(mm) search, create, modify, delete entries in LDAP server
Home | Software | Count
Software:
GWT
  GWTOAuthLogin
X/Motif
  ansi xterm
  grabc
  mdgclock
  miv
  mplaymidi
  mppp
  mxascii
  mcmap
  mxcmap
  mxconsole
  mxkill
  mxshowfont
  qtip
  xmastm
  yrolo
Web
  mhttpd
  web counter
  upload.pl
  TimeTrack.pl
  mod_auth_ldap
Games
  fltkmm
  iphonemm
Java
   cdcl
   cdclgwt
   jdgclock
Libraries
  libcalen
  libmcfg
  libsll
  libmsock
Misc
  bangla font
  dpr
  genmake
  hod
  smtp.pl
  vhtml
  phones_ldap
  showpic_ldap
  mbasecalc
  fluid_hack
  kdialppp
  strip2csv
  googlecode-upload
MS Windows
  mwinclip.pl
  mbasecalc
  mailsend
  wiv 		phones_ldap - search, create, modify and delete entries in a Lightweight Directory Access Protocol (LDAP) server
  • Download:
    Source
    File: phones_ldap.tar.gz
    Size: 699474 bytes
    MD5 Checksum: 19fdd178006355c4b969658eb628bd88
    Last updated: ?

SYNOPSIS

       phones_ldap [options]
       where the options include:
           -c          Show the command set
           -S server   LDAP server
           -P port     Port on LDAP server
           -b basedn   Base DN for search
           -h          Shows this help
           -s          Simple menu
           -v          Print version
           -V          Verbose

OPTIONS

       -c     Show the command set available after binding to the
              LDAP  server. The command sets are used for manipu-
              lating records in the LDAP server offline.

       -S server
              Specify an alternamte hostname where a LDAP  server
              is running.

       -P port
              Specify an alternate TCP port where the LDAP server
              is listening.

       -b basedn
              Use an alternate base Distinguised  Name  (DN)  for
              example:  o=Fox  Chase  Cancer  Center,c=US  as the
              starting point for the search.

       -h     Show the options.

       -s     After binding to the LDAP server, if the Enter  key
              is  pressed, the command set available is shown. If
              the number of command sets  cloud  your  head,  use
              this flag.

       -v     Print the version number of the program.

       -V     Show some verbose information.

       After  connecting  to  the LDAP server, the following com-
       mands can be used:

       add                     add a record to LDAP server
       cls                     clear screen
       delete [item]           query and delete a record from LDAP server
       delete search number    delete record by matching from search buffer
       help                    show the help file
       free search [number]    free content of search buffer
       edit [search] number    edit the record number in search buffer
       edit [modified] number  edit the record number in modify buffer
       edit [new] number       edit the record number in new buffer
       vedit [search] number   same as edit [search] number, but use your editor
       vedit [modified] number same as edit [modified] number,but use editor
       vedit [new] number      same as edit [new] number, but use your editor
       print search            show content of search buffer
       print modify            show content of modify buffer
       print new               show content of new buffer
       save                    save new/modified entries to LDAP server
       show [item]             query and show a record from LDAP server
       modify [item]           query and modify a record in LDAP server
       vmodify [item]          same as modify but use your editor
       open                    open connection to a new LDAP server
       exit                    leave the program

The program phones_ldap program has reasonable hard-coded defaults for all command line options. It also can read the default values from a configuration file if it exists. Please read the section CONFIGURATION FILE for details. The command line options take precedence over all.

DESCRIPTION

The phones_ldap is a program to search, create, modify and delete entries in a LDAP server. As this program talks to LDAP server, many people can run the program at the same time without worrying about data being getting corrupted. LDAP server is responsible for maintaining the data integrity.

BACKGROUND

LDAP is a specification for a client-server protocol to retrieve and manage directory information. LDAP runs over TCP/IP. It is essentially a directory web in much the same way that http and html are used to define and implement the global hypertext web. Before modifying anything in a LDAP server, it is necessary to "bind" to the LDAP server as a user. Binding to LDAP server is similar to log-in to a system with a username and password. LDAP has very gran- ular access control mechanism based on who is binding to the server.

In Fox Chase Cancer Center LDAP server, any user can bind to the LDAP server but currently a user is allowed to mod- ify the following items of his/her own entry: Phone num- ber, Fax number, Room number, Title, Postal address and WWW homepage link. If you bind to the LDAP server as phone administrator, currently you will be able to create a new card or modify any existing card, but will not be able to delete any existing card. If you bind to the ldap server as LDAP administrator, you will have full access to the database, that is you can search, modify, create and ify any entries but will not be able to delete any entries.

