HOME

TheInfoList



Click Here for Items Related To - LDIF
OR:
LDIF on:   [Wikipedia]   [Google]   [Amazon]

The LDAP Data Interchange Format (LDIF) is a standard plain text data interchange format for representing Lightweight Directory Access Protocol (LDAP) directory content and update requests. LDIF conveys directory content as a set of records, one record for each object (or entry). It also represents update requests, such as Add, Modify, Delete, and Rename, as a set of records, one record for each update request. LDIF was designed in the early 1990s by Tim Howes, Mark C. Smith, and Gordon Good while at the University of Michigan. LDIF was updated and extended in the late 1990s for use with Version 3 of LDAP. This later version of LDIF is called version 1 and is formally specified in RFC 2849, an IETF Standard Track
RFC RFC may refer to: Computing * Request for Comments, a memorandum on Internet standards * Request for change, change management * Remote Function Call, in SAP computer systems * Rhye's and Fall of Civilization, a modification for Sid Meier's Civ ...
. RFC 2849 is authored by Gordon Good and was published in June 2000. It is currently a Proposed Standard. A number of extensions to LDIF have been proposed over the years. One extension has been formally specified by the IETF and published. RFC 4525, authored by Kurt Zeilenga, extended LDIF to support the LDAP Modify-Increment extension. It is expected that additional extensions will be published by the IETF in the future.


Content record format

Each content record is represented as a group of attributes, with records separated from one another by blank lines. The individual attributes of a record are represented as single logical lines (represented as one or more multiple physical lines via a line-folding mechanism), comprising "name: value" pairs. Value data that do not fit within a portable subset of ASCII characters are marked with '::' after the attribute name and encoded into ASCII using base64 encoding. The content record format is a subset of the Internet Directory Information typ
RFC 2425


Tools that employ LDIF

The
OpenLDAP OpenLDAP is a free, open-source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. It is released under its own BSD-style license called the OpenLDAP Public License. LDAP is a platform-independe ...
utilities include tools for exporting data from LDAP servers to LDIF content records (), importing data from LDIF content records to LDAP servers (), and applying LDIF change records to LDAP servers (). LDIF is one of the formats for importing and exporting address book data that the address books in Netscape Communicator and in the Mozilla Application Suite support. Microsoft Windows 2000 Server and
Windows Server 2003 Windows Server 2003 is the sixth version of Windows Server operating system produced by Microsoft. It is part of the Windows NT family of operating systems and was released to manufacturing on March 28, 2003 and generally available on April 24, ...
include an LDIF based command line tool named LDIFDE for importing and exporting information in
Active Directory Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was used only for centr ...
. JXplorer is a cross platform open source java application that can browse and do basic editing of LDIF files.


LDIF fields

; dn: distinguished name :This refers to the name that uniquely identifies an entry in the directory. ; dc: domain component :This refers to each component of the domain. For example www.mydomain.com would be written as DC=www,DC=mydomain,DC=com ; ou: organizational unit :This refers to the organizational unit (or sometimes the user group) that the user is part of. If the user is part of more than one group, you may specify as such, e.g., OU= Lawyer,OU= Judge. ; cn: common name :This refers to the individual object (person's name; meeting room; recipe name; job title; etc.) for whom/which you are querying.


Examples of LDIF

This is an example of a simple directory entry with several attributes, represented as a record in LDIF: 
 dn: cn=The Postmaster,dc=example,dc=com
 objectClass: organizationalRole
 cn: The Postmaster
This is an example of an LDIF record that modifies multiple single-valued attributes for two different directory entries (this format is used by Microsoft's LDIFDE tool): 

 dn: CN=John Smith,OU=Legal,DC=example,DC=com
 changetype: modify
 replace: employeeID
 employeeID: 1234
 -
 replace: employeeNumber
 employeeNumber: 98722
 -
 replace: extensionAttribute6
 extensionAttribute6: JSmith98
 -

 dn: CN=Jane Smith,OU=Accounting,DC=example,DC=com
 changetype: modify
 replace: employeeID
 employeeID: 5678
 -
 replace: employeeNumber
 employeeNumber: 76543
 -
 replace: extensionAttribute6
 extensionAttribute6: JSmith14
 -
Note: the "-" character between each attribute change is required. Also note that each directory entry ends with a "-" followed by a blank line. The final "-" is required by Microsoft's LDIFDE tool, but not needed by most ldif implementations. This is an example of an LDIF file that adds a telephone number to an existing user: 
 dn: cn=Peter Michaels, ou=Artists, l=San Francisco, c=US
 changetype: modify
 add: telephonenumber
 telephonenumber: +1 415 555 0002
An example of LDIF containing a control: 
 version: 1
 dn: o=testing,dc=example,dc=com
 control: 1.3.6.1.1.13.1 false cn
 changetype: add
 objectClass: top
 objectClass: organization
 o: testing


RFCs

* — The LDAP Data Interchange Format (LDIF) - Technical Specification * — Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map * {{IETF RFC, 4525, link=no — LDAP Modify-Increment Extension


External links


MSDN : Windows 2003 : Using the LDIFDE Tool

MSDN : Active Directory : LDIF Scripts
Internet Standards