¥Ø¡A¶µ¥Ø¤§¶¡¨Ï¥Î¤@Ӫťզæ¡Cldapmodify ¤½¥Îµ{¦¡·|¦b¿é¤J¨CÓ¶µ¥Ø«á«Ø¥ß¡A¨Ã³ø§i¥ô¦ó¿ù»~¡C
¦bºD¨Ò¤W¡A¶µ¥Øªº LDIF ¥H¤U¦C¶¶§Ç¦C¥XÄÝ©Ê¡G
¿é¤J userpassword ÄݩʪºÈ®É¡A½Ð«ü©w¯Â¤å¦rª©ªº±K½X¡C¦øªA¾¹·|±N³oÓÈ¥[±K¡A¨Ã¥B¥uÀx¦s¥[±KªºÈ¡C½Ð°È¥²n¨îŪ¨úÅv¡A¥H«OÅ@ LDIF Àɮפ¤ªº¯Â¤å¦r±K½X¡C
±z¤]¥i¥H¦b«ü¥O¦æ¤W¨Ï¥Î¤£»Ýn -a ¿ï¶µªº LDIF ´À¥N®æ¦¡¡C³oºØ®æ¦¡ªºÀuÂI¬O±z¥i¥H±N¥[¤J¶µ¥Ø¤Îקﶵ¥Øªº±Ôzµ²¦X¦b¤@°_¡A¦p¤U¤@¸`©Ò¥Ü¡C
ldapmodify -h host -p port -D "cn=Directory Manager" -w password
dn:ou=People,dc=example,dc=com
changetype:add
objectclass:top
objectclass:organizationalUnit
ou:People
description:Container for user entries
dn:uid=bjensen,ou=People,dc=example,dc=com
changetype:add
objectclass:top
objectclass:person
objectclass:organizationalPerson
objectclass:inetorgPerson
uid:bjensen
givenName:Barbara
sn:Jensen
cn:Barbara Jensen
telephoneNumber: (408) 555-3922
facsimileTelephoneNumber: (408) 555-4000
mail:bjensen@example.com
userPassword:clearPasswordchangetype:add ÃöÁä¦r«ü¥XÀ³¥H«áÄòªº©Ò¦³Äݩʫإ߫ü©w DN ªº¶µ¥Ø¡C©Ò¦³¨ä¥L¿ï¶µ©M LDIF ºD¨Ò³£¤@¼Ë¡C
¦b¨âÓ½d¨Ò¤¤¡A±z³£¥i¥H¥Î -f filename ¿ï¶µ±qÀÉ®×Ū¨ú LDIF¡A¦Ó¤£±q²×ºÝ¾÷¿é¤JŪ¨ú¡CLDIF ÀÉ®×¥]§tªº®æ¦¡¥²¶·¸ò¨Ï¥Î -a ¿ï¶µ®Éªº²×ºÝ¾÷¿é¤J®æ¦¡¬Û¦P¡C
¨Ï¥Î ldapmodify קﶵ¥Ø
¨Ï¥Î changetype:modify ÃöÁä¦r¥i¥[¤J¡B¨ú¥N©Î²¾°£²{¦³¶µ¥Ø¤¤ªºÄݩʤΨäÈ¡C·í±z«ü©w changetype:modify ®É¡A±z¤]¥²¶·´£¨Ñ¤@©Î¦hÓÅܧó§@·~¡A¥H«ü¥X¶µ¥Øªº×§ï¤è¦¡¡C¥H¤U½d¨ÒÅã¥Ü¤TÓ¥i¯àªº LDIF Åܧó§@·~¡G
dn:entryDN
changetype:modify
add:attribute
attribute:value
...
-
replace:attribute
attribute:newValue
...
-
delete:attribute
[attribute:value]
...¦b¦æ¤¤¨Ï¥Î¯}§é¸¹ (-) ¥i¤À¹j¹ï¦P¤@¶µ¥Øªº§@·~¡AªÅ¥Õ¦æ¥i¤À¹j¤£¦P¶µ¥Øªº§@·~¸s²Õ¡C±z¤]¥i¥H¬°¨CÓ§@·~«ü©w¼ÆÓ attribute:value °t¹ï¡A±N¥¦Ì¦P®É¥[¤J¡B¨ú¥N©Î§R°£¡C
¥[¤JÄÝ©ÊÈ
¥H¤U½d¨ÒÅã¥Ü¦p¦ó¨Ï¥Î¬Û¦Pªº add LDIF »yªk¡A¬°²{¦³ªº¦h«ÈÄݩʤΩ|¤£¦s¦bªºÄÝ©Ê¥[¤JÈ¡G
ldapmodify -h host -p port -D "cn=Directory Manager" -w password
dn:uid=bjensen,ou=People,dc=example,dc=com
changetype:modify
add:cn
cn:Babs Jensen
-
add:mobile
mobile: (408) 555-7844
mobile: (408) 555-7845Y¦³¤U¦Cª¬ªp¡A¦¹§@·~¥i¯à·|¥¢±Ñ¡A¦Ó¥B¦øªA¾¹±N¶Ç¦^¿ù»~¡G
¨Ï¥Î¤G¶i¦ìÄݩʤlÃþ«¬
attribute;binary ¤lÃþ«¬ªí¥ÜÄÝ©ÊÈÀ³³z¹L LDAP ¥H¤G¶i¦ì¸ê®Æ (¸ê®Æªº¤£³z©ú°Ï¶ô) ¶Ç¿é¡A¦Ó¤£ºÞ¥¦Ìªº¹ê»Ú»yªk¡C¦¹¤lÃþ«¬ªºªº³]p¥Dn¬O°w¹ï¨S¦³ LDAP ¦r¦êªí¥Üªkªº½ÆÂø»yªk¡A¨Ò¦p userCertificate¡C¤G¶i¦ì¤lÃþ«¬À³¶È¥Î©ó¦¹¥Î³~¡C
±z¥i¥H¦b ldapmodify «ü¥O©Ò¥Îªº¥ô¦ó LDIF ±Ôz¤¤¬°ÄݩʦWºÙ¥[¤J¾A·íªº¤lÃþ«¬¡C
Yn¿é¤J¤G¶i¦ìÈ¡A±z¥i¥Hª½±µ¦b LDIF ¤å¦r¤¤¿é¤J¡A©Î±q¥t¤@ÓÀɮפ¤Åª¨ú¡C¥H¤U½d¨ÒÅã¥Ü±qÀÉ®×Ū¨úªº LDIF »yªk¡G
ldapmodify -h host -p port -D "cn=Directory Manager" -w password
version: 1
dn:uid=bjensen,ou=People,dc=example,dc=com
changetype:modify
add:userCertificate;binary
userCertificate;binary:< file:///path/certFile¬°¤F¨Ï¥Î < »yªk«ü©wÀɮצWºÙ¡ALDIF ±Ôzªº¶}ÀY¦æ¥²¶·¬O version:1¡C·í ldapmodify ³B²z¦¹±Ôz®É¡A¥¦·|±NÄݩʳ]¬°±q«ü©wÀɮתº§¹¾ã¤º®eŪ¨ú¦Ó¨ÓªºÈ¡C
¥[¤J¦³»y¨¥¤lÃþ«¬ªºÄÝ©Ê
Äݩʪº»y¨¥»P«÷µ¤lÃþ«¬¥Î©ó«ü©w·í¦a»y¨t¤ÆªºÈ¡C·í±z¬°ÄÝ©Ê«ü©w»y¨¥¤lÃþ«¬®É¡A¸Ó¤lÃþ«¬·|¥H¤U¦C¤è¦¡¥[¤JÄݩʦWºÙ¡G
attribute;lang-CC
¨ä¤¤ attribute ¬O²{¦³ªºÄÝ©ÊÃþ«¬¡ACC ¬O¨âÓ¦r¥Àªº°ê½X¡A¥H«ü©w»y¨¥¡C±z¥i¥H¿ï¾Ü¬°»y¨¥¤lÃþ«¬¥[¤J«÷µ¤lÃþ«¬¡A¥H«ü©w·í¦a»y¨t¤ÆȪº¹ïµ¥µoµ¡C¦b¦¹ªpª¬¤U¡AÄݩʦWºÙÅܦ¨¡G
attribute;lang-CC;phonetic
Yn¦b§t¤lÃþ«¬ªºÄݩʤW°õ¦æ§@·~¡A±z¥²¶·©ú½T°t¦X¨ä¤lÃþ«¬¡C¨Ò¦p¡A¦pªGnקï§t lang-fr »y¨¥¤lÃþ«¬ªºÄÝ©ÊÈ¡A±z¥²¶·¥H¤U¦C¤è¦¡¦bקï§@·~¤¤¥]§t lang-fr¡G
ldapmodify -h host -p port -D "cn=Directory Manager" -w password
dn:uid=bjensen,ou=People,dc=example,dc=com
changetype:modify
replace:homePostalAddress;lang-fr
homePostalAddress;lang-fr:34\, avenue des Champs-ElyséesקïÄÝ©ÊÈ
¥H¤U½d¨ÒÅã¥Ü¦p¦ó¨Ï¥Î LDIF ¤¤ªº replace »yªkקïÄÝ©ÊÈ¡G
ldapmodify -h host -p port -D "cn= Directory Manager " -w password
dn:uid=bjensen,ou=People,dc=example,dc=com
changetype:modify
replace:sn
sn:Morris
-
replace:cn
cn:Barbara Morris
cn:Babs Morris«ü©wÄݩʪº¥Ø«e©Ò¦³È¤w³Q²¾°£¡A¨Ã¤w¥[¤J©Ò¦³«ü©wÈ¡C
¦bÅܧóÄÝ©ÊȤ§«á¡A±z¥i¥H¨Ï¥Î ldapsearch «ü¥O¨ÓÅçÃÒÅܧó¡C
§ÀÀHªÅ¥Õ
·í±zקïÄÝ©ÊȮɡA½Ð¤Å¦bȪº¥½§À¤£¤p¤ß¯d¤U§ÀÀHªÅ¥Õ¡C§ÀÀHªÅ¥Õ¥i¯à·|¾ÉPÈ¥H base-64 ½s½XÅã¥Ü (¦p 34xy57eg)¡C
¦pªGÄÝ©ÊÈ¥H§ÀÀHªÅ¥Õµ²§À¡A«h§ÀÀHªÅ¥Õ·|³Q§@¬°ÄÝ©ÊȪº¤@³¡¤À¨Ó½s½X¡C·í±z¨Ï¥Î¥D±±¥x©Î ldapsearch «ü¥O¨ÓÅçÃÒÅܧó®É¡A±z©Ò¬Ý¨ìªºÈ¥i¯à¥H¯Â¤å¦r®æ¦¡Åã¥Ü¡A¦ý¤]¥i¯àÅã¥Ü¬° base-64 ½s½Xªº¤å¦r¡C³oµø±z¨Ï¥Îþ¤@ºØ Directory Server ¥Î¤áºÝ¦Ó©w¡C
§R°£ÄÝ©ÊÈ
¥H¤U½d¨ÒÅã¥Ü¦p¦ó§¹¥þ§R°£ÄÝ©Ê¡A¥H¤Î¥u§R°£¦h«ÈÄݩʤ¤ªº¤@ÓÈ¡G
ldapmodify -h host -p port -D "cn=Directory Manager" -w password
dn:uid=bjensen,ou=People,dc=example,dc=com
changetype:modify
delete:facsimileTelephoneNumber
-
delete:cn
cn:Babs Morris¨Ï¥Î delete »yªk«o¤£«ü©w attribute:value °t¹ï®É¡A±N²¾°£Äݩʪº©Ò¦³È¡C¦pªG«ü©w attribute:value °t¹ï¡A«h¥u·|²¾°£¸ÓÈ¡C
קï¦h«ÈÄݩʪº¤@ÓÈ
¬°¤F¥Î ldapmodify «ü¥Oקï¦h«ÈÄݩʪº¤@ÓÈ¡A±z¥²¶·¨Ì¤U¦C½d¨Ò©Ò¥Ü°õ¦æ¨âÓ§@·~¡G
ldapmodify -h host -p port -D "cn=Directory Manager" -w password
dn:uid=bjensen,ou=People,dc=example,dc=com
changetype:modify
delete:mobile
mobile: (408) 555-7845
-
add:mobile
mobile: (408) 555-5487¨Ï¥Î ldapdelete §R°£¶µ¥Ø
¨Ï¥Î ldapdelete «ü¥O¦æ¤½¥Îµ{¦¡¥i±q¥Ø¿ý¤¤§R°£¶µ¥Ø¡C¦¹¤½¥Îµ{¦¡·|³sµ²¨ì¥Ø¿ý¦øªA¾¹¡A¨Ã§R°£ DN ©Ò«ü©wªº¤@©Î¦hÓ¶µ¥Ø¡C±z¥²¶·´£¨Ñ¦³Åv§R°£«ü©w¶µ¥Øªº³sµ² DN¡C
±zµLªk§R°£¤@Ó§t¦³¤l¶µªº¶µ¥Ø¡CLDAP ³q°T¨ó©w¸T¤î¤l¶µ¤£¦A¦³¤÷¶µ¦s¦bªºª¬ªpµo¥Í¡C¨Ò¦p¡A±zµLªk§R°£²Õ´³æ¦ì¶µ¥Ø¡A°£«D¥ý§R°£ÄÝ©ó¸Ó²Õ´³æ¦ìªº©Ò¦³¶µ¥Ø¡C
¤p¤ß
½Ð¤Å§R°£§À½X o=NetscapeRoot¡CAdministration Server ¨Ï¥Î¦¹§À½XÀx¦s¤w¦w¸Ë Sun Java System ¦øªA¾¹ªº¬ÛÃö¸ê°T¡C§R°£¦¹§À½X¥i¯à·|¢¨Ï±z«·s¦w¸Ë¥]¬A Directory Server ¦b¤ºªº©Ò¦³ Sun Java System ¦øªA¾¹¡C
¦b¤U¦C½d¨Ò¤¤¡A²Õ´³æ¦ì¤¤¥u¦³¤@Ó¶µ¥Ø¡A©Ò¥H§Ú̧R°£¸Ó¶µ¥Ø¡A¦A§R°£¤÷¶µ¡G
ldapdelete -h host -p port -D "cn=Directory Manager" -w password
uid=bjensen,ou=People,dc=example,dc=com
ou=People,dc=example,dc=com¨Ï¥Î ldapmodify §R°£¶µ¥Ø
±z¤]¥i¥H¨Ï¥Î ldapmodify ¤½¥Îµ{¦¡ªº changetype:delete ÃöÁä¦r§R°£¶µ¥Ø¡C¤Z¬O¥H¤W©Òz¨Ï¥Î ldapdelete ®Éªº¨î¡A¦b³o¨½¦P¼Ë¾A¥Î¡C¨Ï¥Î LDIF »yªk§R°£¶µ¥ØªºÀuÂI¬O±z¥i¥H¦b¤@Ó LDIF Àɮפ¤°õ¦æ²V¦Xªº§@·~¡C
¥H¤U½d¨Ò±N°õ¦æ»P¥ý«e½d¨Ò¬Û¦Pªº§R°£§@·~¡G
ldapmodify -h host -p port -D "cn=Directory Manager" -w password
dn:uid=bjensen,ou=People,dc=example,dc=com
changetype:delete
dn:ou=People,dc=example,dc=com
changetype:delete
«·s©R¦W¤Î²¾°Ê¶µ¥Ø¥»¸`¤¶²Ðקï DN §@·~¡B´£¨Ñ¨Ï¥Îקï DN §@·~ªº¸Ô²Ó»¡©ú¡A¨Ã¥B´yz¦p¦ó¨Ï¥Î¥D±±¥x¤Î«ü¥O¦æ¨Ó°õ¦æקï DN §@·~¡C
קï DN §@·~²¤¶
¦b Directory Server 5.2 2005Q1 ¤§«eªº Directory Server ª©¥»¤¤¡A¥i¥H«·s©R¦W¶µ¥Ø¡C¦Û Directory Server 5.2 2005Q1 °_¡A¥i¥H«·s©R¦W¶µ¥Ø¤Î²¾°Ê¶µ¥Ø¡C
קï DN §@·~µLªk¥Î©ó¤U¦C¤u§@¡G
«·s©R¦W©M²¾°Ê§@·~¤§¶¡ªº®t§O
¥»¸`´yz«·s©R¦W¶µ¥Ø©M²¾°Ê¶µ¥Ø¤§¶¡ªº®t§O¡C
«·s©R¦W¶µ¥Ø
«·s©R¦W¶µ¥Ø·|Åܧ󶵥تº DN ¤¤³Ì¥ªÃä (³Ì¤£«n) ªºÄÝ©Ê type=value °t¹ï¡C¦¹ÄÝ©Ê type=value °t¹ï¬°¶µ¥Øªº RDN¡C¥i¥H«·s©R¦WÄÝ©ÊÃþ«¬¡BÄÝ©ÊȩΪ̦P®É«·s©R¦W³o¨âªÌ¡CYn¨Ï«·s©R¦W§@·~¦¨¥\¡A·sªº DN ¤£¯à¤w¸g¦s¦b¡C
¤U¦C½d¨ÒÅã¥Ü¦p¦óÅܧóÄÝ©ÊÃþ«¬©MÄÝ©ÊÈ¡C
½d¨Ò 1¡GYn±N¤U¦C DN ¤¤ªºÄÝ©ÊÃþ«¬¥Ñ cn ÅÜ§ó¬° uid¡G
dn:cn=john,dc=california,dc=sun,dc=com
½d¨Ò 2¡GYn±N¤U¦C DN ¤¤ªºÄÝ©Ê鴄 john ÅÜ§ó¬° bob¡G
dn:cn=john,dc=california,dc=sun,dc=com
²¾°Ê¶µ¥Ø
²¾°Ê¶µ¥Ø·|Åܧ󶵥تº DN ¤¤³Ì¥kÃä (³Ì«n) ªºÄÝ©Ê type=value °t¹ï¡C¦¹°Ê§@±N¶µ¥Ø²¾°Ê¦Ü¤£¦Pªº¾ðª¬¤l¥Ø¿ý¡CYn¨Ï²¾°Ê§@·~¦¨¥\¡A»P·s¦ì¸m¬Û¹ïÀ³ªº DN ¥²¶·¦s¦b©ó¬Û¦P§À½X¤º¡C
½d¨Ò 3¡GYn±N¤U¦C DN ¤¤ªº¶µ¥Ø john ¥Ñ california ²¾°Ê¦Ü france¡G
dn:cn=john,dc=california,dc=sun,dc=com
¨Ï¥Îקï DN §@·~ªº¸Ô²Ó»¡©ú¤Î¨î