Although it is not necessary but will be useful to under- stand the way the program phones_ldap works. The program has three buffers called "Search Buffer", "Modify Buffer" and "New Buffer". The buffers are nothing but distinct memory areas to hold information. When a search is per- formed and if any result is returned from the LDAP server, the program stores the result in the "Search Buffer". The entries in the "Search Buffer" can be manipulated. If any entries are modified (from search buffer or directly querying the LDAP server), they are stored in the "Modify Buffer" and if new entries are added, they are stored in the "New Buffer". If a entry from "Modify Buffer" is modi- fied, it remains in the same buffer. It is also true for the entries in the "New Buffer". The modified and new entries can be saved in the LDAP server. There are lots of commands to manipulate buffers which are available from menu items. Please refer to the section MENU ITEMS for details. Note, users may choose not to use the buffer commands, but they increase the functionality of the pro- gram a great deal.

BINDING TO LDAP

When the program starts up, it prompts for a user name to bind to the LDAP server. Then it will prompt for the user's password. The LDAP server will allow to bind to the LDAP server without password, but the user will only be able to perform searches. Right now, in Fox Chase Cancer Center LDAP server, only the "admin" user or the member of the admin group have full access to the LDAP server. The "phones" user and the members of the "Phones Manger" group can search, create, modify any existing card, but are not allowed to delete any card. A normal user can search and modify his/her own Phone number, Fax number, Room number, Title, Postal address and WWW homepage link.

CONFIGURATION FILE

First the program looks for the file .phones.cfg in the home directory of the person. It it does not exist or not readable, the program looks for the file phones.cfg in the directory /usr/local/etc. The format of this file is [sec- tion] followed by value in the next line. 

   ##
   ## config file for phones ldap program
   ## muhammad a muquit
   ## August 17, 1998
   ## updated: Nov-01-1998
   ##

   ##
       1.2

   ##
   # full path of the help file
   [Help File]
       /usr/local/etc/phones_ldap.hlp
   ##
   # show search routine in terse or normal
   #[Search Result]
   #   Terse
   [Search Result]
      Normal

   ##
   # name of LDAP server
   [LDAP server]
       ldapmaster.muquit.com

   ##
   # LDAP server port number
   [LDAP port]
       389

   ##
   # base distinguished name
   [base dn]
       o=Fox Chase Cancer Center,c=US

   ##
   # users have full (read/write/delete/add) access to LDAP server
   [admin user]
       admin

MENU ITEMS

The menu items of the program phones_ldap is shown below: 

$ phones_ldap -V
===========================================
LDAP server: ldap.muquit.com
LDAP port:   389
Search root: o=Fox Chase Cancer Center,c=US
===========================================

   [Connected to LDAP server: ldapmaster.muquit.com, Port: 389, bound as: admin]
   Command:
   Commands are:
   add                     add a record to LDAP server
   cls                     clear screen
   delete [item]           query and delete a record from LDAP server
   delete search number    delete record by matching from search buffer
   help                    show the help file
   free search [number]    free content of search buffer
   edit [search] number    edit the record number in search buffer
   edit [modified] number  edit the record number in modify buffer
   edit [new] number       edit the record number in new buffer
   vedit [search] number   same as edit [search] number, but use your editor
   vedit [modified] number same as  edit [modified] number, but use your editor
   vedit [new] number      same as edit [new] number, but use your editor
   print search            show content of search buffer
   print modify            show content of modify buffer
   print new               show content of new buffer
   save                    save new/modified entries to LDAP server
   show [item]             query and show a record from LDAP server
   modify [item]           query and modify a record in LDAP server
   vmodify [item]          same as modify but use your editor
   open                    open connection to a new LDAP server
   exit                    leave the program

   [Connected to LDAP server: ldapmaster.muquit.com, Port: 389, bound as: admin]
   Command:
The menu items are described in details below:

add Adds a record to the LDAP server. To add a new card, type "a" or "add" in the Command: prompt and press Enter. It will prompt for the entries as shown below: 


