サポートと今すぐチャット
サポートとのチャット

Privilege Manager for Unix 7.3 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

ldap_next_attribute

Syntax
string ldap_next_attribute(int ldapid, ldapentry entry[, boolean trace])
Description

ldap_next_attribute returns the next attribute name in the ldapentry returned by a previous call to ldap_first_entry or ldap_next_entry.

If the optional trace parameter is set to true, any errors or warnings from the LDAP function are written to stdout.

Example
str=ldap_first_attribute(ldapid, entry); 
while (length(str) > 0) { 
   #process attribute 
   … 
   str=ldap_next_attribute(ldapid, entry); 
}
Related Topics

ldap_next_entry

ldap_next_entry

Syntax
int ldap_next_entry(int ldapid, ldapentry entry[, boolean trace] )
Description

ldap_next_entry returns the next entry from the series of results returned by ldap_search, if present; otherwise it returns a NULL or empty entry.

If the optional trace parameter is set to true, any errors or warnings from the LDAP function are written to stdout.

Example
entry=ldap_first_entry(ldapid, searchresults); 
while( entry) { 
   func_process_entry(entry); 
   entry=ldap_next_entry(ldapid, entry); 
}
Related Topics

ldap_open

ldap_open

Syntax
ldapid ldap_open( string host [, int port [, boolean trace]] )
Description

ldap_open opens a connection to the LDAP server on the specified host (identified by hostname or IP address) and port number. The default port number is 389. Use the returned LDAP connection ID as the first parameter to the other LDAP functions.

If the optional trace parameter is set to true, any errors or warnings from the LDAP function are written to stdout.

If successful, it returns a valid LDAP connection ID; otherwise it returns an undefined variable.

The ldap_open library function has been deprecated in the open LDAP libraries. If supported by the installed LDAP library, the ldap_open policy function calls ldap_initialize in preference to ldap_open. However, ldap_initialize does not open the connection - the connection is opened by the first operation attempted, so ldap_initialize will succeed even if given an invalid host name. The ldap_open policy function displays the loaded LDAP library path if a value of 1 is passed as the trace parameter to ldap_open. This makes it easier to determine which LDAP library is used.

Example
ldap = ldap_open( 'ldap.host' ); 
if( !defined ldap ){ 
   reject "Connection to LDAP server failed" ; 
}

ldap_search

Syntax
ldapresult ldap_search(int ldapid, string basedn, string scope, string filter [, list attrList [, int attrOnly[, boolean trace]]] )
Description

ldap_search performs a search in the LDAP directory starting at the location identified by basedn. The ldapid is a valid connection ID returned by ldap_open.

The optional attrList parameter is the list of attributes to return in the results. This defaults to an empty list. The filter contains the LDAP search string, in the format described in RFC 4526.

The optional attrOnly parameter is a true or false value. When true, the results contain only the attribute; when false the results return attributes and values. Default setting is true.

Possible search scope:

  • "base" - returns only the entry specified at the DN specified by basedn.

  • "onelevel" - returns all matching entries from the next level down the directory.

  • "subtree" - returns all matching entries below the basedn in the tree.

If the optional trace parameter is set to true, any errors or warnings from the LDAP function are written to stdout.

Returns a special type ldapresult containing the results of the search in a format that you can pass to the ldap_first_entry and ldap_next_entry functions.

Example
#search for all Users at base level 
searchresults= ldap_search( ldapid, "ou=Users,dn=ldap,dn=domain,dn=com", 
   'onelevel', '(objectClass=*)' ); 
if (ldap_count_results(ldapid, searchresults) == 0) 
{ 
   reject "Found no users"; 
}
関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択