·í±zp¹ºn¨Ï¥Îקï DN §@·~®É¡A½Ð¨Ì·Ó¤U¦C¦U¸`©Ò´£¨Ñªº¸Ô²Ó»¡©ú¶i¦æ¡G
¨Ï¥Îקï DN §@·~ªº¤@¯ë»¡©ú
·í±z¨Ï¥Îקï DN §@·~®É¡A½Ð¿í¦u¤U¦C«Øij¡C
- ½Ð¤Å±Nקï DN §@·~¥Î©ó¤U¦C¤u§@¡G
- ½Ð½T«O±z°õ¦æªº¬O Directory Server 5.2 2005Q1 ©Î§ó·sª©¥»¡C±z¤£¯à¦b Directory Server 5.2 2005Q1 ¤§«eªº Directory Server ª©¥»¤W¨Ï¥Îקï DN §@·~¡C¦pªG±z¨Ï¥Îªº¬O½Æ»s©Ý¾ë¡A½Ð½T«O©Ý¾ë¤ºªº©Ò¦³¦øªA¾¹³£°õ¦æ Directory Server 5.2 2005Q1 ©Î§ó·sª©¥»¡C
- ½Ð¤Å¦b±zªºÀ³¥Îµ{¦¡¤¤¨Ï¥Î entryid ¾Þ§@ÄÝ©Ê¡A¦]¬°¥¦³Q«O¯d¶È¨Ñ¤º³¡¨Ï¥Î¡C·í²¾°Ê¶µ¥Ø®É¡A¦¹¶µ¥Øªº entryid ÄÝ©Ê¥i¯à·|Åܧó¡C
- ¬°¦øªA¾¹¤Wªº©Ò¦³§À½X¥þ°ì±Ò¥Îקï DN §@·~¡A©ÎÓ§O¹ï±z·Qn°õ¦æ¦¹§@·~ªº¨C¤@Ó§À½X±Ò¥Î¡Cקï DN §@·~¹w³]¬°°±¥Î¡C¦pªG±z°õ¦æªº¬O½Æ»s©Ý¾ë¡A½Ð¹ï¦¹©Ý¾ë¤¤©Ò¦³¦øªA¾¹±Ò¥Îקï DN §@·~¡C¦p»ÝÃö©ó¦p¦ó±Ò¥Îקï DN §@·~ªº¸ê°T¡A½Ð°Ñ¾\¨Ï¥Î¥D±±¥x±Ò¥Îקï DN §@·~©Î¨Ï¥Î ldapmodify «ü¥O±Ò¥Îקï DN §@·~¡C
- ¦b±z§Æ±æ°õ¦æקï DN §@·~ªº¨C¤@Ó§À½X¤WÂX®i ACI Åv§Q¡CImport ¦s¨úÅv§Q¤¹³\¶µ¥Ø¶×¤J¨ì«ü©wªº DN¡CExport ¦s¨úÅv§Q¤¹³\¶µ¥Ø¶×¥X¨ì«ü©wªº DN¡C¦p»ÝÃö©ó¦p¦óÂX®i ACI Åv§Qªº¸ê°T¡A½Ð°Ñ¾\¨Ï¥Î¥D±±¥x±Ò¥Îקï DN §@·~©Î¨Ï¥Î ldapmodify «ü¥O±Ò¥Îקï DN §@·~¡C
- ¦b°õ¦æקï DN §@·~¤§«e¡A½Ð½T«O¦¹§@·~¤£·|¯}Ãa¥Î¤áºÝÅçÃÒ¡C¦pªG±z²¾°Ê¤@ӰѷӥΤáºÝ¾ÌÃÒªº¶µ¥Ø¡A´N·|¯}Ãa¥Î¤áºÝÅçÃÒ¡C¦b²¾°Ê¶µ¥Ø¤§«á¡A½ÐÅçÃÒ±zªº¾ÌÃÒ¡C
- ¦b°õ¦æקï DN §@·~¤§«e¡A½Ð½T«O¦¹§@·~¤£·|¯}Ãa±zªºÀ³¥Îµ{¦¡¡C«·s©R¦W©Î²¾°Ê¶µ¥Ø¥i¯à·|¼vÅT¼ÆÓ§À½X¡A©Î¬O¥i¯àÅܧ󦹶µ¥Øªº¤U¦C¯S©Ê¡G
¨Ï¥Î§Q¥Î½Æ»sªº×§ï DN §@·~¤§¸Ô²Ó»¡©ú
¦pªG±z¨Ï¥Î§Q¥Î½Æ»sªº×§ï DN §@·~¡A«h±zªº½Æ»s©Ý¾ë¥²¶·¿í¦u¤U¦C»Ý¨D¡G
- ½Ð½T«O½Æ»s©Ý¾ë¤¤©Ò¦³¦øªA¾¹³£°õ¦æ Directory Server 5.2 2005Q1 ©Î§ó·sª©¥»¡C±z¤£¯à¦b Directory Server 5.2 2005Q1 ¤§«eªº Directory Server ª©¥»¤W¨Ï¥Îקï DN §@·~¡C
- ¦b±z½Æ»s©Ý¾ë¤¤ªº©Ò¦³¦øªA¾¹¤W±Ò¥Îקï DN §@·~¡C¦pªG¥D¾÷¦øªA¾¹¤ä´©×§ï DN §@·~¦Ó¥Î¤á¦øªA¾¹¤£¤ä´©¡A«h½Æ»s·|¥¢±Ñ¡CÃþ¦ü¤U¦Cªº°T®§·|³Q¼g¤J´£¨ÑªÌ¦øªA¾¹¤Wªº¿ù»~°O¿ý¡G
µLªk¦b MODDN ±Ò¥Î®É±Ò°Ê½Æ»s¤u§@¶¥¬q
Yn«·s±Ò°Ê½Æ»s¡A½Ð°õ¦æ¤U¦C¨BÆJ¡G
1. «·s°t¸m½Æ»s©Ý¾ë¥H¦b©Ò¦³¦øªA¾¹¤W±Ò¥Îקï DN §@·~¡C
2. ¥H¤U¦C¨ä¤¤¤@ºØ¤èªk±Ò°Ê½Æ»s¤u§@¶¥¬q¡G
- ³z¹L¨Ì·Ó±q¥D±±¥x±j¢½Æ»s§ó·s©Î¥Î«ü¥O¦æ±j¢½Æ»s§ó·s¤¤ªº»¡©ú¶i¦æ¡C
- ³z¹LÅܧ󴣨Ѫ̦øªA¾¹¤Wªº¤@Ó¶µ¥Ø¡CÅܧó·|³Q½Æ»s¨ì¥Î¤á¦øªA¾¹¡C
- ±Ò¥Î¨Ã°t¸m©Ý¾ë¤º©Ò¦³¥D¾÷½Æ»s¤Wªº°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡¡C¦¹°Ê§@½T«O¦øªA¾¹ºû«ù¸s²Õ»P¨¤¦â¤§°Ñ¦Ò§¹¾ã©Ê¡C¦p»ÝÃö©ó¦p¦ó±Ò¥Î¨Ã°t¸m°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡ªº¸ê°T¡A½Ð°Ñ¾\°t¸m°Ñ¦Ò§¹¾ã©Ê¡C
- ¦b°õ¦æקï DN §@·~¤§«á¡A½Ð¯d¥X®É¶¡¥H«K°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡½Æ»s¨äÅܧó¡C
¨Ï¥Î¥D±±¥x«·s©R¦W©Î²¾°Ê¶µ¥Ø
¥»¸`´yz¦p¦ó¨Ï¥Î¥D±±¥x¨Ó«·s©R¦W¶µ¥Ø¤Î²¾°Ê¶µ¥Ø¡C
¨Ï¥Î¥D±±¥x±Ò¥Îקï DN §@·~
°£«D ACI Åv§Q°t¸m¬°µ¹¤©±zÅv¡A§_«h±zµLªk¦b§À½X¤W°õ¦æקï DN §@·~¡C¥i¥H¬°¦øªA¾¹¤Wªº©Ò¦³§À½X¥þ°ì±Ò¥Î©Î°±¥Îקï DN §@·~¡A©ÎªÌ¬°¨CÓ«ü©wªº§À½XÓ§O±Ò¥Î©Î°±¥Î¡C
¤U¦Cµ{§Ç¬O¦p¦ó°t¸m¤£¦P ACI Åv§Qªº½d¨Ò¡C³o¨Çµ{§Ç¥i¯àµLªk°t¸m¹ï±z³Ì¾A·íªº ACI Åv§Q¡C¦p»ÝÃö©ó¦p¦ó°t¸m¤£¦P ACI Åv§Qªº¸ê°T¡A½Ð°Ñ¾\ Administration Server Administration Guide ¤¤Ãö©ó¨Ï¥Î¦s¨ú±±¨î«ü¥Oªº¸ê°T¡C
¨Ï¥Î¥D±±¥xÂX®i ACI Åv§Q¦¹µ{§Ç°t¸m ACI Åv§Q¥H«K©Ò¦³¨Ï¥ÎªÌ³£¥i¥H¦b©Ò¦³§À½X¤W°õ¦æקï DN §@·~¡C
- ¦b [¥Ø¿ý] ¼ÐÅÒ¤W¡A¶}±Ò Directory Server Console¡C
- ¦b¥ªÃä¡A¿ï¾Ü±znÂX®i ACI Åvªº§À½X¡C
- ¥H·Æ¹«¥kÁä«ö¤@¤U§À½X¡A¨Ã¦b§ÖÅã¥\¯àªí¤¤¿ï¨ú [³]©w¦s¨úÅv]¡C
Åã¥ÜºÞ²z¦s¨ú±±¨îµøµ¡¡C¸Óµøµ¡¥]§tÄݩ󶵥تº ACI ²M³æ¡C
- ¦bºÞ²z¦s¨ú±±¨îµøµ¡¤¤¡A¤Ï¥ÕÅã¥Ü°Î¦W¦s¨ú ACI¡A¦A«ö¤@¤U [½s¿è]¡C
Åã¥Ü½s¿è ACI ¹ï¸Ü¤è¶ô¡C
- ¿ï¨ú¼Ð¥Ü¬°¡uimport¡vªº®Ö¨ú¤è¶ô¥H¤¹³\¤l¶µ¶×¤J¨ì«ü©wªº§À½X¡C
- ¿ï¨ú¼Ð¥Ü¬°¡uexport¡vªº®Ö¨ú¤è¶ô¥H¤¹³\¶µ¥Ø±q«ü©wªº§À½X¤U²¾°Ê¦Ü§À½X¤¤ªº¥t¤@Ó¦ì¸m¡C
- ¦b½s¿è ACI µøµ¡¤¤«ö¤@¤U [½T©w]¡Cµøµ¡Ãö³¬¡C
- ¦bºÞ²z¦s¨ú±±¨îµøµ¡¤¤«ö¤@¤U [½T©w]¡Cµøµ¡Ãö³¬¡C
¨Ï¥Î¥D±±¥x¥þ°ì±Ò¥Î©Î°±¥Îקï DN §@·~
¨Ï¥Î¥D±±¥x¬°«ü©w§À½X±Ò¥Îקï DN §@·~
- ¦b [²ÕºA³]©w] ¼ÐÅÒªº [³]©wÈ] ¼ÐÅÒ¤W¡A¶}±Ò Directory Server Console¡C
- ¦b¥ªÃä¡A¿ï¾Ü±zn¤¹³\©Î¸T¤îקï DN §@·~ªº§À½X¡C
- ¿ï¨ú [³]©wÈ] ¼ÐÅÒ¡C
- ¦b¼Ð¥Ü¬°¡uקï DN §@·~¡vªº¤è¶ô¤º¡A±q¤U©Ô¦¡¥\¯àªí¤¤¿ï¨ú¤@¶µ§@·~¥H¤¹³\©Î¸T¤î¹ï¦¹§À½Xקï DN §@·~¡C
- «ö¤@¤U [Àx¦s]¡C
¦pªG¬°¦øªA¾¹¥þ°ì±Ò¥Îקï DN §@·~¡A«h½T»{µøµ¡·|¼u¥X¡C
- ¦b§ÖÅã½T»{µøµ¡¤¤¡A«ö¤@¤U [¬O] ¥H½T»{±zªº¿ï¾Ü¡C
¨Ï¥Î¥D±±¥x«·s©R¦W¶µ¥Ø
¥»¸`´yz¦p¦ó«·s©R¦W¶µ¥Ø¡C¦b Directory Server 5.2 2005Q1 ¤§«eªº Directory Server ª©¥»¤¤¤ä´©¦¹§@·~¡CYn°õ¦æ¦¹§@·~¡A±z¤£»Ýn±Ò¥Îקï DN §@·~¡C
¨Ï¥Î¥D±±¥x«·s©R¦W¶µ¥Ø
- ¦b [¥Ø¿ý] ¼ÐÅÒ¤W¡A¶}±Ò Directory Server Console¡C
- ®i¶}¾ðª¬¥Ø¿ý¥HÅã¥Ü±zn½s¿èªº¶µ¥Ø¡C
- ¿ï¨ún«·s©R¦Wªº¶µ¥Ø¡A«ö¤@¤U·Æ¹«¥kÁä¨Ã¿ï¨ú¡u¥H¼Ð·Ç½s¿è¾¹½s¿è¡v¡C
¼Ð·Ç½s¿è¾¹µøµ¡¶}±Ò¡C¼Ð·Ç½s¿è¾¹µøµ¡¦b¹Ï 2-2 ¤¤¦³©Ò»¡©ú¡C
- ¿ï¨ú»P±znÅÜ§óªº RDN ¬Û¹ïÀ³¤§ÄÝ©Ê¡C
- ±NÄݩʤè¶ô¤¤ªº¤å¦r¥Ñ¥Ø«eªº¶µ¥Ø¦WºÙÅܧ󬰷sªº¶µ¥Ø¦WºÙ¡C
- «ö¤@¤U [½T©w]¡C
¨Ï¥Î¥D±±¥x²¾°Ê¶µ¥Ø
¦b Directory Server 5.2 2005Q1 ¤§«eªº Directory Server ª©¥»¤¤¤£¤ä´©¦¹µ{§Ç¡C
¨Ï¥Î¥D±±¥x²¾°Ê¶µ¥Ø
- ½Ð½T«O¤w¥þ°ì±Ò¥Îקï DN §@·~¡A©ÎªÌ¥u±Ò¥Î¥]§t±zn²¾°Ê¤§¶µ¥Øªº§À½X¡C¦p»Ý¬ÛÃö¸ê°T¡A½Ð°Ñ¾\¨Ï¥Î¥D±±¥x±Ò¥Îקï DN §@·~¡C
- ¦b [¥Ø¿ý] ¼ÐÅÒ¤W¡A¶}±Ò Directory Server Console¡C
- ®i¶}¾ðª¬¥Ø¿ý¥HÅã¥Ü±zn½s¿èªº¶µ¥Ø¡C
- ¿ï¨ú±zn²¾°Êªº¶µ¥Ø¡C
- ©ì¦²¦¹¶µ¥Ø¨Ã©ñ¨ì·sªº¤÷¶µ¤W¡C
- ¦bĵ§i§ÖÅã¤è¶ô¤¤¡A«ö¤@¤U [Ä~Äò]¡C
¨Ï¥Î¥D±±¥x²¾°Ê¤Î«·s©R¦W¶µ¥Ø
Yn«·s©R¦W¤Î²¾°Ê¶µ¥Ø¡A½Ð°õ¦æ¤U¦C¨âÓµ{§Ç¡G
¨Ï¥Î ldapmodify «ü¥O«·s©R¦W©Î²¾°Ê¶µ¥Ø
¥»¸`´yz¦p¦ó¨Ï¥Î ldapmodify «ü¥O¨Ó«·s©R¦W¶µ¥Ø¤Î²¾°Ê¶µ¥Ø¡C
¤U¦CÄÝ©Ê»P LDIF ±Ôz·f°t¨Ï¥Î¡G
¦p»ÝÃö©ó»P LDIF ±Ôz·f°t¨Ï¥Î¤§Äݩʪº¸ê°T¡A½Ð°Ñ¾\ Directory Server Administration Reference ¤¤ªº¡uAttribute Reference¡v¡C¦p»ÝÃö©ó ldapmodify «ü¥O¤Î¨ä¿ï¶µªº¸ê°T¡A½Ð°Ñ¾\ Directory Server Man Page Reference¡C
¨Ï¥Î ldapmodify «ü¥O±Ò¥Îקï DN §@·~
¦b±z¥i¥H¨Ï¥Îקï DN §@·~¤§«e¡A±z¥²¶·ÂX®i ACI Åv§Q¨Ã±Ò¥Îקï DN §@·~¡C
¦p»ÝÃö©ó¦p¦óÂX®i ACI Åv§Qªº¸ê°T¡A½Ð°Ñ¾\±q«ü¥O¦æ«Ø¥ß ACI¡C
¥»¸`´yz¦p¦ó±Ò¥Îקï DN §@·~¡C
¨Ï¥Î ldapmodify «ü¥O¥þ°ì±Ò¥Îקï DN §@·~°õ¦æ ldapmodify «ü¥O¡C¨Ò¦p¡A¤U¦C½d¨Ò±Ò¥Îקï DN §@·~¡G
ldapmodify -h <hostname> -p <port> -D <user> -w <user_password>
dn:cn=config,cn=ldbm database,cn=plugins,cn=config
changetype:modify
replace:nsslapd-moddn-enabled
nsslapd-moddn-enabled:on
¨Ï¥Î ldapmodify «ü¥O¹ï§À½X±Ò¥Îקï DN §@·~°õ¦æ ldapmodify «ü¥O¡C¨Ò¦p¡A¤U¦C½d¨Ò¹ï¦W¬° suffix-name ªº§À½X±Ò¥Îקï DN §@·~¡G
ldapmodify -h <hostname> -p <port> -D <user> -w <user_password>
dn:cn=<suffix-name>,cn=ldbm database,cn=plugins,cn=config
changetype:modify
replace:nsslapd-moddn-enabled
nsslapd-moddn-enabled:on¨Ï¥Î ldapmodify «ü¥O«·s©R¦W¶µ¥Ø
¥»¸`´yz¦p¦ó«·s©R¦W¶µ¥Ø¡C¦b Directory Server 5.2 2005Q1 ¤§«eªº Directory Server ª©¥»¤¤¤ä´©¦¹§@·~¡CYn°õ¦æ¦¹§@·~¡A±z¤£»Ýn±Ò¥Îקï DN §@·~¡C
¨Ï¥Î ldapmodify «ü¥O«·s©R¦W¸¶µ¥Ø°õ¦æ ldapmodify «ü¥O¡C¨Ò¦p¡A¤U¦C½d¨Ò±N¶µ¥Ø john «·s©R¦W¬° bob¡G
ldapmodify -h <hostname> -p <port> -D <user> -w <user_password>
dn:cn=john,dc=california,dc=sun,dc=com
changetype:modrdn
newrdn:cn=bob
deleteoldrdn: 1¨Ï¥Î ldapmodify «ü¥O²¾°Ê¶µ¥Ø
¥»¸`´yz¦p¦ó±N¶µ¥Ø²¾°Ê¦Ü§À½Xªº¥t¤@³¡¤À¡C¦b Directory Server 5.2 2005Q1 ¤§«eªº Directory Server ª©¥»¤¤¤£¤ä´©¦¹§@·~¡C
¨Ï¥Î ldapmodify «ü¥O²¾°Ê¶µ¥Ø
- ½Ð½T«O¤wÂX®i ACI Åv§Q¥H«Kקï DN §@·~¡C¦p»Ý¬ÛÃö¸ê°T¡A½Ð°Ñ¾\¨Ï¥Î ldapmodify «ü¥O±Ò¥Îקï DN §@·~¡C
- ½Ð½T«O¤w¬°§À½X©ÎªÌ¨ü«·s©R¦W¤Î²¾°Ê§@·~¼vÅTªº§À½X±Ò¥Îקï DN §@·~¡C¦p»Ý¬ÛÃö¸ê°T¡A½Ð°Ñ¾\¨Ï¥Î ldapmodify «ü¥O±Ò¥Îקï DN §@·~¡C
- °õ¦æ ldapmodify «ü¥O¡C¨Ò¦p¡A¤U¦C«ü¥O±N¶µ¥Ø john ±q California ªº¾ðª¬¤l¥Ø¿ý²¾°Ê¦Ü France ªº¾ðª¬¤l¥Ø¿ý¡G
ldapmodify -h <hostname> -p <port> -D <user> -w <user_password>
dn:cn=john,dc=california,dc=sun,dc=com
changetype:modrdn
newrdn:cn=john
deleteoldrdn: 0
newsuperior:dc=france,dc=france,dc=sun,dc=com¨Ï¥Î ldapmodify «ü¥O«·s©R¦W¤Î²¾°Ê¶µ¥Ø