   [Connected to LDAP server: ldapmaster.muquit.com, Port: 389, bound as: admin]
   Command> a
   ---------------------------------------------------------------
   Please Enter the values for the card
   NOTE: * indicates a required field
   ---------------------------------------------------------------
   Last name: [*] Doe
   First name: [*] John
   Middle Initial: J
   Full name [John J Doe]:
   User id [doe]: jdoe
   Honorific (Dr. etc):
   Family rank (Jr., Sr. etc):
   Phone: 3660
   Fax: 2513
   Title:
   Room: C119
   Email alias [jj_doe@muquit.com]:
   Email drop: doe@aquila.muquit.com
   List by owner [n]:
   List by self [y]:
   Web page: http://www.foo.com/
   Photo:
   {crypt}cypted_password: {crypt}nuZnljIuEuvAQ
   Unix user_id number: 6037
   Unix group_id number: 345
   Gecos: John J. Doe
   Unix home directory: /home/jdoe

Note, in the Photo field above, you can provide full path of a GIF or JPEG file. You also can specify path using ~, it will will be expanded. Be reasonable while adding pic- ture in the LDAP server, try to add small images. The crypted password is a Unix crypted password. It is crypted with the function call crypt(char *key,char *salt). Do a "man 3 crypt" for details. The cypted password must start with a string {crypt}. It is a hint to the LDAP server that the password is a Unix crypt password. Netscape LDAP server also understands password encrypted with Secure Hash Algorithm {sha} for exampple. To create a crypted password, the following perl script can be used: 


#!/usr/bin/perl
#
# encrypt a word with crypt algorithm.
# muquit, 1997

       use strict;

       my $me=$0;

       my @saltset=('a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/');

       $me =~ s/.*//g;
       if ($#ARGV+1 != 1)
       {
           print STDERR "usage: $me <word>0;
           exit;
       }

       my $word=$ARGV[0];
       my $salt=$ARGV[1];
       my $pass='';
       my $salt=$saltset[int(rand(64))].$saltset[int(rand(64))];

       $pass=crypt($word,$salt);
       print "word -> $pass0;

In Fox Chase Cancer Center RCS Unix machines, just type "mcrypt.pl password" to create a crypted password. The Unix user id number, group id number, gecos, home direc- tory and login shell are the same entities as they appear in Unix /etc/passwd file. At this time the program does not check uid collision, so be carefull when you specify user id and group id number. As it is possible to create the passowd file from LDAP and we may do in future. After filling out the card, it will be added to the "New Buffer". If you made a typo, the card can be modified by editing the entry from new buffer. To modify, first type "p n" or "print new" to see what is in the "New Buffer". In the upper left corner of each card, you will see a label line [n1/n2] when n1 and n2 are two numbers. n1 you see the label as [5/6], then the card number is 5, and there are 6 cards in the buffer. To edit the card, type: "edit new 5" or "e n 5", meaning edit card number 5 from "New Buffer".

cls Type "cls" or "c" to clear the screen.

delete [item] First query for a card in the LDAP server, if the card exists, it will prompt for confirmation to delete it from the LDAP server. Note, if you answer yes to the confirmation, the operation can not be undone. If no argument to the delete is supplied, it will ask interactively. Also note, if you do not any authority to delete entries from LDAP, the commnd will fail and the error message will be written on the screen.

delete search number If a card exists in the "Search Buffer", it will prompt for the confirmation to delete it from the LDAP server. Note, if you answer yes to the con- firmation, the operation can not be undone.

help Shows the content of the online help file if the file exists.

free search [number] Frees the content of "Search Buffer" If a number is supplied, the specific card number from the buffer will be deleted. For example, "free search" or "f s" will free entire "Search Buffer", "f s 2" will remove the card number 2 from "Search Buffer". Note, "free" only frees the memory con- tent of the buffer, it does not delete the card/s from LDAP server. To delete a card from LDAP server, use "delete".

free modify [number] Frees the content of "Modify Buffer".

free new [number] Frees the content of "New Buffer".

edit [search] number Edit a card from "Search Buffer". If no number is specified, it will edit the card from "Search Buffer" by default. If an attribute has a value it is show inside a pair of square brackets. Press Enter to accept the value. If you want to remove an attribute, just type -none- or -null- as the value. Edit a card from "Modify Buffer". If no number is specified, it will edit the card from "Search Buffer" by default. If an attribute has a value it is show inside a pair of square brackets. Press Enter to accept the value. If you want to remove an attribute, just type -none- or -null- as the value.

edit [new] number Edit a card from "New Buffer". If no number is specified, it will edit the card from "Search Buffer" by default. If an attribute has a value it is show inside a pair of square brackets. Press Enter to accept the value. If you want to remove an attribute, just type -none- or -null- as the value.

vedit [search] number Edits a card from "Search Buffer" but it uses your text editor to do that. Please look at "vmodify" command for details how the editor works.

