The ABCs of LDAP: How to Install, Run, and Administer LDAP Services

The first thing you have to do is configure your directory server. You do this by setting up the root of your directory tree and then including the schemas you are going to use.

The root of our directory tree is "o = ldap_abc.de," where "o" stands for "organization." Chapter 3 provides more details about selecting the directory root. Most commercial products have only a few predefined schemas. They also have a graphical user interface to browse through the object classes and attributes that are known by the directory server. The vendor documentation provides specific details. The OpenLDAP software that we are using has one simple configuration file where you can set up the root DN and select the schema files you wish to use.

Next, you will need to set up the distinguished name (DN) and the password of the LDAP administrator. For our example, we will choose:

DN: uid=Administrator, o=ldap_abc.de Password: pass1

Using the i-planet directory server, you have to set up DN and password, the administrator password, and the server's port number during software installation. Other commercial products behave similarly.

As mentioned previously, when using OpenLDAP, you have to include the schema files you are going to use. For this example, you need the object class "inetOrgPerson," so make sure you include the schema file where the inetOrgPerson class is defined. To complete the examples that follow, you must include the following schemas:

• core.schema for the basic classes and attributes

• cosine.schema for some useful extensions as defined by RFC 1274, such as userID, mail, etc.

• inetorgperson.schema for some further extensions needed for additional attributes as specified in RFC 2798