¥»¸`´yz¦p¦ó±N¶µ¥Ø«·s©R¦W¨Ã²¾°Ê¦Ü§À½Xªº¥t¤@³¡¤À¡C¦b Directory Server 5.2 2005Q1 ¤§«eªº Directory Server ª©¥»¤¤¤£¤ä´©¦¹§@·~¡C
¨Ï¥Î ldapmodify «ü¥O«·s©R¦W¤Î²¾°Ê¶µ¥Ø
- ½Ð½T«O¤wÂX®i ACI Åv§Q¥H«Kקï DN §@·~¡C¦p»Ý¬ÛÃö¸ê°T¡A½Ð°Ñ¾\¨Ï¥Î ldapmodify «ü¥O±Ò¥Îקï DN §@·~¡C
- ½Ð½T«O¤w¬°§À½X©ÎªÌ¨ü«·s©R¦W¤Î²¾°Ê§@·~¼vÅTªº§À½X±Ò¥Îקï DN §@·~¡C¦p»Ý¬ÛÃö¸ê°T¡A½Ð°Ñ¾\¨Ï¥Î ldapmodify «ü¥O±Ò¥Îקï DN §@·~¡C
- °õ¦æ ldapmodify «ü¥O¡C¨Ò¦p¡A¤U¦C«ü¥O±N«·s©R¦W§@·~¤Î²¾°Ê§@·~µ²¦X¬°¤@¶µ§@·~¡G
ldapmodify -h <hostname> -p <port> -D <user> -w <user_password>
dn:cn=john,dc=california,dc=sun,dc=com
changetype:modrdn
newrdn:dc=bob
deleteoldrdn: 1
newsuperior:dc=france,dc=france,dc=sun,dc=com
³]©w°Ñ·Ó±z¥i¥H¨Ï¥Î°Ñ·Ó§i¶D¥Î¤áºÝÀ³¥Îµ{¦¡¦b¥»¾÷µLªk¨ú±o¸ê°T®ÉÀ³Ápµ¸þ³¡¦øªA¾¹¡C°Ñ·Ó¬O«ü¨ì»·ºÝ§À½X©Î¶µ¥Øªº«ü¼Ð¡ADirectory Server ·|±N¦¹«ü¼Ð¶Ç¦^µ¹¥Î¤áºÝ¡A¦Ó¤£¶Ç¦^µ²ªG¡C±µ¤U¨Ó¡A¥Î¤áºÝ¥²¶·«·s©ó°Ñ·Ó¤¤«ü©wªº»·ºÝ¦øªA¾¹¤W°õ¦æ§@·~¡C¦b¤TºØª¬ªp¤U·|µo¥Í¦¹«·s¾É¦V§@·~¡G
- ·í¥Î¤áºÝÀ³¥Îµ{¦¡n¨D¤£¦s¦b¥»¾÷¦øªA¾¹ªº¶µ¥Ø®É¡A¦øªA¾¹¶Ç¦^¹w³]°Ñ·Ó¡C
- ·í¾ãÓ§À½X¬°¤F¶i¦æºûÅ@¡A©Î°ò©ó¦w¥þ©Êªºì¦]¦Ó³]¬°Â÷½uª¬ºA®É¡A¦øªA¾¹±N¶Ç¦^¸Ó§À½X©w¸qªº°Ñ·Ó¡C§À½X¼h¯Åªº°Ñ·Ó»¡©ú©ó³]©w¦s¨úÅv¤Î°Ñ·Ó¤¤¡C·í¥Î¤áºÝn¨D¼g¤J§@·~®É¡A§À½Xªº°ßŪ½Æ¥»¤]·|¦V¥D¾÷¦øªA¾¹¶Ç¦^°Ñ·Ó¡C
- ±z¥i¥H«Ø¥ßºÙ¬°´¼¼z«¬°Ñ·Óªº¶µ¥Ø¡C·í¥Î¤áºÝ©ú½T¦s¨ú´¼¼z«¬°Ñ·Ó®É¡A¦øªA¾¹±N§ï¬°¶Ç¦^¥¦©Ò©w¸qªº°Ñ·Ó¡CDirectory Server Console ·|¦Û°Ê°t¸m¥H°lÂÜ´¼¼z«¬°Ñ·Ó¡A¨Ï¥¦Ì´N¹³¬O³Ì¤W¼h [¥Ø¿ý] ¼ÐÅÒ¤Wªº¥»¾÷¶µ¥Ø¤@¼Ë¡C
¤£½×¬Oþ¤@ºØª¬ªp¡A¤@Ó°Ñ·Ó´N¬O¤@Ó LDAP URL¡A¨ä¤¤¥]§t¥t¤@³¡¦øªA¾¹ªº¥D¾÷¦WºÙ¡B³s±µ°ð¸¹½X¤Î¿ï¥Îªº DN¡C¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ Directory Server Administration Reference¡C¦p»ÝÃö©ó¦p¦ó¦b¥Ø¿ý³¡¸p¤¤¨Ï¥Î°Ñ·Óªº·§z¡A½Ð°Ñ¾\ Directory Server Deployment Planning Guide¡C
¤U¦C¦U¸`´yz©w¸q¥Ø¿ýªº¹w³]°Ñ·Ó¤Î©w¸q´¼¼z«¬°Ñ·Óªºµ{§Ç¡C
³]©w¹w³]°Ñ·Ó
·í¥Î¤áºÝÀ³¥Îµ{¦¡¦b DN ¤W©Ò´£¥æªº§@·~¤£¥]§t¦b¥Ø¿ý©ÒºûÅ@ªº¥ô¦ó§À½X¤º®É¡A«K·|±N¹w³]°Ñ·Ó¶Ç¦^µ¹¸Ó¥Î¤áºÝÀ³¥Îµ{¦¡¡C¹w³]°Ñ·Ó¦³®ÉÔºÙ¬°¥þ°ì°Ñ·Ó¡A¦]¬°¥¦Ì¾A¥Î©ó¥Ø¿ý¤¤ªº©Ò¦³§À½X¡C¦øªA¾¹±N¶Ç¦^©w¸qªº©Ò¦³§À½X¡A¦ý¶Ç¦^ªº¶¶§Ç«h¥¼©w¸q¡C
¨Ï¥Î¥D±±¥x³]©w¹w³]°Ñ·Ó
- ¦b Directory Server Console ³Ì¤W¼hªº [°t¸m] ¼ÐÅÒ¤W¡A¿ï¾Ü¦ì©ó°t¸m¾ðª¬¥Ø¿ý®Ú³¡ªº¦øªA¾¹¸`ÂI¡AµM«á¿ï¾Ü¥k±ªO¤¤ªº [ºô¸ô] ¼ÐÅÒ¡C
- ¿ï¾Ü [¶Ç¦^°Ñ·Ó] ®Ö¨ú¤è¶ô¡A¨Ã¦b¤å¦rÄæ¦ì¤¤¿é¤J LDAP URL¡C©ÎªÌ¡A«ö¤@¤U [«Øºc URL]¡A¦b«ü¤Þ¤U§¹¦¨ LDAP URL ªº©w¸q¡C«ü¨ì¦w¥þ³s±µ°ðªº LDAP URL ½d¨Ò¦p¤U¡G
ldaps://east.example.com:636/dc=example,dc=com
±z¥i¥H¥ÎªÅ®æ»P¤Þ¸¹¤À¹j¡A¿é¤J¦hÓ°Ñ·Ó URL¡A¦p¤U¡G
"ldap://east.example.com:389" "ldap://backup.example.com:389"
- «ö¤@¤U [Àx¦s] ÅýÅܧó¥ß§Y¥Í®Ä¡C
±q«ü¥O¦æ³]©w¹w³]°Ñ·Ó
¨Ï¥Î ldapmodify «ü¥O¦æ¤½¥Îµ{¦¡¥i¦b¥Ø¿ý°t¸mÀɪº cn=config ¶µ¥Ø¤¤¥[¤J©Î¨ú¥N¤@©Î¦hÓ¹w³]°Ñ·Ó¡C¨Ò¦p¡G
ldapmodify -a -h host -p port -D "cn=Directory Manager" -w password
dn:cn=config
changetype:modify
replace:nsslapd-referral
nsslapd-referral:ldap://east.example.com:389
nsslapd-referral:ldap://backup.example.com:389±z¤£¥²«·s±Ò°Ê¦øªA¾¹¡C
«Ø¥ß´¼¼z«¬°Ñ·Ó
´¼¼z«¬°Ñ·Ó¥iÅý±z±N¥Ø¿ý¶µ¥Ø©Î¾ðª¬¥Ø¿ý¹ï¬M¨ì¯S©w LDAP URL¡C¨Ï¥Î´¼¼z«¬°Ñ·Ó¡A±z¥i¥H±N¥Î¤áºÝÀ³¥Îµ{¦¡«ü¨ì¯S©w¦øªA¾¹¡A©Î¯S©w¦øªA¾¹¤Wªº¯S©w¶µ¥Ø¡C
³q±`¡A´¼¼z«¬°Ñ·Ó·|«ü¨ì¥t¤@³¡¦øªA¾¹¤W¦³¬Û¦P DN ªº¹ê»Ú¶µ¥Ø¡C¦ý¬O±z¥i¥H©w¸q´¼¼z«¬°Ñ·Ó¡A«ü¨ì¦P¤@¦øªA¾¹©Î¤£¦P¦øªA¾¹¤Wªº¥ô¦ó¶µ¥Ø¡C¨Ò¦p¡A±z¥i¥H¥Î¤U¦C DN ©w¸q¶µ¥Ø¡G
uid=bjensen,ou=People,dc=example,dc=com
§@¬°´¼¼z«¬°Ñ·Ó¡A«ü¨ì east.example.com ¦øªA¾¹¤Wªº¥t¤@Ó¶µ¥Ø¡G
cn=Babs Jensen,ou=Sales,o=east,dc=example,dc=com
¥Ø¿ý¨Ï¥Î´¼¼z«¬°Ñ·Óªº¤è¦¡²Å¦X RFC 2251 (http://www.ietf.org/rfc/rfc2251.txt) ªº 4.1.11 ¸`¤¤«ü©wªº¼Ð·Ç¡C
¨Ï¥Î¥D±±¥x«Ø¥ß´¼¼z«¬°Ñ·Ó
- ¦b Directory Server Console ³Ì¤W¼hªº [¥Ø¿ý] ¼ÐÅÒ¤W¡A®i¶}¾ðª¬¥Ø¿ý¡A¥HÅã¥Ün§@¬°´¼¼z«¬°Ñ·Ó¤÷¶µªº¶µ¥Ø¡C
- ¥H·Æ¹«¥kÁä«ö¤@¤U¤÷¶µ¡A¿ï¾Ü [·s¼W] > [°Ñ·Ó] ¥\¯àªí¶µ¥Ø¡C©ÎªÌ¡A±z¥i¥H¦b¤÷¶µ¤W«ö¤@¤U·Æ¹«¥ªÁä¥H¿ï¾Ü¤÷¶µ¡A¦A¿ï¾Ü [ª«¥ó] > [·s¼W] > [°Ñ·Ó] ¥\¯àªí¶µ¥Ø¡C
¥X²{°Ñ·Ó¶µ¥Øªº¦Ûq½s¿è¾¹¹ï¸Ü¤è¶ô¡C
- ¦b½s¿è¾¹ªº [¤@¯ë] ¼ÐÅÒ¤W¡A¿é¤J°Ñ·Óªº¦WºÙ¡A¨Ã±q¤U©Ô¦¡²M³æ¤¤¿ï¾Ü¨ä©R¦WÄÝ©Ê¡C¦WºÙ±N¬O±z¿ï¾Üªº©R¦WÄݩʪºÈ¡C©ÎªÌ¡A±z¥i¥H¬°¦¹°Ñ·Ó¿é¤J´yz¦r¦ê¡C
- ¦b½s¿è¾¹ªº [URL] ¼ÐÅÒ¤W¡A«ö¤@¤U [«Øºc] «ö¶s¥H©w¸q´¼¼z«¬°Ñ·Óªº URL¡C¦b¥X²{ªº¹ï¸Ü¤è¶ô¤¤¿é¤J LDAP URL ªº¤¸¯À¡C
URL ªº¤¸¯À¥]¬AÀx¦s°Ñ·Ó¶µ¥Ø¤§¥Ø¿ý¦øªA¾¹ªº¥D¾÷¦WºÙ©M LDAP ³s±µ°ð¸¹½X¡A¥H¤Î¦øªA¾¹¤W¥Ø¼Ð¶µ¥Øªº DN¡C¨Ì¹w³]È¡A¥Ø¼Ð DN »P´¼¼z«¬°Ñ·Ó¶µ¥Øªº DN ¬Û¦P¡C¦ý¬O¥Ø¼Ð DN ¥i¥H¬O¥ô¦ó§À½X¡B¾ðª¬¤l¥Ø¿ý©Î¤À¸¶µ¥Ø¡C
- ¦b LDAP URL «Øºc¹ï¸Ü¤è¶ô¤¤¡A«ö¤@¤U [½T©w]¡CURL ´NÅã¥Ü¦b·s°Ñ·Ó¤å¦r¤è¶ô¤¤¡C
- «ö¤@¤U·s°Ñ·Ó¤å¦r¤è¶ô®Çªº [¥[¤J]¡A±N°Ñ·Ó¥[¤J²M³æ¡C
- ±z¥i¥H©w¸q¦hÓ URL¡A§@¬°¦¹¶µ¥Ø¶Ç¦^ªº°Ñ·Ó¡C¨Ï¥Î [«Øºc]¡B[¥[¤J]¡B[§R°£] »P [Åܧó] «ö¶s¥i«Ø¥ß»PºÞ²z [°Ñ·Ó²M³æ]¡C
- «ö¤@¤U [°Ñ·ÓÅçÃÒ] «ö¶s¥iÅã¥Ü¹ï¸Ü¤è¶ô¡A±z¥i¥H¦b¨ä¤¤³]©w Directory Server Console ¦b°lÂܰѷӨ컷ºÝ¦øªA¾¹®É±N¥Î¨Ó³sµ²ªº»{ÃÒ¡C±z¥i¥H©w¸q¦s¨ú¦øªA¾¹®É±N¨Ï¥Îªº³sµ² DN »P±K½X¡C«ü¦V¦P¤@¦øªA¾¹ªº©Ò¦³°Ñ·Ó³£±N¨Ï¥Î¬Û¦Pªº»{ÃÒ¡C
- ¨Ï¥Î [¥[¤J]¡B[½s¿è] »P [§R°£] «ö¶s¥iºÞ²z¦øªA¾¹»P¹ïÀ³»{ÃÒ²M³æ¡C§¹¦¨®É«ö¤@¤U [½T©w]¡C
- ¦b°Ñ·Óªº¦Ûq½s¿è¾¹¤¤¡A«ö¤@¤U [Àx¦s] Àx¦s±zªº´¼¼z«¬°Ñ·Ó¶µ¥Ø¡C
¦b¥D±±¥xªº¾ðª¬¥Ø¿ý¤¤¡A±zÀ³¸Ó¬Ý¨ì¥Ø¼Ð¾ðª¬¤l¥Ø¿ý©Î¶µ¥Ø¨ú¥N´¼¼z«¬°Ñ·Ó¶µ¥Ø¡C¦pªG´¼¼z«¬°Ñ·Ó¶µ¥Ø¦³¶À¦âĵ§i¹Ï¥Ü¡Aªí¥Ü URL ©Î»{ÃÒµL®Ä¡C½Ð³s«ö¨â¤U¶µ¥Ø¡Aµ¥¬Ý¨ì [°Ñ·Ó¿ù»~] ®É«ö¤@¤U [Ä~Äò]¡A¨Ãקï [URL] ©Î [°Ñ·ÓÅçÃÒ] ¥H×¥¿¿ù»~¡C
±q«ü¥O¦æ«Ø¥ß´¼¼z«¬°Ñ·Ó
Yn«Ø¥ß´¼¼z«¬°Ñ·Ó¡A½Ð¥Î referral »P extensibleObject ª«¥óÃþ§O«Ø¥ß¶µ¥Ø¡Creferral ª«¥óÃþ§O¤¹³\ ref ÄÝ©Ê¡A¦¹ÄÝ©ÊÀ³¸Ón¥]§t LDAP URL¡CextensibleObject ª«¥óÃþ§O¥iÅý±z¨Ï¥Î¥ô¦ó¼Ò¦¡Äݩʧ@¬°©R¦WÄÝ©Ê¡A¥H«K¯à°÷¹ïÀ³¨ì¥Ø¼Ð¶µ¥Ø¡C
¨Ò¦p¡A©w¸q¤U¦C¶µ¥Ø¶Ç¦^´¼¼z«¬°Ñ·Ó¡A¦Ó¤£¶Ç¦^ uid=bjensen ¶µ¥Ø¡G
ldapmodify -a -h host -p port -D "cn=Directory Manager" -w password
dn:uid=bjensen,ou=People,dc=example,dc=com
objectclass:top
objectclass:extensibleObject
objectclass:referral
uid:bjensen
ref:ldap://east.example.com/cn=Babs%20Jensen,ou=Sales,
o=east,dc=example,dc=com
³Æµù
¦øªA¾¹·|©¿²¤ LDAP URL ¤¤ªÅ®æ¤§«áªº¥ô¦ó¸ê°T¡C¦]¦¹¦b¹wp§@¬°°Ñ·Óªº¥ô¦ó LDAP URL ¤¤¡A±z¥²¶·§ï¥Î %20¡A¦Ó¤£¬O¨Ï¥ÎªÅ®æ¡C¥²¶·©¿²¤¨ä¥L¯S®í¦r¤¸¡C
©w¸q´¼¼z«¬°Ñ·Ó«á¡A¹ï uid=bjensen ¶µ¥Øªº×§ï¹ê»Ú¤W·|¦b¨ä¥L¦øªA¾¹ªº cn=Babs Jensen ¶µ¥Ø¤W°õ¦æ¡Cldapmodify «ü¥O±N¦Û°Ê°lÂÜ°Ñ·Ó¡A¨Ò¦p¡G
ldapmodify -h host -p port -D "cn=Directory Manager" -w password
dn:uid=bjensen,ou=People,dc=example,dc=com
changetype:replace
replace:telephoneNumber
telephoneNumber: (408) 555-1234¬°¤Fקﴼ¼z«¬°Ñ·Ó¡A±z¥²¶·¨Ï¥Î ldapmodify ªº -M ¿ï¶µ¡A¨Ò¦p¡G
ldapmodify -M -h host -p port -D "cn=Directory Manager" -w password
dn:uid=bjensen,ou=People,dc=example,dc=com
changetype:replace
replace:ref
ref:ldap://east.example.com/cn=Babs%20Jensen,ou=Marketing,
o=east,dc=example,dc=com
¥[±KÄÝ©ÊÈÄÝ©Ê¥[±K¥i¥H«OÅ@Àx¦s¦b·s¥Ø¿ý¤¤ªº±Ó·P©Ê¸ê®Æ¡CÄÝ©Ê¥[±K¤¹³\±z«ü©w¥H¥[±K®æ¦¡Àx¦s¤§¶µ¥Øªº¯S©wÄÝ©Ê¡C³o¥i¨¾¤î¸ê®Æ©óÀx¦s¦b¸ê®Æ®wÀɮסB³Æ¥÷¸ê®Æ¥H¤Î¶×¥Xªº LDIF Àɮ׮ɳQŪ¨ú¡C
ÄÝ©ÊÈ¥i§Q¥Î¦¹¶µ¥\¯à¡A¦b±N¨äÀx¦s©ó Directory Server ¸ê®Æ®w«e¡A¥ý¦æ¥[±K¡A¥H¤Î¦b¶Ç¦^¨ì¥Î¤áºÝ«e¦A¦æ¸Ñ±K¦^ì©lÈ¡C¦b¥Î¤áºÝ©M Directory Server ¤§¶¡¶Ç°e®É¡A±z¥²¶·¨Ï¥Î¦s¨ú±±¨î¶µ¡A¨¾¤î¥Î¤áºÝ¦s¨ú¨S¦³ÅvªºÄÝ©Ê©M SSL ¥H¥[±KÄÝ©Ê¡C¦p»Ý¤@¯ë¸ê®Æ¦w¥þ©Ê¡A¯S§O¬OÄÝ©Ê¥[±Kªºµ²ºc¦¡·§z¡A½Ð°Ñ¾\ Directory Server Deployment Planning Guide¡C
¥u¦³¦b¦øªA¾¹¤W°t¸m¨Ã±Ò¥Î SSL «á¡A¤~·|±Ò¥ÎÄÝ©Ê¥[±K¡C¤£¹L¡A¨Ì¾Ú¹w³]¨Ã¤£·|¥[±K¥ô¦óÄÝ©Ê¡C¨t²Î·|¦b§À½X¼h¯Å¤¤°t¸mÄÝ©Ê¥[±K¡C³o¬O«ü±N¥X²{¦b¨C¤@Ó¶µ¥Ø¤§§À½XªºÄÝ©Ê¥[±K¡C¦pªG±z·Qn±N¾ãӥؿý¤¤ªº¬YÓÄÝ©Ê¥[±K¡A¥²¶·±Ò¥Î¨C¤@Ó§À½X¤¤¦¹Äݩʪº¥[±K¡C