edit [modified] number Edits a card from "Modify Buffer" but it uses your text editor to do that. Please look at "vmodify" command for details how the editor works.

edit [new] number Edits a card from "New Buffer" but it uses your text editor to do that. Please look at "vmodify" command for details how the editor works.

print search Print the content of "Search Buffer" to standard out. The content is piped through the pager. To change the pager, set the PAGER environment vari- able.

print modify Print the content of "Modify Buffer" to standard out. The content is piped through the pager. To change the pager, set the environment variable

print new Print the content of "New Buffer" to standard out. The content is piped through the pager. To change the pager, set the PAGER environment variable.

print Show the contents of all the buffers. A title will identify each buffer.

save If anything is in the "Modify" or "New" buffer,

show [item] Query the LDAP server for the card and shows the content to standard out. The content is piped through the pager. To change the pager, set the PAGER environment variable.

modify [item] First query for a card in the LDAP server and a match is found in the LDAP server, prompt will be displayed for confirmation to edit the card. If more than one match is found, prompt will be cycled through all the found cards. If an attribute has a value it is show inside a pair of square brackets. Press Enter to accept the value. If you want to remove an attribute, just type -none- or -null- as the value.

vmodify [item] This command is same as modify [item], only dif- ference is that you can use your text editor to edit entries. It detects the editor first by checking the environment variable EDITOR. If the variable is not set it will use vi. If more than one entries are matched, you will be prompted to select a entry for editing. Example: 

   [Connected to LDAP server: cygnus, Port: 489, bound as: admin]
   Command: vmod muh

   2 names matched.
      1. Muhammad A Muquit (muquit)
      2. Robert R Muhlhauser
   Enter the number of the name you want or Q to quit: 1

   After typing 1 and pressing  Enter,  you  will  be
   inside  your  editor  (in this example, it is vi).
   The screen will look like below:
   ##--------------------------------------------------------------------------
   ## Directory entry of: muquit
   ## Syntax is:
   ##  <attribute-name>
   ##     <TAB> <value>
   ## Lines beginning with a hash mark are comments.
   ##
   ## Syntax adapted from ud utility comes with
   ## Umich LDAP server, but the code is written from scratch
   ## ma_muquit@muquit.com, Research Computing Services
   ##--------------------------------------------------------------------------
   sn
       Muquit
   givenname
       A
   cn
       Muhammad A Muquit
   uid
       muquit
   honorific
   familyrank
   telephonenumber
       3660
   roomnumber
       C119
   mail
       MA_Muquit@muquit.com
   emaildrop
       muquit@muquit.com
   listbyowner
       n
   listbyself
       y
   labeleduri
       http://www.muquit.com/
   jpegphoto
       NOT ASCII

Please read the comments (starts with # at the top) for the format. In any event, do not edit the attribute name, only the edit the value (starts with a tab or space). In the jpegphoto attribute, specify the path of the picture in the next line. Note, if the person already has a picture in the server, it will show up as "NOT ASCII". If you want remove an entry, specify the value as -null- or -none-. If you change anything, it will be added in the "Modify Buffer". Look at the buffer using command 'print modify'.

open Close the active TCP connection and a open a new connection to an alternate LDAP server. The prompt will be displayed for new ldap server, the ldap port and base Distinguised Name. Warning: Data in all buffers will be freed after this command is typed.

exit Leave the program. If anything is in "Modify" or "New Buffer", the user will be prompted to save them to LDAP server before exiting the program.

SEE ALSO

http://www.umich.edu/~dirsvcs/ldap/index.html
http://www.kingsmountain.com/ldapRoadmap.shtml
/usr/local/etc/phones.cfg

COMMENTS

If you look at the code, it is one of the ugliest programs I've ever written. This program is very hard to modify, even my own head spins when I want to modify something! Follow the README file for steps if you want to add and delete any attributes. The Coding does not have any design, it just grew and grew and grew, very much like most of the M$ software. Well it differs with M$ software is that it works well. Note again: The code is badly designed IMHO, the functionality of the program is just fine. It never core dumped on me :) It works well for the purpose I wrote it.

AUTHORS

Muhammad A Muquit
email: muquit@muquit.com
www: http://www.muquit.com/

Before compiling, go to the libs directory and make a link to the LDAP directory, for example: 


    cd libs
    ln -s /usr/local/lib/mozilla_ldap ldap
Type: ./Build pristine to build everything from scratch

If you use this program, please let me know.

back Page updated: Sun Mar 31 01:59:56 2013 GMT   Copyright © 2013 muquit@muquit.com.