¦pªG±z¿ï¾Ü¥[±KªºÄÝ©ÊY·|±N¬Y¨Ç¶µ¥Ø·í¦¨©R¦WÄݩʨϥΡA«h¥X²{¦b DN ¤¤ªºÈ±N¤£·|¥[±K¡A¦ýÀx¦s¦b¶µ¥Ø¤¤ªºÈ±N·|¥[±K¡C
±z¥i¥H¿ï¾Ü userPassword Äݩʶi¦æ¥[±K¡A¦ý³o¨Ã¨S¦³¹ê»Úªº¦w¥þ©Ê®Ä¯q¡A°£«D±K½X»Ý¥H¯Â¤å¦rÀx¦s¡A¦p DIGEST-MD5 SASL ÅçÃÒ¤@¼Ë¡C¦pªG±K½Xµ¦²¤¤¤¤w¬°±K½X³]©w¥[±K¾÷¨î¡A«h§ó¶i¤@¨Bªº¥[±K©Ò¯à¼W¥[ªº¦w¥þ©Ê¦³¡AÁÙ·|¼vÅT¨C¤@¦¸³sµ²§@·~ªº®Ä¯à¡C
¦bÀx¦s¤¤¡A¥[±KªºÄÝ©Ê¥Hªí¥Ü¨Ï¥Î¥[±Kºtºâªkªº¥[±K¼ÐÅÒ§@¬°¶}ºÝ¡C¨Ï¥Î DES ¥[±Kºtºâªkªº¥[±KÄÝ©Ê·|Åã¥Ü¦p¤U¡G
¨Ï¥Î¥D±±¥x°t¸mÄÝ©Ê¥[±K
- ¦b Directory Server Console ¤W¿ï¾Ü [°t¸m] ¼ÐÅÒ¡A®i¶} [¸ê®Æ] ¸`ÂI¡A¨Ã¿ï¾Ü±z·Qn¥[±KÄÝ©ÊȪº§À½X¡C¿ï¾Ü¥k±ªO¤¤ªº [ÄÝ©Ê¥[±K] ¼ÐÅÒ¡C
¦¹¼ÐÅÒ¥]§t¤@¥÷ªí®æ¡A¦C¥X¦¹§À½X¥Ø«e©Ò¦³¥[±KÄݩʪº¦WºÙ©M¥[±Kµ²ºc¡C
- Yn¬°ÄݩʱҥΥ[±K¡G
- Yn¨ÏÄݩʤ£¦A¥[±K¡A½Ð±qªí®æ¤¤¿ï¾ÜÄݩʦWºÙ¡A¦A«ö¤@¤U [§R°£ÄÝ©Ê] «ö¶s¡C
- «ö¤@¤U [Àx¦s]¡C¨t²Î·|´£¥Ü±z¦bÅܧó°t¸m«e¡A¥ý±N§À½X¤º®e¶×¥X¦Ü LDIF ÀɮסC
- «ö¤@¤U [¶×¥X§À½X] ¶}±Ò¶×¥X¹ï¸Ü¤è¶ô¡A©Î«ö¤@¤U [Ä~Äò]¡A¤£»Ýn¶×¥X§Y¥iקïÄÝ©Ê¥[±K°t¸m¡CµM«á·sªº°t¸m´N·|Àx¦s°_¨Ó¡C
¦pªG±z©|¥¼¶×¥X§À½X¡A±z¥²¶·¥ß§Y°õ¦æ¦¹°Ê§@¥HÀx¦s¨ä¤º®e¡C¦pªG§À½X¥]§t¥[±KªºÄÝ©Ê¡A¦Ó¥B±zp¹º¦b¤UÓ¨BÆJ¤¤¨Ï¥Î¦¹ LDIF Àɮ׫·sªì©l¤Æ§À½X¡A³o¨ÇÄݩʦb¶×¥Xªº LDIF ¤¤¥i¥H«O«ù¥[±Kª¬ºA¡C
²{¦b±N¥X²{´£¥Ü¡An±z±q LDIF Àɮתì©l¤Æ§À½X¡C
- ²{¦b«ö¤@¤U [ªì©l¤Æ§À½X] ¶}±Òªì©l¤Æ¹ï¸Ü¤è¶ô¡AµM«á¦A¿é¤J LDIF ÀɮצWºÙ¸ü¤J¥Ø¿ý¡C
¦pªG¦b¤WÓ¨BÆJ¤¤¶×¥X§t¥[±KÄݩʪº§À½X¡A±z²{¦b¥²¶·¥Î¸ÓÀɮתì©l¤Æ¡A¦]¬°¤@¥¹§À½X«·sªì©l¤Æ«á¡A¥[±KȱNµLªk¦^´_¡C¦b¸ü¤J¤Î«Ø¥ß¯Á¤Þªº¦P®É¡A«ü©wÄݩʪº©Ò¦³È³£±N·|¥[±K¡C
¦pªG±z¤£·Q¦b¦¹®Éªì©l¤Æ§À½X¡A½Ð«ö¤@¤U [Ãö³¬]¡C±z¥i©óµy«á¦A¨Ï¥Î¶×¤J¸ê®Æ¤¤©Ò´yzªºµ{§Ç¨Ó¶×¤J¸ê®Æ¡C
- ¦pªG°t¸m¤w§ï¬°·|¥[±K¤@©Î¦hÓÄÝ©Ê¡A¦Ó¥B³o¨ÇÄݩʦb¶×¤J§@·~¤§«e´¿¸g¦³È¡A¸ê®Æ®w§Ö¨ú¤¤¥i¯à¨Ì¬ݱo¨ì³¡¤À¥¼¥[±KªºÈ¡CYn²M°£¸ê®Æ®w§Ö¨ú¡G
- ¨Ì±Ò°Ê©M°±¤î Directory Server ©Òz°±¤î Directory Server¡C
- ¥H¶W¯Å¨Ï¥ÎªÌ©Î¨ã¦³ºÞ²zûÅvªº¨¥÷¡A±N¸ê®Æ®w§Ö¨úÀÉ®×±qÀɮרt²Î¤¤§R°£¡G
ServerRoot/slapd-serverID/db/__db.*
- ¦A¦¸±Ò°Ê Directory Server¡C¦øªA¾¹±N¦Û°Ê«Ø¥ß·sªº¸ê®Æ®w§Ö¨úÀɮסC
±q«ü¥O¦æ°t¸mÄÝ©Ê¥[±K
- ¦pªGn°t¸mÄÝ©Ê¥[±Kªº§À½X¤W¦³¥ô¦ó¶µ¥Ø¡A±z¥²¶·¥ý±N¸Ó§À½Xªº¤º®e¶×¥X¨ì LDIF ÀɮסC¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\¶×¥X¤é´Á¡C
¦pªG§À½X¥]§t¥[±KªºÄÝ©Ê¡A¦Ó¥B±zp¹º¦b¨BÆJ 5 ¤¤¨Ï¥Î¦¹ LDIF Àɮ׫·sªì©l¤Æ§À½X¡A³o¨ÇÄݩʦb¶×¥Xªº LDIF ¤¤¥i¥H«O«ù¥[±Kª¬ºA¡C
- Yn¬°ÄݩʱҥΥ[±K¡A½Ð¨Ï¥Î ldapmodify «ü¥O¥[¤J¤U¦C°t¸m¶µ¥Ø¡G
ldapmodify -a -h host -p port -D cn=Directory Manager -w password
dn:cn=attributeName, cn=encrypted attributes, cn=databaseName,
cn=ldbm database, cn=plugins, cn=config
objectclass:top
objectclass:dsAttributeEncryption
cn: attributeName
dsEncryptionAlgorithm:cipherName¨ä¤¤ attributeName ¬On¥[±KªºÄÝ©ÊÃþ«¬¦WºÙ¡AdatabaseName ¬O¹ïÀ³¨ì§À½Xªº¸ê®Æ®w²Å¸¹¦WºÙ¡A¦Ó cipherName ¬O¤U¦C¨ä¤¤¤§¤@¡G
- Yn¨ÏÄݩʤ£¦A¥[±K¡A½Ð¨Ï¥Î ldapmodify «ü¥Oקï¤U¦C°t¸m¶µ¥Ø¡G
ldapmodify -h host -p port -D cn=Directory Manager -w password
dn:cn=attributeName, cn=encrypted attributes, cn=databaseName,
cn=ldbm database, cn=plugins, cn=config
changetype:modify
replace:dsEncryptionAlgorithm
dsEncryptionAlgorithm:clearText¨ä¤¤ attributeName ¬On¥[±KªºÄÝ©ÊÃþ«¬¦WºÙ¡A¦Ó databaseName ¬O¹ïÀ³¨ì§À½Xªº¸ê®Æ®w²Å¸¹¦WºÙ¡C
- ¦pªG°t¸m¤w§ï¬°·|¥[±K¤@©Î¦hÓÄÝ©Ê¡A¦Ó¥B³o¨ÇÄݩʦb¶×¤J§@·~¤§«e´¿¸g¦³È¡A¸ê®Æ®w§Ö¨ú¤¤¥i¯à¨Ì¬ݱo¨ì³¡¤À¥¼¥[±KªºÈ¡CYn²M°£¸ê®Æ®w§Ö¨ú¡G
- ¨Ì±Ò°Ê©M°±¤î Directory Server ©Òz°±¤î Directory Server¡C
- ¥H¶W¯Å¨Ï¥ÎªÌ©Î¨ã¦³ºÞ²zûÅvªº¨¥÷¡A±N¸ê®Æ®w§Ö¨úÀÉ®×±qÀɮרt²Î¤¤§R°£¡G
ServerRoot/slapd-serverID/db/__db.*
- ¦A¦¸±Ò°Ê Directory Server¡C¦øªA¾¹±N¦Û°Ê«Ø¥ß·sªº¸ê®Æ®w§Ö¨úÀɮסC¦b§Ö¨ú¦A¦¸¶ñº¡¤§«e¡A¦¹§À½X¤¤ªº§@·~®Ä¯à¥i¯à·|µy·L¨ü¨ì¼vÅT¡C
- ¨Ì¶×¤J¸ê®Æ©Òz¥Î LDIF Àɮתì©l¤Æ§À½X¡C
¦b¸ü¤JÀɮפΫإ߹ïÀ³¯Á¤Þªº¦P®É¡A«ü©wÄݩʪº©Ò¦³È³£±N·|¥[±K¡C
ºûÅ@°Ñ¦Ò§¹¾ã©Ê°Ñ¦Ò§¹¾ã©Ê¬O¤@ºØ¥~±¾µ{¦¡¾÷¨î¡A¥i½T«OºûÅ@¬ÛÃö¶µ¥Ø¤§¶¡ªºÃö«Y¡C³\¦hÄÝ©ÊÃþ«¬ (¨Ò¦p¸s²Õ¦¨ûªºÄÝ©Ê) ¤¤¥]§t¥t¤@Ó¶µ¥Øªº DN¡C°Ñ¦Ò§¹¾ã©Ê¥i½T«O²¾°£¶µ¥Ø®É¡A¥]§t¨ä DN ªº©Ò¦³Äݩʤ]·|¤@¨Ö²¾°£¡C
¨Ò¦p¡A¦pªG²¾°£¤F¥Ø¿ýªº¨Ï¥ÎªÌ¶µ¥Ø¡A¦Ó¥B¤w¸g±Ò¥Î°Ñ¦Ò§¹¾ã©Ê¡A«h¦øªA¾¹¤]·|²¾°£¨Ï¥ÎªÌ¬°¦¨û¤§¤@¤§©Ò¦³¸s²Õªº¨Ï¥ÎªÌ¡C¦pªG¨S¦³±Ò¥Î°Ñ¦Ò§¹¾ã©Ê¡AºÞ²zû¥²¶· ¤â°Ê±q¸s²Õ¤¤²¾°£¨Ï¥ÎªÌ¡C¦pªG±z±N Directory Server »P¨ä¥L»Ýn¥Î¨ì¨Ï¥ÎªÌ»P¸s²ÕºÞ²zªº Sun Java System ²£«~¶i¦æ¾ã¦X®É¡A³o·|¬O¤@¶µ«n¥\¯à¡C
°Ñ¦Ò§¹¾ã©Ê¾Þ§@¤èªk
·í±Ò¥Î°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡®É¡A¨ä·|¦b§R°£¡B«·s©R¦W©Î²¾°Ê§@·~¤§«á¡A¥ß§Y°õ¦æ¯S©wÄݩʤWªº§¹¾ã©Ê§ó·s¡C¨Ì¹w³]È¡A°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡¬O°±¥Îªº¡C
¨C·í±z§R°£¡B«·s©R¦W©Î²¾°Ê¥Ø¿ý¤¤ªº¨Ï¥ÎªÌ©Î¸s²Õ¶µ¥Ø®É¡A·|±N§@·~°O¿ý¦b°Ñ¦Ò§¹¾ã©Ê°O¿ýÀɤ¤¡G
ServerRoot/slapd-serverID/logs/referint
¸g¹L¯S©w®É¶¡ (§Y§ó·s¶¡¹j) «á¡A¦øªA¾¹·|¦b±Ò¥Î°Ñ¦Ò§¹¾ã©Ê¤§©Ò¦³ÄݩʤW°õ¦æ·j´M¡A¨Ã¨Ï·j´M¥X¨Óªº¶µ¥Ø»P¥X²{¦b°O¿ýÀɤ¤¤w§R°£©Î¤wקﶵ¥Øªº DN ¤¬¬Û²Å¦X¡C¦pªG°O¿ýÀÉÅã¥Ü¤w¸g§R°£¶µ¥Ø¡A«h¹ïÀ³ªºÄݩʤ]·|§R°£¡C¦pªG°O¿ýÀÉÅã¥Ü¤w¸gÅܧ󶵥ءA«h¹ïÀ³ªºÄÝ©ÊȤ]·|¬Û¹ï¦aקï¡C
Y±Ò¥Î°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡ªº¹w³]°t¸m¡A¨C¦¸°õ¦æ§R°£¡B«·s©R¦W©Î²¾°Ê§@·~«á¡A¥¦·|¥ß§Y¦b member¡Buniquemember¡Bowner¡BseeAlso ©M nsroledn ÄݩʤW°õ¦æ§¹¾ã©Ê§ó·s¡C¦ý¬O±z¥i¥H¨Ì·Ó±zªº»Ýn°t¸m°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡ªº¹B§@¤è¦¡¡G
°t¸m°Ñ¦Ò§¹¾ã©Ê
¨Ï¥Î¤U¦Cµ{§Ç¥i±q Directory Server Console ±Ò¥Î©Î°±¥Î°Ñ¦Ò§¹¾ã©Ê¡A¥H¤Î°t¸m¥~±¾µ{¦¡¡C
³Æµù
¦b©Ò¦³¸ê®Æ®w¤¤°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡©Ò¨Ï¥Îªº©Ò¦³Äݩʳ£¥²¶·½s»s¯Á¤Þ¡C¥²¶·¦b©Ò¦³¸ê®Æ®wªº°t¸m¤¤«Ø¥ß³o¨Ç¯Á¤Þ¡C·í±Ò¥Î¦^·¹Åܧó°O¿ý®É¡Acn=changelog §À½X¥²¶·½s»s¯Á¤Þ¡C¦p»Ý¬ÛÃö¸ê°T¡A½Ð°Ñ¾\²Ä 10 ³¹¡u½s»s¥Ø¿ý¸ê®Æ¯Á¤Þ¡v¡C
±q¥D±±¥x¤W°t¸m°Ñ¦Ò§¹¾ã©Ê
- ¦b Directory Server Console ³Ì¤W¼hªº [°t¸m] ¼ÐÅÒ¤W¡A®i¶} [¥~±¾µ{¦¡] ¸`ÂI¡A¦A¿ï¾Ü [referential integrity postoperation] ¥~±¾µ{¦¡¡C
¥~±¾µ{¦¡ªº³]©wÅã¥Ü¦b¥k±ªO¤¤¡C
- ¿ï¾Ü [±Ò¥Î¥~±¾µ{¦¡] ®Ö¨ú¤è¶ô¥H±Ò¥Î¥~±¾µ{¦¡¡A²M°£®Ö¨ú¤è¶ô¥H°±¥Î¥~±¾µ{¦¡¡C
- ³]©w [¤Þ¼Æ 1] ªºÈ¡A¥Hקï§ó·sªº¶¡¹j¬í¼Æ¡C±`¥ÎªºÈ¬°¡G
- ³]©w [¤Þ¼Æ 2] ªºÈ¡A¦¨¬°°Ñ¦Ò§¹¾ã©Ê°O¿ýÀɪºµ´¹ï¸ô®|¡C
[¤Þ¼Æ 3] ¥Î¤£¨ì¡A¦ý¥²¶·¦s¦b¡C
- ¨ü°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡ºÊ±±ªºÄÝ©Ê¥Ñ [¤Þ¼Æ 4] ¶}©l¦C°_¡C«ö¤@¤U [¥[¤J] »P [§R°£] «ö¶s¥iºÞ²z¦¹²M³æ¡A¤Î¥[¤J±z¦Û¤vªºÄÝ©Ê¡C
- «ö¤@¤U [Àx¦s] ¥HÀx¦s±zªºÅܧó¡C
- Åܧó¥Í®Ä«e¡A±z¥²¶·«·s±Ò°Ê Directory Server¡C
±N°Ñ¦Ò§¹¾ã©Ê¥Î©ó½Æ»s
¦b½Æ»sÀô¹Ò¤¤¡A¦s¦b¬Y¨Ç¨Ï¥Î°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡ªº¨î¡G
Yn¦b½Æ»s©Ý¾ë¤¤°t¸m°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡¡G
- ½T©w¤w°t¸m©Ò¦³½Æ¥»ªº°t¸m¡A¦Ó¥B¤w©w¸q©Ò¦³½Æ»s¨óij¡C
- ¨M©w±N¬°¨äºûÅ@°Ñ¦Ò§¹¾ã©ÊªºÄݩʲաC¨Ã¨M©w¥D¾÷¦øªA¾¹¤W©Òn¨Ï¥Îªº§ó·s¶¡¹j¡C
- ¨Ï¥Î¬Û¦PªºÄݩʲդάۦPªº§ó·s¶¡¹j±Ò¥Î©Ò¦³¥D¾÷¦øªA¾¹¤Wªº°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡¡C¦¹µ{§Ç·|¦b°t¸m°Ñ¦Ò§¹¾ã©Ê¤¤´yz¡C
- ½Ð½T©w©Ò¦³¥Î¤á¦øªA¾¹¤W°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡³£¬O°±¥Îªº¡C
±N°Ñ¦Ò§¹¾ã©Ê¥Î©óÄ~©Ó½Æ»s
±q 4.x ¥D¾÷¦V 5.x ¥Î¤á½Æ»s®É¡A±Ò¥Î°Ñ¦Ò§¹¾ã©Ê¡A±z¥²¶·¦b 4.x ¥D¾÷¤W«·s°t¸m°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡¡A±N°Ñ¦Ò§¹¾ã©ÊÅܧó¼g¤J 4.x Åܧó°O¿ý¡C¦¹¾Þ§@¨Ï°Ñ¦Ò§¹¾ã©ÊÅܧó³Q½Æ»s¡C¦pªG¨S¦³«·s°t¸m¥~±¾µ{¦¡¡A°Ñ¦Ò§¹¾ã©ÊµLªk¥¿±`¹B§@¡C
¦b¥H¤UÀô¹Ò¤¤«·s°t¸m°Ñ¦Ò§¹¾ã©Ê¥~±¾µ{¦¡¡G
- °±¤î 4.x ¦øªA¾¹¡C
- ¶}±Ò ServerRoot/slapd-ServerID/config/ ¤¤ªº slapd.ldbm.conf ÀɮסC
- ´M§ä¥H¤U±¥y¤l¶}©lªº¦æ
plugin postoperation on "referential integrity postoperation"
- ³z¹L±NÄݩʲM³æ«eªº¤Þ¼Æ¥Ñ 0 ÅÜ§ó¬° 1¨Óק惡¦æ¡C
¨Ò¦p¡A±N
plugin postoperation on "referential integrity postoperation" "ServerRoot/lib/referint-plugin.dll" referint_postop_init 0 "ServerRoot/slapd-serverID/logs/referint" 0 "member" "uniquemember" "owner" "seeAlso"
Åܧó¬°
plugin postoperation on "referential integrity postoperation" "ServerRoot/lib/referint-plugin.dll" referint_postop_init 0 "ServerRoot/slapd-serverID/logs/referint" 1 "member" "uniquemember" "owner" "seeAlso"
- Àx¦s slapd.ldbm.conf ÀɮסC
- «·s±Ò°Ê¦øªA¾¹¡C
- ±q 4.x ´£¨ÑªÌ«·sªì©l¤Æ 5.x ¥Î¤á¡C
·j´M¥Ø¿ý±z¥i¥H¨Ï¥Î¥ô¦ó LDAP ¥Î¤áºÝ§ä¥X¥Ø¿ý¤¤ªº¶µ¥Ø¡C¤j³¡¤À¥Î¤áºÝ´£¨Ñ¬YºØ·j´M¤¶±¡AÅý±z·j´M¥Ø¿ý©MÂ^¨ú¶µ¥Ø¸ê°T¡C
¦b±z¥Ø¿ý¤¤³]©wªº¦s¨ú±±¨î·|¨M©w·j´Mµ²ªG¡C¤@¯ë¨Ï¥ÎªÌ³q±`¤£·|¡u¬Ý¨ì¡v¥Ø¿ýªº¤Ó¦h¤º®e¡A¦Ó¥B¥Ø¿ýºÞ²zû¾Ö¦³¦s¨ú¥]¬A°t¸mªº©Ò¦³¸ê®Æ¤§§¹¾ãÅv¡C
·j´M¦³ ldapsearch ªº¥Ø¿ý
±z¥i¥H¨Ï¥Î ldapsearch «ü¥O¦æ¤½¥Îµ{¦¡§ä¥X©MÂ^¨ú¥Ø¿ý¶µ¥Ø¡C½Ðª`·N¡A¥»¸`¤¤´yzªº ldapsearch ¤½¥Îµ{¦¡¤£¬O Solaris ¥¥x´£¨Ñªº¤½¥Îµ{¦¡¡A¦ý¬O Directory Server Resource Kit ªº¤@³¡¤À¡C¦p»ÝÃö©ó¦¹¤½¥Îµ{¦¡ªº¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ Directory Server Resource Kit Tools Reference¡C
¦¹¤½¥Îµ{¦¡¥H«ü©w¨Ï¥ÎªÌ¨¥÷ (³q±`¬O¿ë§O¦WºÙ) ©M±K½X¶}±Ò»P¦øªA¾¹ªº³s½u¡A¨Ã¥B®Ú¾Ú·j´M¿z¿ï±ø¥ó§ä¥X¶µ¥Ø¡C·j´M½d³ò¥i¥H¥]¬A³æ¤@¶µ¥Ø¡B¶µ¥Øªºª½±µ¤l¶µ¥Ø¡B©Î¬O¾ãӾ𪬥ؿý©Î¾ðª¬¤l¥Ø¿ý¡C
·j´M¥H LDIF ®æ¦¡¶Ç¦^ªºµ²ªG¡C
ldapsearch «ü¥O¦æ®æ¦¡
¨Ï¥Î ldapsearch ®É¡A±z¥²¶·¨Ï¥Î¤U¦C®æ¦¡¿é¤J«ü¥O¡G
ldapsearch [optional_options] [search_filter] [optional_list_of_attributes]
¨ä¤¤
- optional_options ¥Nªí¤@¨t¦Cªº«ü¥O¦æ¿ï¶µ¡C¥²¶·¦b·j´M¿z¿ï±ø¥ó¤§«e«ü©w³o¨Ç¿ï¶µ (¦pªG¦³ªº¸Ü)¡C
- search_filter ¥Nªí LDAP ·j´M¿z¿ï±ø¥ó¤¤´yzªº LDAP ·j´M¿z¿ï±ø¥ó¡C¦pªG±z¥¼¨Ï¥Î -f ¿ï¶µ¦bÀɮפ¤´£¨Ñ·j´M¿z¿ï±ø¥ó¡A«h¥²¶·«ü©w·j´M¿z¿ï±ø¥ó¡C
- optional_list_of_attributes ¥Nªí¥HªÅ®æ¤À¹jªºÄݩʲM³æ¡C«ü©wÄݩʲM³æ·|´î¤Ö·j´Mµ²ªG¤¤¶Ç¦^ªºÄݩʼƥءC¦¹ÄݩʲM³æ¥²¶·¥X²{¦b·j´M¿z¿ï±ø¥ó¤§«á¡C¦p»Ý½d¨Ò¡A½Ð°Ñ¾\Åã¥ÜÄݩʪº¤l¶°¡C¦pªG±z¨S¦³«ü©wÄݩʲM³æ¡A«h·j´M·|¶Ç¦^¥Ø¿ý¤¤³]©wªº¦s¨ú±±¨î±Â»Pªº©Ò¦³ÄÝ©ÊÈ (¾Þ§@ÄÝ©Ê°£¥~)¡C
¨Ï¥Î¯S®í¦r¤¸
¨Ï¥Î ldapsearch «ü¥O¦æ¤½¥Îµ{¦¡®É¡A±z¥i¯à¥²¶·«ü©w¤@¨Ç¹ï«ü¥O¦æ¸ÑĶ¾¹¨ã¦³¯S®í·N¸qªº¦r¤¸¡A(¨Ò¦pªÅ®æ [ ]¡B¬P¸¹ [*]¡B¤Ï±×½u [\] µ¥)¡C«ü©w¯S®í¦r¤¸®É¡A±Nȸm©ó¤Þ¸¹ (¡u¡v) ¤º¡C¨Ò¦p¡G
-D "cn=Charlene Daniels,ou=People,dc=example,dc=com"
¨Ì«ü¥O¦æ¸ÑĶ¾¹¦Ó©w¡A¨Ï¥Î³æ¤Þ¸¹©ÎÂù¤Þ¸¹°µ¦¹¥Î³~¡C¦p»Ý¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\±zªº Shell ¤å¥ó¡C
±`¥Îªº ldapsearch ¿ï¶µ
¥H¤U¦C¥X¤F³Ì±`¥Îªº ldapsearch «ü¥O¦æ¿ï¶µ¡C¦pªG±z«ü©w§t¦³ªÅ®æ [ ] ªºÈ¡AÈÀ³¸Ó¸m©óÂù¤Þ¸¹¤§¶¡¡A¨Ò¦p
-b "ou=groups, dc=example,dc=com"¡C
-b
«ü©w·j´Mªº°_ÂI¡C³o«ü©wªºÈ¥²¶·¬O¥Ø«e¦s¦b©ó¸ê®Æ®w¤¤ªº¿ë§O¦WºÙ¡C¦pªG LDAP_BASEDN Àô¹ÒÅܼƤw³]©w¬°°ò¦ DN¡A«h¦¹¿ï¶µ¬°¥i¿ï¶µ¡C
¦¹¿ï¶µ¤¤«ü©wªºÈÀ³¸Ó¸m©óÂù¤Þ¸¹¤¤¡C¨Ò¦p¡G
-b "cn=Charlene Daniels, ou=People, dc=example,dc=com"
-D
«ü©w¹ï¦øªA¾¹¶i¦æÅçÃҩҨϥΪº¿ë§O¦WºÙ¡C¦pªG±zªº¦øªA¾¹¤ä´©°Î¦W¦s¨ú¡A«h¦¹¿ï¶µ¬°¥i¿ï¶µ¡C¦pªG¤w«ü©w¡A«h¦¹È¥²¶·¬O Directory Server ½T»{ªº DN¡A¦Ó¥B¤]¥²¶·¦³·j´M¶µ¥ØªºÅv¡C¨Ò¦p¡G
-D "uid=cdaniels, dc=example,dc=com"
-h
¦b¦w¸Ë Directory Server ªº¾÷¾¹¤W¡A«ü©w¥D¾÷¦WºÙ©Î IP ¦ì§}¡C¦pªG¥¼«ü©w¥D¾÷¡A«h ldapsearch ¨Ï¥Î localhost¡C¨Ò¦p -h myServer¡C
-l
«ü©wµ¥«Ý§¹¦¨·j´M½Ð¨Dªº³Ì¤j¬í¼Æ¡CµL½×¦b³oØ«©w¦óÈ¡Aldapsearch µ´¤£·|µ¥Ô¤ñ¦øªA¾¹ nsslapd-timelimit ÄÝ©Ê©Ò¤¹³\ªº®É¶¡§óªø («ùÄò·j´M°£¥~)¡C¦p»ÝÃö©ó«ùÄò·j´Mªº¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ Directory Server Resource Kit Tools Reference¡C
¨Ò¦p -l 300¡Cnsslapd-timelimit Äݩʪº¹w³]ȬO 3,600 ¬í (1 ¤p®É¡C)
-p
«ü©w Directory Server ¨Ï¥Îªº TCP ³s±µ°ð¸¹½X¡C¨Ò¦p -p 5201¡C¹w³]Ȭ° 389¡A¨Ï¥Î SSL ¿ï¶µ®É¬° 636¡C
-s
«ü©w·j´Mªº½d³ò¡C½d³ò¥i¯à¬O¨ä¤¤¤§¤@¡G
-w
«ü©w»P¦b -D ¿ï¶µ¤¤«ü©wªº¿ë§O¦WºÙ¦³Ãöªº±K½X¡C¦pªG±z¨S¦³«ü©w¦¹¿ï¶µ¡A«h¨Ï¥Î°Î¦W¦s¨ú¡C¨Ò¦p -w diner892¡C
-x
«ü©w¦b¦øªA¾¹¦Ó¤£¬O¥Î¤áºÝ¤W±Æ§Ç·j´Mµ²ªG¡C¦pªG±z·Qn®Ú¾Ú¬Û²Å³W«h±Æ§Ç¡A¨Ò¦p¨Ï¥Î°ê»Ú·j´Mµ¥¡A³oӿﶵ«Ü¦³¥Î¡C¤@¯ë¦Ó¨¥¡A¦b¦øªA¾¹ºÝ±Æ§Ç¤ñ¦b¥Î¤áºÝ§Ö¡AÁöµM¦øªA¾¹ºÝ±Æ§Ç¨Ï¥Îªº¬O¦øªA¾¹¸ê·½¡C
-z
«ü©w¦^À³·j´Mn¨D®Én¶Ç¦^ªº¶µ¥Ø¼Æ³Ì¤jÈ¡C¨Ò¦p -z 1000¡C
¤@¯ë¦Ó¨¥¡AµL½×³oØ«©w¦óÈ¡Aldapsearch µ´¤£·|¶Ç¦^¤ñ¦øªA¾¹ªº nsslapd-sizelimit ÄÝ©Ê©Ò¤¹³\¼Æ¶qÁÙn¦hªº¶µ¥Ø¡C¦ý¦b¨Ï¥Î¦¹«ü¥O¦æ¤Þ¼Æ®É¡A±z¥i¥H³sµ²¬°®Ú DN ¥HÂмg¦¹¨î¡C³sµ²¬°®Ú DN ®É¡A¦¹¿ï¶µ¹w³]¬°¹s (0)¡Cnsslapd-sizelimit Äݩʪº¹w³]ȬO 2,000 Ó¶µ¥Ø¡C
¦p»ÝÃö©ó©Ò¦³ ldapsearch ¤½¥Îµ{¦¡¿ï¶µªº¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ Directory Server Resource Kit Tools Reference¡C
ldapsearch ½d¨Ò
¦b¤U¤@²Õ½d¨Ò¤¤¶i¦æ¥H¤U°²³]¡G
¶Ç¦^©Ò¦³¶µ¥Ø
°²©w´£¨Ñ¥ý«e¸ê°T¡A¤U¦C©I¥s±N¦b¥Ø¿ý¤¤¶Ç¦^©Ò¦³¶µ¥Ø¡G
ldapsearch -h myServer -p 5201 -D "cn=directory manager" -w password
-b "dc=example,dc=com" -s sub "(objectclass=*)""(objectclass=*)" ¬O²Å¦X¥Ø¿ý¤¤¥ô¦ó¶µ¥Øªº·j´M¿z¿ï±ø¥ó¡C
«ü©w«ü¥O¦æ¤Wªº·j´M¿z¿ï±ø¥ó
±z¥i¥Hª½±µ¦b«ü¥O¦æ¤W«ü©w·j´M¿z¿ï±ø¥ó¡C¦pªG±z³o¼Ë°µ¡A½Ð½T©w±N¿z¿ï±ø¥ó©ñ¦b¤Þ¸¹¤¤ (¡u¿z¿ï±ø¥ó¡v)¡C¦P®É¡A½Ð¤Å«ü©w -f ¿ï¶µ¡C
¨Ò¦p¡G
ldapsearch -h myServer -p 5201 -D "cn=directory manager" -w password
-b "dc=example,dc=com" "(cn=Charlene Daniels)"·j´M®Ú DSE ¶µ¥Ø
®Ú DSE ¬O¤@Ó¯S®í¶µ¥Ø¡A§t¦³»P¥Ø«e¦øªA¾¹¹ê¨Ò¦³Ãöªº¸ê°T¡A¨Ò¦p©Ò¤ä´©§À½X¡B¥i¥ÎÅçÃÒ¾÷¨îµ¥ªº²M³æ¡C±z¥i¥H³z¹L´£¨Ñ¡u¡v·j´M°ò¦·j´M¦¹¶µ¥Ø¡C¦P®É¡A¥²¶·«ü©w base ªº·j´M½d³ò©M "(objectclass=*)" ªº¿z¿ï±ø¥ó¡C
¨Ò¦p¡G
ldapsearch -h myServer -p 5201 -D "cn=directory manager" -w password
-b "" -s base "(objectclass=*)"·j´M¼Ò¦¡¶µ¥Ø
Directory Server ±N©Ò¦³¥Ø¿ý¦øªA¾¹¼Ò¦¡Àx¦s¦b¯S®í cn=schema ¶µ¥Ø¤¤¡C¦¹¶µ¥Ø§t¦³Ãö©ó¬°±zªº¥Ø¿ý¦øªA¾¹©w¸qªº¨CÓª«¥óÃþ§O©MÄݩʸê°T¡C
±z¥i¥H«ö¦p¤U¤è¦¡Àˬd¦¹¶µ¥Ø¤º®e¡G
ldapsearch -h myServer -p 5201 -D "cn=directory manager" -w password
-b "cn=schema" -s base "(objectclass=*)"
³Æµù
¬°¤F¹F¨ì°ª«×ªº¤@P©Ê¡Aµ¹©w¶µ¥Øªº¼Ò¦¡¦¸n¶µ¥Ø¦ì¸m¥Ñ subschemaSubentry ¾Þ§@ÄÝ©Ê«ü©w¡C¦b³o¤@ª©¥»ªº Directory Server ¤¤¡A¦¹ÄÝ©ÊÈ©l²×¬° cn=schema¡C
¨Ï¥Î LDAP_BASEDN
Yn¨Ï·j´M§ó®e©ö¡A±z¥i¥H¨Ï¥Î LDAP_BASEDN Àô¹ÒÅܼƳ]©w·j´M°ò¦¡C³o¼Ë°µ¥iÅý±z¬Ù²¤¨Ï¥Î -b ¿ï¶µ«ü©w·j´M°ò¦ (¦p»Ý¦³Ãö³]©wÀô¹ÒÅܼƪº¸ê°T¡A½Ð°Ñ¾\§@·~¨t²Îªº¤å¥ó)¡C
³q±`·|±N LDAP_BASEDN ³]©w¦¨¥Ø¿ýªº§À½XÈ¡C¥Ñ©ó¥Ø¿ý§À½X©M¥Ø¿ý¤¤ªº®Ú©Î³Ì¤W¼h¶µ¥Ø¬Ûµ¥¡A³o¼Ë·|¨Ï©Ò¦³ªº·j´M±q¥Ø¿ýªº®Ú¶µ¥Ø¶}©l¡C
¨Ò¦p¡A¦pªG¤w±N LDAP_BASEDN ³]©w¬° dc=example,dc=com¡A±z¥i¥H¨Ï¥Î¤U¦Cªº«ü¥O¦æ©I¥s·j´M (cn=Charlene Daniels)¡G
ldapsearch -h myServer -p 5201 -D "cn=directory manager" -w password
"(cn=Charlene Daniels)"¦b¦¹½d¨Ò¤¤¡A¨Ï¥Î sub ªº¹w³]½d³ò¡A¦]¬° -s ¿ï¶µ¤£¥Î©ó«ü©w½d³ò¡C
Åã¥ÜÄݩʪº¤l¶°
ldapsearch «ü¥O¥H LDIF ®æ¦¡¶Ç¦^©Ò¦³·j´Mµ²ªG¡C¨Ì¹w³]È¡Aldapsearch ¶Ç¦^¶µ¥Øªº¿ë§O¦WºÙ¡A¥H¤Î©Ò¦³±z¥i¥HŪ¨úªºÄÝ©Ê¡C±z¥i¥H³]©w¥Ø¿ý¦s¨ú±±¨î¡A³o¼Ë´N¥i¥H¥uŪ¨ú¥ô¦ó«ü©w¥Ø¿ý¶µ¥Ø¤WªºÄݩʤl¶°¡C¥u¦³¾Þ§@ÄÝ©Ê¥¼¶Ç¦^¡C¦pªG·Qn¶Ç¦^¾Þ§@Äݩʧ@¬°·j´M¾Þ§@ªºµ²ªG¡A±z¥²¶·¦b·j´M«ü¥O¤¤©ú½T¦a«ü©w¥¦Ì¡C¦p»ÝÃö©ó¾Þ§@Äݩʪº¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ Directory Server Administration Reference¡C
°²³]±z¤£·Qn¬Ý¨ì·j´Mµ²ªG¶Ç¦^ªº©Ò¦³ÄÝ©Ê¡C±z¥i¥H¦b·j´M¿z¿ï±ø¥ó¤§«á¥ß¨è¦b«ü¥O¦æ¤W«ü©w·QnªºÄÝ©Ê¡A±N¶Ç¦^ªºÄݩʨî¦b¬Y¨Ç¯S©wªºÄݩʽd³ò¤º¡C¨Ò¦p¡AYnÅã¥Ü¥Ø¿ý¤¤¨CÓ¶µ¥Øªº cn ©M sn ÄÝ©Ê¡A½Ð¨Ï¥Î¥H¤U«ü¥O¡G
ldapsearch -h myServer -p 5201 -D "cn=directory manager" -w password
"(objectclass=*)" sn cn¦¹½d¨Ò°²³]±z¥H LDAP_BASEDN ³]©w·j´M°ò¦¡C
·j´M¦h«ÈÄÝ©Ê
·j´M®É¡ADirectory Server ¤£¤@©w¨Ì±Æ§Ç¶¶§Ç¶Ç¦^¦h«ÈÄÝ©Ê¡C¨Ò¦p¡A°²³]±z·Qn·j´M cn=config ¤Wªº°t¸mÄÝ©Ê¡A¦bÅܧó¥Í®Ä¤§«e»Ýn«·s±Ò°Ê¦øªA¾¹¡C
ldapsearch -h myServer -p 5201 -D "cn=directory manager" -w password
-b cn=config "(objectclass=*)" nsslapd-requiresrestart¶Ç¦^¤U¦Cµ²ªG¡G
dn:cn=config
nsslapd-requiresrestart:cn=config:nsslapd-port
nsslapd-requiresrestart:cn=config:nsslapd-secureport
nsslapd-requiresrestart:cn=config:nsslapd-plugin
nsslapd-requiresrestart:cn=config:nsslapd-changelogdir
nsslapd-requiresrestart:cn=config:nsslapd-changelogsuffix
nsslapd-requiresrestart:cn=config:nsslapd-changelogmaxentries
nsslapd-requiresrestart:cn=config:nsslapd-changelogmaxage
nsslapd-requiresrestart:cn=config:nsslapd-db-locks
nsslapd-requiresrestart:cn=config:nsslapd-return-exact-case
nsslapd-requiresrestart:cn=config,cn=ldbm database,cn=plugins,
cn=config:nsslapd-allidsthreshold
nsslapd-requiresrestart:cn=config,cn=ldbm database,cn=plugins,
cn=config:nsslapd-dbcachesize
nsslapd-requiresrestart:cn=config,cn=ldbm database,cn=plugins,
cn=config:nsslapd-dbncache
nsslapd-requiresrestart:cn=config,cn=ldbm database,cn=plugins,
cn=config:nsslapd-directory
nsslapd-requiresrestart:cn=encryption,cn=config:nssslsessiontimeout
nsslapd-requiresrestart:cn=encryption,cn=config:nssslclientauth
nsslapd-requiresrestart:cn=encryption,cn=config:nssslserverauth
nsslapd-requiresrestart:cn=encryption,cn=config:nsssl2
nsslapd-requiresrestart:cn=encryption,cn=config:nsssl3
...¦p³oùةҥܡAnsslapd-requiresrestart Äݩʦ³¦hÓÈ¡C³o¨ÇȨS¦³¨Ì±Æ§Ç¶¶§Ç¡C¦pªG±z¶}µo»Ýn¦hÈÄÝ©Ê («ö±Æ§Ç¶¶§Ç±Æ¦C) ªºÀ³¥Îµ{¦¡¡A½Ð½T©w±zªºÀ³¥Îµ{¦¡·|°õ¦æ¦¹±Æ§Ç¡C
·j´M®É¨Ï¥Î¥Î¤áºÝÅçÃÒ
¦¹½d¨ÒÅã¥Ü¨Ï¥ÎªÌ cdaniels ¨Ï¥Î¥Î¤áºÝÅçÃÒ·j´M¥Ø¿ý¡J
ldapsearch -h myServer -p 636 -b "dc=example,dc=com"
-N "cdanielsscertname" -Z -W certdbpassword
-P /home/cdaniels/certdb/cert.db "(givenname=Richard)"LDAP ·j´M¿z¿ï±ø¥ó
·j´M¿z¿ï±ø¥ó¬°·j´M¾Þ§@¿ï¨ún¶Ç¦^ªº¶µ¥Ø¡C¥¦Ì¬O³Ì±`»P ldapsearch «ü¥O¦æ¤½¥Îµ{¦¡·f°t¨Ï¥Îªº¿z¿ï±ø¥ó¡C¨Ï¥Î ldapsearch ®É¡A±z¥i¥H¨Ï¥ÎÀɮפÀ¹j¦æ¤Wªº¨CÓ¿z¿ï±ø¥ó¡A¦bÀɮפ¤©ñ¸m¦h«·j´M¿z¿ï±ø¥ó¡A©ÎªÌ¥i¥Hª½±µ¦b«ü¥O¦æ¤W«ü©w·j´M¿z¿ï±ø¥ó¡C
¨Ò¦p¡A¤U¦C¿z¿ï±ø¥ó«ü©w·j´M¤@¯ë¦WºÙ Lucie Du Bois¡G
(cn=Lucie Du Bois)
¦¹·j´M¿z¿ï±ø¥ó¶Ç¦^©Ò¦³§t¤@¯ë¦WºÙ Lucie Du Bois ªº¶µ¥Ø¡C¤@¯ë¦WºÙȪº·j´M»P¤j¤p¼gµLÃö¡C
¤@¯ë¦WºÙÄݩʦ³©M»y¨¥¼ÐÅÒ¬ÛÃöªºÈ®É¡A·|¶Ç¦^©Ò¦³È¡C¦]¦¹¤U¦C¨âÓÄݩʳ£²Å¦X¦¹¿z¿ï±ø¥ó¡G
cn:Lucie Du Bois
cn;lang-fr:Lucie Du Bois
·j´M¿z¿ï±ø¥óªº»yªk
·j´M¿z¿ï±ø¥óªº°ò¥»»yªk¬O¡G
(attribute operator value)
¨Ò¦p¡G
(buildingname>=alpha)
¦b¦¹½d¨Ò¤¤¡Abuildingname ¬OÄÝ©Ê¡A>= ¬O¹Bºâ¤l¡A¦Ó alpha ¬OÈ¡C±z¤]¥i¥H©w¸q¨Ï¥Î¤£¦PÄÝ©Ê»P¥¬ªL¹Bºâ¤l²Õ¦Xªº¿z¿ï±ø¥ó¡C
¤U¦C¦U¸`¹ï·j´M¿z¿ï±ø¥ó¦³¸Ô²Óªº´yz¡G
¨Ï¥Î·j´M¿z¿ï±ø¥ó¤¤ªºÄÝ©Ê
·j´M¶µ¥Ø®É¡A±z¥i¥H«ü©w»P¸Ó¶µ¥ØÃþ«¬¦³ÃöªºÄÝ©Ê¡C¨Ò¦p¡A·j´M¤Hû¶µ¥Ø®É¡A±z¥i¥H¨Ï¥Î cn ÄÝ©Ê·j´M¦³¯S©w¤@¯ë¦WºÙªº¤Hû¡C
¤Hû¶µ¥ØªºÄݩʽd¨Ò¥i¯à¥]§t¡G
¦p»Ý¦C¥X»P¶µ¥ØÃþ«¬¦³ÃöªºÄÝ©Ê¡A½Ð°Ñ¾\ Directory Server Administration Reference¡C
¨Ï¥Î·j´M¿z¿ï±ø¥ó¤¤ªº¹Bºâ¤l
¦bªí 2-2 ¤¤¦C¥X¤F¥i¥H¦b·j´M¿z¿ï±ø¥ó¤¤¨Ï¥Îªº¹Bºâ¤l¡G
¦s¦b©µ¦ù·j´M¦Ü dn ÄÝ©Ê (¨Ò¦p cn:dn:=John)¡A¥H¤Î´£¨Ñ°ê»Ú¤Æ·j´M¤ä´©ªº©µ¦ù¹Bºâ¤l¡C
¨Ï¥Î·j´M¿z¿ï±ø¥ó¤¤ªº OID
LDAPv3 ¥iÅý±z¬°¯S©wÄݩʫإ߹ïÀ³¹Bºâ¤l¤Î³W«h¡C¹ïÀ³³W«h©w¸q¦p¦ó±NÄÝ©ÊÈ»P¯S©w»yªk¬Û¤ñ¸û¡C´«¥y¸Ü»¡¡A¹ïÀ³³W«h©w¸q¥i¯à¤ñ¸û¹ïÀ³Äݩʪº¤è¦¡¡C¨Ò¦p¡A¹ïÀ³³W«h¥i¥H©w¸q¤ñ¸ûÄݩʮɬO§_n¦Ò¶q¤å¦rªº¤j¤p¼g¡C
·í³W«h«Ø¥ß¤§«á¡A¥¦Ì¥i¥H¦b·j´M¿z¿ï±ø¥ó¤¤³Q°Ñ·Ó¡C
¨Ò¦p¡A¤U¦C·j´M¿z¿ï±ø¥ó¨Ï¥Î OID 2.5.13.5 ©Ò«ü©wªº¹ïÀ³³W«h¨Ó¤ñ¸û¥]§t©m¤ó¡uJensen¡vªº¶µ¥Ø¡C
(sn:2.5.13.5:=Jensen)
¤U¦C½d¨Ò¸Ñ»¡¨Ï¥Î¡u:dn¡vªí¥Üªk¨Óªí¥Ü OID 2.5.13.5 À³¸Ó¦b¤ñ¸û®É¨Ï¥Î¡A¨Ã¥B¶µ¥Øªº¿ë§O¦WºÙÄݩʦbµû¦ô¬O§_²Å¦X®ÉÀ³¸Ó³Qµø¬°¶µ¥Øªº¤@³¡¤À¡G
(sn:dn:2.5.13.5:=Jensen)
¨Ï¥Î½Æ¦X·j´M¿z¿ï±ø¥ó
¦p¤U©Ò¥Ü¡A¨Ï¥Î¦rºªí¥Üªk¤¤ªí¥Üªº¥¬ªL¹Bºâ¤l²Õ¦X¦hºØ·j´M¿z¿ï±ø¥ó¤¸¥ó¡G
(Boolean-operator(filter)(filter)(filter)...}
¨ä¤¤ Boolean-operator ¬O¦C¦bªí 2-3 ¤¤ªº¥ô¦ó¤@Ó¥¬ªL¹Bºâ¤l¡C
¥¬ªL¹Bºâ¤l¥i¥H²Õ¦X©M±_©~¦b¤@°_¥H§Î¦¨½ÆÂø¹Bºâ¦¡¡A¨Ò¦p¡G
(Boolean-operator(filter)(Boolean-operator(filter)(filter)))
¥i¥H»P·j´M¿z¿ï±ø¥ó¤@°_¨Ï¥Îªº¥¬ªL¹Bºâ¤l¥]¬A¡G
¥¬ªL¹Bºâ¦¡ªºµû¦ô¶¶§Ç¦p¤U¡G
¨Ï¥ÎÀɮ׫ü©w·j´M¿z¿ï±ø¥ó
±z¥i¥H±N·j´M¿z¿ï±ø¥ó¿é¤JÀɮסA¦Ó¤£¬O¿é¤J«ü¥O¦æ¤¤¡C³o¼Ë°µ®É¡A¦bÀɮפ¤ªº¤À¹j¦æ¤W«ü©w¨CÓ·j´M¿z¿ï±ø¥ó¡Cldapsearch «ü¨ä¦bÀɮפ¤¥X²{ªº¶¶§Ç°õ¦æ¨C¤@¦¸·j´M¡C
¨Ò¦p¡A¦pªGÀÉ®×¥]§t¡G
(sn=Daniels)
(givenname=Charlene)µM«á ldapsearch ¥ý§ä¥X©Ò¦³¥]§t©m¤ó Daniels ªº¶µ¥Ø¡AµM«á¦A§ä¥X¦³¦W¦r Charlene ªº©Ò¦³¶µ¥Ø¡C¦pªG§ä¨ì³£²Å¦X³o¨âÓ·j´M·Ç«hªº¶µ¥Ø¡A«h¶Ç¦^¶µ¥Ø¨â¦¸¡C
¨Ò¦p¡A°²³]±z¦b¦W¬° searchdb ªºÀɮפ¤«ü©w¤§«eªº·j´M¿z¿ï±ø¥ó¡A¦Ó¥B¨Ï¥Î LDAP_BASEDN ³]©w·j´M°ò¦¡C¤U¦C¶Ç¦^©Ò¦³²Å¦X¥ô¤@·j´M¿z¿ï±ø¥óªº¶µ¥Ø¡G
ldapsearch -h myServer -p 5201 -D "cn=directory manager" -w password
-f searchdb±z¥i¥H¨Ï¥Î«ü©w·Qn¥[¤J·j´M¦æ¥½ºÝªºÄݩʦWºÙ¥H¨î¶Ç¦^ªºÄݩʲաC¨Ò¦p¡A¤U¦Cªº ldapsearch «ü¥O¨âºØ·j´M³£°õ¦æ¡A¦ý¬O¥u¶Ç¦^ DN ©M¨CÓ¶µ¥Øªº givenname ©M sn ÄÝ©Ê¡G
ldapsearch -h myServer -p 5201 -D "cn=directory manager" -w password
-f searchdb sn givenname¦b·j´M¿z¿ï±ø¥ó¤¤«ü©w«D 7 ¦ì¤¸ ASCII ¦r¤¸
·j´M¿z¿ï±ø¥ó¤¤ªº«D 7 ¦ì¤¸ ASCII ¦r¤¸¥²¶·¥H¦r¤¸ªºªí¥Üªk¨Ó¨ú¥N¡A¨ä¤¤¨C¤@Ó UTF-8 ½s½Xªº¦ì¤¸²Õªº«e±¥[¤W¤Ï±×½u¡C¦b UTF-8 ¤¤¡A¦r¤¸¤¤ªº¨C¤@Ӧ줸²Õ¥H¤Q¤»¶i¦ì½Xªí¥Ü¡C
¨Ò¦p¡A¦r¤¸ ªº UTF-8 ªí¥Üªk¬° c3a9¡C¦]¦¹¡A¦b·j´M¿z¿ï±ø¥ó¤¤¡A±z±N ªí¥Ü¬° \c3\a9¡C©Ò¥H¡An·j´M cn=Vronique Martin¡G
ldapsearch -h myServer -b "dc=example,dc=com" "(cn=V\c3\a9ronique Martin)"
ªí 2-4 ¤¤¦C¥Xªº¯S®í¦r¤¸¦b·j´M¿z¿ï±ø¥ó¤¤¨Ï¥Î®É¤]¥²¶·¨Ì·Ó¦¹¤è¦¡ªí¥Ü¡C
ªí 2-4 ·j´M¿z¿ï±ø¥ó¤¤ªº¯S®í¦r¤¸
¯S®í¦r¤¸
§t¦³¯S®í¦r¤¸ªºÈ
¿z¿ï±ø¥ó½d¨Ò
*
Five*Star
(cn=Five\2aStar)
\
c:\File
(cn=\5cFile)
()
John (2nd)
(cn=John \282nd\29)
null
0004
(bin=\00\00\00\04)
©¿²¤·j´M¿z¿ï±ø¥ó¤¤¿ë§O¦WºÙ¤ºªº¦r¤¸
·í¦b Directory Server ªº¥ô¦ó³¡¤À¨Ï¥Î DN ®É¡A±z¥²¶·¥H¤Ï±×½u (\) ±N³r¸¹¤Î¬Y¨Ç¨ä¥L¯S®í¦r¤¸©¿²¤¡C¦pªG±z¦b·j´M¿z¿ï±ø¥ó¤¤¨Ï¥Î DN¡A«h¥Î©ó©¿²¤ DN ¤¤¯S®í¦r¤¸ªº¤Ï±×½u¥²¶·¥H \5c ªí¥Ü¡C¨Ò¦p¡G
DN:cn=Julie Fulmer,ou=Marketing\,Bolivia,dc=example,dc=com
DN in a search filter:ldapsearch -h myServer -b "dc=example,dc=com" "(manager=cn=Julie Fulmer,ou=Marketing\5c,Bolivia,dc=example,dc=com)"
·j´M¿z¿ï±ø¥ó½d¨Ò
¤U¦C·j´M¶µ¥Øªº¿z¿ï±ø¥ó§t¦³ºÞ²zûÄݩʪº¤@өΦhÓÈ¡C³o¤]ºÙ¬°¦s¦b·j´M¡G
(manager=*)
¤U¦C·j´M¶µ¥Øªº¿z¿ï±ø¥ó§t¦³¦@¥Îªº¦WºÙ Ray Kultgen¡C³o¤]ºÙ¬°¬Ûµ¥·j´M¡G
(cn=Ray Kultgen)
¤U¦C¿z¿ï±ø¥ó¶Ç¦^©Ò¦³¶µ¥Ø¡A³o¨Ç¶µ¥Ø¥]¬A§t¦³¤l¦r¦ê X.500 ªº´yzÄÝ©Ê¡G
(description=*X.500*)
¤U¦C¿z¿ï±ø¥ó¶Ç¦^©Ò¦³²Õ´³æ¦ì¬O Marketing¡A¥H¤Î´yzÄæ¦ì¤£§t¤l¦r¦ê X.500 ªº¶µ¥Ø¡G
(&(ou=Marketing)(!(description=*X.500*)))
¤U¦C¿z¿ï±ø¥ó¶Ç¦^©Ò¦³²Õ´³æ¦ì¬O Marketing¡A¦Ó¥BºÞ²zû¬O Julie Fulmer ©Î Cindy Zwaska ªº©Ò¦³¶µ¥Ø
(&(ou=Marketing)(|(manager=cn=Julie Fulmer,ou=Marketing,
dc=example,dc=com)(manager=cn=Cindy Zwaska,ou=Marketing,
dc=example,dc=com)))¤U¦C¿z¿ï±ø¥ó¶Ç¦^¤£¥Nªí¤Hûªº©Ò¦³¶µ¥Ø¡G
(!(objectClass=person))
½Ðª`·N¡A¤§«eªº¿z¿ï±ø¥ó¦³t±ªº®Ä¯à¼vÅT¡A¦Ó¥BÀ³¸Ó§@¬°½ÆÂø·j´Mªº¤@³¡¤À¨Ï¥Î¡C¤U¦C¿z¿ï±ø¥ó¶Ç¦^©Ò¦³¤£¥Nªí¤Hû©M¤@¯ë¦WºÙÃþ¦ü printer3b ªº©Ò¦³¶µ¥Ø¡G
(&(cn~=printer3b)(!(objectClass=person)))
·j´M¾Þ§@ÄÝ©Ê
¦pªG·Qn¶Ç¦^¾Þ§@Äݩʧ@¬°·j´M¾Þ§@ªºµ²ªG¡A±z¥²¶·¦b·j´M«ü¥O¤¤©ú½T¦a«ü©w¥¦Ì¡C
ldapsearch -h myServer -p 5201 -D "cn=directory manager" -w password
"(objectclass=*)" aciYnÂ^¨ú°£¤F©ú½T«ü©wªº¾Þ§@ÄÝ©Ê¥H¥~ªº³W«hÄÝ©Ê¡A½Ð«ü©w¾Þ§@ÄÝ©Ê°£¥~ªº¡u*¡v¡C¨Ò¦p¡G
ldapsearch -h myServer -p 5201 -D "cn=directory manager" -w password
"(objectclass=*)" aci *
·j´M°ê»Ú¤Æ¥Ø¿ý·í±z°õ¦æ·j´M§@·~®É¡A±z¥i¥Hn¨D¥Ø¿ý±Nµ²ªG¨Ì·Ó¦øªA¾¹¨ã¦³¤ä´©¤ñ¸û¶¶§Çªº¥ô¦ó»y¨¥¨Ó±Æ§Ç¡C¦p»Ý¥Ø¿ý©Ò¤ä´©¤§¤ñ¸û¶¶§Çªº²M³æ¡A½Ð°Ñ¾\ Directory Server Administration Reference¡C
¥»¸`µÛ«©ó ldapsearch »yªkªº¹ïÀ³³W«h¿z¿ï±ø¥ó³¡¤À¡C¦p»ÝÃö©ó¤@¯ë ldapsearch »yªkªº¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ LDAP ·j´M¿z¿ï±ø¥ó¡C¦p»ÝÃö©ó¨Ï¥Î Directory Server Console¡u¨Ï¥ÎªÌ©M¸s²Õ¡v³¡¤À·j´M°ê»Ú¤Æ¥Ø¿ýªº¸ê°T¡A½Ð°Ñ¾\½u¤W»¡©ú©Î Administration Server Administration Guide¡C
³o¤@¸`²[»\¤U¦C¥DÃD¡G
¹ïÀ³³W«h¿z¿ï±ø¥ó»yªk
¹ïÀ³³W«h´£¨Ñ¥Ø¿ý¦b·j´M§@·~¤¤¤ñ¸û¦r¦êªº¯S®í³W«h¡C¦b°ê»Ú·j´M¤¤¡A¹ïÀ³³W«h·|³qª¾¨t²Î¦b°õ¦æ·j´M§@·~®É©Òn¨Ï¥Îªº¤ñ¸û¶¶§Ç»P¹Bºâ¤l¡C¹ïÀ³³W«h¿z¿ï±ø¥óªº»yªk¦p¤U¡G
attr:matchingRule:=value
¨ä¤¤¡G
- attr ¬OÄÝ©ó±z·j´M¶µ¥Ø¤§ÄÝ©Ê¡A¦p cn ©Î mail
- matchingRule ¬OÃѧO¤ñ¸û¶¶§Ç©Î¤ñ¸û¶¶§Ç¤ÎÃöÁp¹Bºâ¤lªº¦r¦ê¡Aµø±z³ß¦nªº®æ¦¡¦Ó©w¡C¦p»Ý¹ïÀ³³W«h®æ¦¡ªº°Q½×¡A½Ð°Ñ¾\¹ïÀ³³W«h®æ¦¡¡C
- value ¬O±zn·j´MªºÄÝ©ÊÈ¡A©Î¬OÃöÁp¹Bºâ¤l¤Î±zn·j´MªºÄÝ©ÊÈ¡C¿z¿ï±ø¥óªºÈ³¡¤À¤§»yªkµø±z©Ò¨Ï¥Î¤§¹ïÀ³³W«h®æ¦¡¦Ó©w¡C
¹ïÀ³³W«h®æ¦¡
·j´M¿z¿ï±ø¥óªº¹ïÀ³³W«h³¡¤À¯à°÷¥H¤U¦C¤è¦¡ªí¥Ü¡G
¨C¤@ӿﶵªº»yªk¦b¤U¦C¦U¸`¤¤°Q½×¡G
¬°¹ïÀ³³W«h¨Ï¥Î OID
Directory Server ©Ò¤ä´©ªº¨CÓ»y¨¥Àô¹Ò³£¦³ÃöÁpªº¤ñ¸û¶¶§Ç OID¡C¦p»Ý¤ä´©ªº»y¨¥Àô¹Ò¤Î¬ÛÃöÁpªº OID ªº²M³æ¡A½Ð°Ñ¾\ Directory Server Administration Reference¡C
±z¥i¥H¦b¹ïÀ³³W«h·j´M±ø¥óªº¹ïÀ³³W«h³¡¤À¤¤¨Ï¥Î¤ñ¸û¶¶§Ç OID¡A¦p¤U©Ò¥Ü¡G
attr:OID:=(relational_operator value)
ÃöÁp¹Bºâ¤l¥]§t¦b¦r¦êªºÈ³¡¤À¡A¥H¤@ӪŮæ»Pȹj¶}¡C¨Ò¦p¡AYn¥H·ç¨å¤å¤ñ¸û¶¶§Ç·j´M N4709 ¤¤©Î¤§«áªº©Ò¦³ departmentNumber ÄÝ©Ê¡A½Ð¨Ï¥Î¤U¦C·j´M±ø¥ó¡G
departmentNumber:1.3.6.1.4.1.42.2.27.9.4.129.1:=>= N4709
¬°¹ïÀ³³W«h¨Ï¥Î»y¨¥¼ÐÅÒ
Directory Server ©Ò¤ä´©ªº¨CÓ»y¨¥Àô¹Ò³£¦³ÃöÁpªº»y¨¥¼ÐÅÒ¡C¦p»Ý¤ä´©ªº»y¨¥Àô¹Ò¤Î¬ÛÃöÁpªº»y¨¥¼ÐÅÒªº²M³æ¡A½Ð°Ñ¾\ Directory Server Administration Reference¡C
±z¥i¥H¦b¹ïÀ³³W«h·j´M±ø¥óªº¹ïÀ³³W«h³¡¤À¤¤¨Ï¥Î»y¨¥¼ÐÅÒ¡A¦p¤U©Ò¥Ü¡G
attr:language-tag:=(relational_operator value)
ÃöÁp¹Bºâ¤l¥]§t¦b¦r¦êªºÈ³¡¤À¡A¥H¤@ӪŮæ»Pȹj¶}¡C¨Ò¦p¡AYn¨Ï¥Î¦è¯Z¤ú¤å¤ñ¸û¶¶§Ç©ó¥Ø¿ý¤¤·j´M§t¦³ estudiante Ȫº©Ò¦³´yzÄÝ©Ê¡A½Ð¨Ï¥Î¤U¦C·j´M±ø¥ó¡G
description:es:== estudiante
¬°¹ïÀ³³W«h¨Ï¥Î OID ¤Î§À½X
§@¬°¨Ï¥ÎÃöÁp¹Bºâ¤l-È°t¹ïªº´À¥N¤è¦¡¡A±z¥i¥H¦b·j´M±ø¥óªº¹ïÀ³³W«h³¡¤À¡A©ó OID «á±ªþ¥[¤@Ó¥Nªí¯S©w¹Bºâ¤lªº§À½X¡C±N OID »P§À½Xµ²¦X¡A¦p¤U©Ò¥Ü¡G
attr:OID+suffix:=value
¨Ò¦p¡AYn¥H¼w¤å¤ñ¸û¶¶§Ç·j´M§t¦³È Softwareprodukte ªº businessCategory ÄÝ©Ê¡A½Ð¨Ï¥Î¤U¦C·j´M±ø¥ó¡G
businessCategory:1.3.6.1.4.1.42.2.27.9.4.28.1.3:=Softwareprodukte
¤W¤@Ó½d¨Ò¤¤ªº .3 ¬°¬Ûµ¥§À½X¡C
¬°¹ïÀ³³W«h¨Ï¥Î»y¨¥¼ÐÅҤΧÀ½X
§@¬°¨Ï¥ÎÃöÁp¹Bºâ¤l-È°t¹ïªº´À¥N¤è¦¡¡A±z¥i¥H¦b·j´M±ø¥óªº¹ïÀ³³W«h³¡¤À¡A©ó»y¨¥¼ÐÅҫᱪþ¥[¤@Ó¥Nªí¯S©w¹Bºâ¤lªº§À½X¡C±N»y¨¥¼ÐÅÒ»P§À½Xµ²¦X¡A¦p¤U©Ò¥Ü¡G
attr:language-tag+suffix:=value
¨Ò¦p¡AYn¥Hªk¤å¤ñ¸û¶¶§Ç·j´M La Salle ©Î¤§«áªº©Ò¦³©m¤ó¡A½Ð¨Ï¥Î¤U¦C·j´M±ø¥ó¡G
sn:fr.4:=La Salle
¦b¹ïÀ³³W«h¿z¿ï±ø¥ó¤¤¨Ï¥Î¸U¥Î¦r¤¸
·í±z¨Ï¥Î¹ïÀ³³W«h¿z¿ï±ø¥ó°õ¦æ¤l¦r¦ê·j´M®É¡A¥i¥H¨Ï¥Î¬P¸¹ (*) ¦r¤¸§@¬°¸U¥Î¦r¤¸¨Óªí¥Ü¹s©Î¦hÓ¦r¤¸¡C
¨Ò¦p¡AYn·j´M¥H¦r¥À k ¶}ÀY¨Ã¥H¦r¥À n µ²§ÀªºÄÝ©ÊÈ¡A±z¥i¥H¦b¿z¿ï±ø¥óªºÈ³¡¤À¿é¤J k*n¡C¦P¼Ë¦a¡AYn·j´M¥H¦r¥À u ¶}ÀYªº©Ò¦³ÄÝ©ÊÈ¡A±z¥i¥H¦b¿z¿ï±ø¥óªºÈ³¡¤À¿é¤J u*¡C
Yn·j´M¥]§t¬P¸¹ (*) ¦r¤¸ªºÈ¡A±z¥²¶·©¿²¤¬P¸¹¦r¤¸¡C
¤ä´©ªº·j´MÃþ«¬
¥Ø¿ý¦øªA¾¹¤ä´©¤U¦C°ê»Ú·j´MÃþ«¬¡G
ªñ¦ü©Î«÷µ©M¦s¦b·j´M¶È¦b^¤å¤¤¤ä´©¡C
¦Ü©ó¤@¯ë ldapsearch ·j´M§@·~¡A°ê»Ú·j´M¨Ï¥Î¹Bºâ¤l¨Ó©w¸q·j´MÃþ«¬¡CµM¦Ó¡A·í©I¥s°ê»Ú·j´M®É¡A¦b·j´M±ø¥óªº¹ïÀ³³W«h³¡¤À¤¤¡A±z¥i¥H©ó·j´M¦r¦êªºÈ³¡¤À¨Ï¥Î¼Ð·Ç¹Bºâ¤l (=¡B>=¡B>¡B<¡B<=)¡A©Î¨Ï¥ÎºÙ¬°§À½X (¤£·|»P¥Ø¿ý§À½X²V²c) ªº¯S®íÃþ«¬¹Bºâ¤l¡Cªí 2-5 ²n¦C¥X¨C¤@Ó·j´MÃþ«¬¡B¹Bºâ¤l¤Î¹ïµ¥ªº§À½X¡C
ªí 2-5 ·j´MÃþ«¬¡B
¹Bºâ¤l¤Î§À½X·j´MÃþ«¬
¹Bºâ¤l
§À½X
¤p©ó
<
.1
¤p©ó©Îµ¥©ó
<=
.2
¬Ûµ¥
=
.3
¤j©ó©Îµ¥©ó
>=
.4
¤j©ó
>
.5
¤l¦r¦ê
*
.6
°ê»Ú·j´M½d¨Ò
¤U¦C¦U¸`Åã¥Ü¦p¦ó¦b¥Ø¿ý¸ê®Æ¤W°õ¦æ°ê»Ú·j´Mªº½d¨Ò¡C¨C¤@Ó½d¨Ò´£¨Ñ©Ò¦³¥i¯àªº¹ïÀ³³W«h¿z¿ï±ø¥ó®æ¦¡¡A¥H«K±z¥i¥H¼ô±x³o¨Ç®æ¦¡¨Ã¿ï¾Ü³Ì¾A¦X±zªº®æ¦¡¡C
¤p©ó½d¨Ò
·í±z¨Ï¥Î¤p©ó¹Bºâ¤l (<) ©Î§À½X (.1) °õ¦æ»y¨¥Àô¹Ò¯S©wªº·j´M®É¡A±z±N¥H¯S©w¤ñ¸û¶¶§Ç·j´M«ü©wÄݩʤ§«eªº©Ò¦³ÄÝ©ÊÈ¡C
¨Ò¦p¡AYn¥H¦è¯Z¤ú¤å¤ñ¸û¶¶§Ç·j´M©m¤ó Marquez ¤§«eªº©Ò¦³©m¤ó¡A±z¥i¥H¨Ï¥Î¤U¦C¥ô¦ó¤@ºØ¹ïÀ³³W«h·j´M±ø¥ó¡G
sn:1.3.6.1.4.1.42.2.27.9.4.49.1:=< Marquez
sn:es:=< Marquez
sn:1.3.6.1.4.1.42.2.27.9.4.49.1.1:=Marquez
sn:es.1:=Marquez¤p©ó©Îµ¥©ó½d¨Ò
·í±z¨Ï¥Î¤p©ó©Îµ¥©ó¹Bºâ¤l (<=) ©Î§À½X (.2) °õ¦æ»y¨¥Àô¹Ò¯S©wªº·j´M®É¡A±z±N¥H¯S©w¤ñ¸û¶¶§Ç·j´M«ü©wÄݩʤ¤©Î¤§«eªº©Ò¦³ÄÝ©ÊÈ¡C
¨Ò¦p¡AYn¥H¦I¤ú§Q¤å¤ñ¸û¶¶§Ç·j´M©Ð¶¡¸¹½X CZ422 ©Î¤§«eªº©Ò¦³©Ð¶¡¸¹½X¡A±z¥i¥H¨Ï¥Î¤U¦C¥ô¦ó¤@ºØ¹ïÀ³³W«h·j´M±ø¥ó¡G
roomNumber:1.3.6.1.4.1.42.2.27.9.4.88.1:=<= CZ422
roomNumber:hu:=<= CZ422
roomNumber:1.3.6.1.4.1.42.2.27.9.4.88.1.2:=CZ422
roomNumber:hu.2:=CZ422¬Ûµ¥½d¨Ò
·í±z¨Ï¥Îµ¥©ó¹Bºâ¤l (=) ©Î§À½X (.3) °õ¦æ»y¨¥Àô¹Ò¯S©wªº·j´M®É¡A±z±N¥H¯S©w¤ñ¸û¶¶§Ç·j´M²Å¦X«ü©wÄݩʪº©Ò¦³ÄÝ©ÊÈ¡C
¨Ò¦p¡AYn¥H¼w¤å¤ñ¸û¶¶§Ç·j´M§t¦³È Softwareprodukte ªº©Ò¦³ businessCategory ÄÝ©Ê¡A½Ð¨Ï¥Î¤U¦C¹ïÀ³³W«h·j´M±ø¥ó¡G
businessCategory:1.3.6.1.4.1.42.2.27.9.4.28.1:== Softwareprodukte
businessCategory:de:== Softwareprodukte
businessCategory:1.3.6.1.4.1.42.2.27.9.4.28.1.3:=Softwareprodukte
businessCategory:de.3:=Softwareprodukte¤j©ó©Îµ¥©ó½d¨Ò
·í±z¨Ï¥Î¤j©ó©Îµ¥©ó¹Bºâ¤l (>=) ©Î§À½X (.4) °õ¦æ»y¨¥Àô¹Ò¯S©wªº·j´M®É¡A±z±N¥H¯S©w¤ñ¸û¶¶§Ç·j´M«ü©wÄݩʤ¤©Î¤§«áªº©Ò¦³ÄÝ©ÊÈ¡C
¨Ò¦p¡AYn¥Hªk¤å¤ñ¸û¶¶§Ç·j´M Qubec ©Î¤§«áªº©Ò¦³¦ì¸m¡A±z¥i¥H¨Ï¥Î¤U¦C¥ô¦ó¤@ºØ¹ïÀ³³W«h·j´M±ø¥ó¡G
locality:1.3.6.1.4.1.42.2.27.9.4.76.1:=>= Qubec
locality:fr:=>= Qubec
locality:1.3.6.1.4.1.42.2.27.9.4.76.1.4:=Qubec
locality:fr.4:=Qubec¤j©ó½d¨Ò
·í±z¨Ï¥Î¤j©ó¹Bºâ¤l (>) ©Î§À½X (.5) °õ¦æ»y¨¥Àô¹Ò¯S©wªº·j´M®É¡A±z±N¥H¯S©w¤ñ¸û¶¶§Ç·j´M«ü©wÄݩʤ¤©Î¤§«eªº©Ò¦³ÄÝ©ÊÈ¡C
¨Ò¦p¡AYn¥H±¶§J¤å¤ñ¸û¶¶§Ç·j´M¥D¾÷ schranka4 ¤§«áªº©Ò¦³¶l¥ó¥D¾÷¡A±z¥i¥H¨Ï¥Î¤U¦C¥ô¦ó¤@ºØ¹ïÀ³³W«h·j´M±ø¥ó¡G
mailHost:1.3.6.1.4.1.42.2.27.9.4.26.1 :=> schranka4
mailHost:cs:=> schranka4
mailHost:1.3.6.1.4.1.42.2.27.9.4.26.1.5:=schranka4
mailHost:cs.5:=schranka4¤l¦r¦ê½d¨Ò
·í±z°õ¦æ°ê»Ú¤l¦r¦ê·j´M®É¡A±z±N¥H¯S©w¤ñ¸û¶¶§Ç·j´M²Å¦X«ü©w¼Ò¦¡ªº©Ò¦³È¡C
¨Ò¦p¡AYn¥H¤¤¤å¤ñ¸û¶¶§Ç·j´M¥H ming µ²§Àªº©Ò¦³¨Ï¥ÎªÌ ID¡A±z¥i¥H¨Ï¥Î¤U¦C¥ô¦ó¤@ºØ¹ïÀ³³W«h·j´M±ø¥ó¡G
uid:1.3.6.1.4.1.42.2.27.9.4.143.1:=* *ming
uid:zh:=* *ming
uid:1.3.6.1.4.1.42.2.27.9.4.143.1.6:=*ming
uid:zh.6:=*ming
¨Ï¥Î DSMLv2 ¦s¨ú¥Ø¿ý¤U¦C½d¨Ò«ü¥X¦p¦ó¨Ï¥Î DSML n¨D¦s¨ú©M·j´M¥Ø¿ý¡C¦p»ÝÃö©ó DSMLv2 ¼Ð·Çªº DSML ¬ÛÃöÄÝ©Ê©M¸ê°Tªº§¹¾ã²M³æ¡A½Ð°Ñ¾\ Directory Server Administration Reference¡C
¥»¸`¥]§t¤U¦C½d¨Ò¡G
½Ðª`·N¡A³o¨Ç½d¨Ò¤¤ªº content-length: ¼ÐÀY§t¦³ DSMLv2 n¨Dªººë½Tªø«×¡C¬°¤F¨Ï³o¨Ç½d¨Ò¥¿±`¹B§@¡A½Ð½T©w±z¨Ï¥Îªº½s¿è¾¹¿í·Ó³o¨Ç¤º®eªø«×¡A©Î¬O±z¥i¥H¾A·í¦aק鷺®eªø«×¡C
ªÅ°Î¦W DSML "Ping" n¨D
¨Ì¹w³]È°±¥Î DSML «eºÝ¡C¦p»Ý¦³Ãö¦p¦ó±Ò¥Î¥¦ªº¸ê°T¡A½Ð°Ñ¾\±Ò¥Î DSML n¨D¡CYnÀˬd¬O§_±Ò¥Î DSML «eºÝ¡A¦pµ{¦¡½X½d¨Ò 2-1 ©Ò¥Ü¶Ç°eªÅ DSML §å¦¸n¨D¡G
µ{¦¡½X½d¨Ò 2-1 ªÅ°Î¦W DSML n¨D
¦¹ DSML n¨Dªº²Ä¤@¬q§t¦³³s±µ«Ü¦h HTTP ¼ÐÀYªº HTTP ¤èªk¦æ (POST /dsml HTTP/1.1)¡CHTTP ¤èªk¦æ«ü©w HTTP ¤èªkn¨D©M DSML «eºÝ¨Ï¥Îªº URL¡CPOST ¬O DSML «eºÝ±µ¨üªº°ß¤@ HTTP ¤èªkn¨D¡C/dsml URL ¬O Directory Server ªº¹w³] URL¡A¦ý¥i¥H¥Ñ¥ô¦ó¨ä¥L¦³®Äªº URL °t¸m¡C±µµÛªº HTTP ¼ÐÀY«ü©w DSML n¨Dªº³Ñ¾l¸Ô²Ó¸ê°T¡C
- content-length: 451
«ü©w SOAP/DSML n¨Dªººë½Tªø«×- HOST:hostMachine
«ü©w¥¿¦bÁpµ¸ªº¥D¾÷ Directory Server ¦WºÙ¡C- SOAPAction:
¬O±j¨î©Êªº¡A¦Ó¥B³qª¾¥Ø¿ý±z·Qn¦b HTTP/SOAP °ïÅ|¤W°õ¦æ DSML n¨D¡C¦ý¤]¥i¯à¯dªÅ¡C- Content-Type:text/xml
¥²¶·¦³©w¸q¤º®e¬° XML ªº text/xml È¡C- Connection:close
º¡¨¬n¨D«á¡A«ü©wÃö³¬³s½u (¹w³]ªº HTTP/1.1 ¹B§@¤è¦¡¬Oºû«ù³s½u¶}±Ò¡C)n¨Dªº¨ä¾l³¡¤À¬O SOAP/DSML °Ï¬q¡CDSML n¨D¥H XML «e¨¥¼ÐÀY¶}©l¡C
<?xml version=¡¦1.0¡¦ encoding=¡¦UTF-8¡¦?>
³oØ«©w¥²¶·¥H UTF-8 ¦r¤¸¶°½s½Xªºn¨D¡C¼ÐÀY«á±±µµÛ§t¦³±j¨î¥[¤J XML ¼Ò¦¡¡BXML ¼Ò¦¡°õ¦æÓÅé©M SOAP ¦WºÙªÅ¶¡ªº±j¨î½d³ò©M¥DÅ餸¯À¡C
DSML §å¦¸n¨D¤¸¯À¼Ð°O DSML §å¦¸n¨Dªº¶}©l¡A¦Ó¥B«á±ÀH§Y±µµÛ±j¨î¥[¤J DSMLv2 ¦WºÙªÅ¶¡¡G
xmlns=¡¦urn:oasis:names:tc:DSML:2:0:core¡¦
¥Ñ¥H¤Uªºn¨D ID ¿ï¾Ü©ÊªºÃѧOn¨D
requestID=¡¦Ping!¡¦>
ªÅ§å¦¸n¨D
<!-- empty batch request -->
¥H XML §@µù¸Ñ¡A¦Ó¥B¨Ï¥ÎÃö³¬§å¦¸n¨D¡BÃö³¬ SOAP ¥DÅé©MÃö³¬ SOAP ½d³ò¤¸¯ÀÃö³¬ SOAP/DSML §å¦¸n¨D¡C
¦pªG±Ò¥Î DSML «eºÝ¡A«h¶Ç¦^ªÅªº DSML ¦^À³¡A¦pµ{¦¡½X½d¨Ò 2-2 ¤¤©Ò¥Ü¡C
µ{¦¡½X½d¨Ò 2-2 ªÅ°Î¦W DSML n¨D¦^À³
HTTP/1.1 200 OK
Cache-control: no-cache
Connection: close
Date: Mon, 09 Sep 2002 13:56:49 GMT
Accept-Ranges: none
Server: Sun-ONE-Directory/5.2
Content-Type: text/xml; charset="utf-8"
Content-Length: 500
<?xml version=¡¦1.0¡¦ encoding=¡¦UTF-8¡¦ ?>
<soap-env:Envelope
xmlns:xsd=¡¦http://www.w3.org/2001/XMLSchema¡¦
xmlns:xsi=¡¦http://www.w3.org/2001/XMLSchema-instance¡¦
xmlns:soap-env=¡¦http://schemas.xmlsoap.org/soap/envelope/¡¦
>
<soap-env:Body>
<batchResponse
xmlns:xsd=¡¦http://www.w3.org/2001/XMLSchema¡¦
xmlns:xsi=¡¦http://www.w3.org/2001/XMLSchema-instance¡¦
xmlns=¡¦urn:oasis:names:tc:DSML:2:0:core¡¦
requestID=¡¦Ping!¡¦
>
</batchResponse>
</soap-env:Body>
</soap-env:Envelope>
¦pªG¨S¦³¶Ç¦^¥ô¦ó¶µ¥Ø¡A¥i¥H±ÀÂ_«eºÝ¤w¸g°±¥Î¡C
³Ì¤j¼Æ¥Ø¨î¦P®É³s±µ¦Ü¥Ø¿ý©M DSML n¨Dªº¤Ø¤o¤§¥Î¤áºÝ¼Æ¥Ø¡C¥Î¤áºÝ¼Æ¥Øªº¨î¥Ñ ds-dsml-poolsize ©M ds-dsml-poolmaxsize ÄÝ©Ê«ü©w¡An¨D¤j¤p¨î¥Ñ ds-dsml-requestmaxsize ÄÝ©Ê«ü©w¡C¦p»ÝÃö©ó DSML ¬ÛÃöÄݩʪº¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ Directory Server Administration Reference¡C
§@¬°¯S©w¨Ï¥ÎªÌµo¥X DSML ³sµ²n¨D
Ynµo¥X DSML n¨D¡A±z¥i¥H¥H«ü©wªº¨Ï¥ÎªÌ©Î°Î¦W¨¥÷³sµ²¦Ü¥Ø¿ý¡CYn¥H«ü©wªº¨Ï¥ÎªÌ¨¥÷³sµ²¡An¨D¥²¶·¥]¬A HTTP ±ÂÅv¼ÐÀY¡A¸Ó¼ÐÀY§t¦³ UID ©M¹ï¬M DN ªº±K½X¡A¦pµ{¦¡½X½d¨Ò 2-3 ¤¤©Ò¥Ü¡C
µ{¦¡½X½d¨Ò 2-3 DSML ©µ¦ù§@·~¡G§@¬°¯S©w¨Ï¥ÎªÌ³sµ²
POST /dsml HTTP/1.1
content-length: 578
Content-Type: text/xml; charset="utf-8"
HOST: hostMachine
Authorization: Basic ZWFzdGVyOmVnZw==
SOAPAction: ""
Connection: close
<?xml version=¡¦1.0¡¦ encoding=¡¦UTF-8¡¦?>
<soap-env:Envelope
xmlns:xsd=¡¦http://www.w3.org/2001/XMLSchema¡¦
xmlns:xsi=¡¦http://www.w3.org/2001/XMLSchema-instance¡¦
xmlns:soap-env=¡¦http://schemas.xmlsoap.org/soap/envelope/¡¦>
<soap-env:Body>
<batchRequest
xmlns=¡¦urn:oasis:names:tc:DSML:2:0:core¡¦>
<extendedRequest>
<requestName>1.3.6.1.4.1.4203.1.11.3</requestName>
</extendedRequest>
</batchRequest>
</soap-env:Body>
</soap-env:Envelope>
¦b¦¹½d¨Ò¤¤¡AHTTP ±ÂÅv¼ÐÀY¶Ç°e uid ¬° easter ©M±K½X¬° egg¡A²M´·¦a¥H easter:egg Åã¥Ü¡A¦Ó¥B¥H base64 ½s½X¦¨¬° Authorization:Basic ZWFzdGVyOmVnZw==¡C
<extendedRequest> ¼ÐÅҥΩó«ü©w LDAP ©µ¦ù§@·~¡C<requestName> ¼ÐÅҥΩó«ü©w©µ¦ù§@·~ªº OID¡C¦b¦¹½d¨Ò¤¤¡AOID 1.3.6.1.4.1.4203.1.11.3 ÃѧO whoami ©µ¦ù§@·~¡C
¹ï DSML ©µ¦ù§@·~ªº¦^À³Åã¥Ü´£¥X³sµ²n¨Dªº¨Ï¥ÎªÌ¤§ DN¡C¦bµ{¦¡½X½d¨Ò 2-4 ¤¤¡Awhoami ¦^À³ (¥]§t DN) Åã¥Ü©ó¦¹¦æ¤¤¡G<response>dn:uid=easter,ou=people,dc=france,dc=sun,dc=com</response>.
¦p»Ý¦³Ãö whoami ©µ¦ù§@·~ªº¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ http://www.ietf.org/internet-drafts/draft-zeilenga-ldap-authzid-08.txt¡C
µ{¦¡½X½d¨Ò 2-4 DSML ©µ¦ù§@·~ªº¦^À³
HTTP/1.1 200 OK
Cache-control: no-cache
Connection: close
Date: Fri, 30 Jul 2004 09:15:09 GMT
Accept-Ranges: none
Server: Sun-ONE-Directory/5.2
Content-Type: text/xml; charset="utf-8"
Content-Length: 697
<?xml version=¡¦1.0¡¦ encoding=¡¦UTF-8¡¦ ?>
<soap-env:Envelope
xmlns:xsd=¡¦http://www.w3.org/2001/XMLSchema¡¦
xmlns:xsi=¡¦http://www.w3.org/2001/XMLSchema-instance¡¦
xmlns:soap-env=¡¦http://schemas.xmlsoap.org/soap/envelope/¡¦
>
<soap-env:Body>
<batchResponse
xmlns:xsd=¡¦http://www.w3.org/2001/XMLSchema¡¦
xmlns:xsi=¡¦http://www.w3.org/2001/XMLSchema-instance¡¦
xmlns=¡¦urn:oasis:names:tc:DSML:2:0:core¡¦
>
<extendedResponse>
<resultCode code=¡¦0¡¦ descr=¡¦success¡¦/>
<responseName>1.3.6.1.4.1.4203.1.11.3</responseName>
<response>dn:uid=easter,ou=people,dc=france,dc=sun,dc=com</response>
</extendedResponse>
</batchResponse>
</soap-env:Body>
</soap-env:Envelope>
Ãö©ó°Î¦W¦s¨ú¡A°Î¦W¦s¨ú±`¦³ÄY®æªº¦s¨ú±±¨î¡A¦Ó¥B¥i¯à¦³¸ê®Æ¦s¨úªº¨î¡A¦ý¤£»Ýn¥ô¦ó HTTP ±ÂÅv¼ÐÀY¡C¦P¼Ë¦a¡A±z¥i¥Hµo¥X DSML n¨D¥H LDAP ¥N²zÅv°õ¦æ LDAP §@·~¡C
¦]¬° DSML n¨DªººÞ²z¥H§å¦¸¬°°ò¦¡A¦pªG±znµo¦æ LDAP ¥N²zÅvªºn¨D¡A©Ò»Ýªº DSML ¥N²zÅçÃÒn¨D¥²¶·¬O«ü©wn¨D§å¦¸¤¤ªº²Ä¤@Ó¡C
DSML ·j´Mn¨D
µ{¦¡½X½d¨Ò 2-5 Åã¥Ü®Ú DSE ¶µ¥Ø¤Wªº DSML °ò¦ª«¥ó·j´Mn¨D¡C
µ{¦¡½X½d¨Ò 2-5 DSML ·j´Mn¨D
POST /dsml HTTP/1.1
HOST: hostMachine
Content-Length: 1081
Content-Type: text/xml
SOAPAction: ""
Connection: close
<?xml version=¡¦1.0¡¦ encoding=¡¦UTF-8¡¦?>
<soap-env:Envelope
xmlns:xsd=¡¦http://www.w3.org/2001/XMLSchema¡¦
xmlns:xsi=¡¦http://www.w3.org/2001/XMLSchema-instance¡¦
xmlns:soap-env=¡¦http://schemas.xmlsoap.org/soap/envelope/¡¦
>
<soap-env:Body>
<batchRequest
xmlns=¡¦urn:oasis:names:tc:DSML:2:0:core¡¦
requestID=¡¦Batch of search requests¡¦
>
<searchRequest
dn=""
requestID="search on Root DSE"
scope="baseObject"
derefAliases="neverDerefAliases"
typesOnly="false"
>
<filter>
<present name="objectClass"/>
</filter>
<attributes>
<attribute name="namingContexts"/>
<attribute name="supportedLDAPversion"/>
<attribute name="vendorName"/>
<attribute name="vendorVersion"/>
<attribute name="supportedSASLMechanisms"/>
</attributes>
</searchRequest>
</batchRequest>
</soap-env:Body>
</soap-env:Envelope>
¦b¦¹½d¨Ò¤¤¡G
- dn=""
requestID="search on Root DSE"
«ü©w®Ú DSE ¶µ¥Ø¤Uªº·j´M§@·~n¨D¸ê®Æ (ªÅ DN)¡A¦Ó¥B¥Ñ¿ï¥Îªºn¨D ID ÄÝ©ÊÃѧO¡C- scope="baseObject"
«ü©w·j´M¬O°ò¦ª«¥ó·j´M¡C- derefAliases="neverDerefAliases"
·j´M©Î§ä¥X·j´Mªº°ò¦ª«¥ó®É¡A«ü©w¤£À³¸Ñ°£°Ñ¦Òªº§O¦W¡C³o¬O Directory Server ¤ä´©ªº°ß¤@ derefAliases È¡C- typesOnly="false"
«ü©wn¶Ç¦^ªºÄݩʦWºÙ¤Î¨äÈ¡CtypesOnly="true" ¥u¶Ç¦^ÄݩʦWºÙ¡C¦¹Äݩʪº¹w³]Ȭ°°²¡CÃö©ó²Å¦X¿z¿ï±ø¥óªº¶µ¥Ø¡A¨Ì¤U¦C¨Ï¥Î¥X²{ªº objectclass ¿z¿ï±ø¥ó¡G
<filter>
<present name="objectClass"/>
</filter>³oµ¥¦P©ó LDAP ¿z¿ï±ø¥ó¦r¦ê (objectclass=*)¡C¿z¿ï±ø¥ó«á±¬°©Ò»ÝÄݩʲM³æ¡G
<attributes>
<attribute name="namingContexts"/>
<attribute name="supportedLDAPversion"/>
<attribute name="vendorName"/>
<attribute name="vendorVersion"/>
<attribute name="supportedSASLMechanisms"/>
</attributes>DSML ·j´M¦^À³ªº½d¨ÒÅã¥Ü©óµ{¦¡½X½d¨Ò 2-6 ¤¤¡C
µ{¦¡½X½d¨Ò 2-6 DSML ·j´M¦^À³
HTTP/1.1 200 OK
Cache-control:no-cache
Connection:close
Date: Fri, 30 Jul 2004 09:21:43 GMT
Accept-Ranges: none
Server: Sun-ONE-Directory/5.2
Content-Type: text/xml; charset="utf-8"
Content-Length: 1287
<?xml version=¡¦1.0¡¦ encoding=¡¦UTF-8¡¦ ?>
<soap-env:Envelope
xmlns:xsd=¡¦http://www.w3.org/2001/XMLSchema¡¦
xmlns:xsi=¡¦http://www.w3.org/2001/XMLSchema-instance¡¦
xmlns:soap-env=¡¦http://schemas.xmlsoap.org/soap/envelope/¡¦
>
<soap-env:Body>
<batchResponse
xmlns:xsd=¡¦http://www.w3.org/2001/XMLSchema¡¦
xmlns:xsi=¡¦http://www.w3.org/2001/XMLSchema-instance¡¦
xmlns=¡¦urn:oasis:names:tc:DSML:2:0:core¡¦
requestID=¡¦Batch of search requests¡¦
>
<searchResponse requestID=¡¦search on Root DSE¡¦>
<searchResultEntry>
<attr name=¡¦namingContexts¡¦>
<value>dc=france,dc=sun,dc=com</value>
<value>o=NetscapeRoot</value>
</attr>
<attr name=¡¦supportedLDAPVersion¡¦>
<value>2</value>
<value>3</value>
</attr>
<attr name=¡¦vendorName¡¦>
<value>Sun Microsystems, Inc.</value>
</attr>
<attr name=¡¦vendorVersion¡¦>
<value>Sun-ONE-Directory/5.2</value>
</attr>
<attr name=¡¦supportedSASLMechanisms¡¦>
<value>EXTERNAL</value>
<value>GSSAPI</value>
<value>DIGEST-MD5</value>
</attr>
</searchResultEntry>
<searchResultDone>
<resultCode code=¡¦0¡¦ descr=¡¦success¡¦/>
</searchResultDone>
</searchResponse>
</batchResponse>
</soap-env:Body>
</soap-env:Envelope>