LDAP Data Interchange Format


LDAP Data Interchange Format

The LDAP Data Interchange Format (LDIF) is a standard plain text data interchange format for representing LDAP (Lightweight Directory Access Protocol) directory content and update requests. LDIF conveys directory content as a set of records, one record for each object (or entry). It represents update requests, such as Add, Modify, Delete, and Rename, as a set of records, one record for each update request.

LDIF was designed in the early 1990s by Tim Howes, Mark C Smith, and Gordon Good while at the University of Michigan. LDIF was updated and extended in the late 1990s for use with Version 3 of LDAP. This later version of LDIF is called version 1 and is formally specified in RFC 2849, an IETF Standard Track RFC. RFC 2849, authored by Gordon Good, was published in June 2000 and is currently a Proposed Standard.

A number of extensions to LDIF have been proposed over the years. One extension has been formally specified by the IETF and published. RFC 4525, authored by Kurt Zeilenga, extended LDIF to support the LDAP Modify-Increment extension. It is expected that additional extensions will be published by the IETF in the future.

Content Record Format

Each content record is represented as a group of attributes, with records separated from one another by blank lines. The individual attributes of a record are represented as single logical lines (represented as one or more multiple physical lines via a line-folding mechanism), comprising "name: value" pairs. Value data that do not fit within a portable subset of ASCII characters are marked with '::' after the attribute name and encoded into ASCII using base64 encoding.

Tools that employ LDIF

The OpenLDAP utilities include tools for exporting data from LDAP servers to LDIF content records (ldapsearch), importing data from LDIF content records to LDAP servers (ldapadd), and applying LDIF change records to LDAP servers (ldapmodify).

LDIF is one of the formats for importing and exporting address book data that the address books in Netscape Communicator and in the Mozilla Application Suite support.

Microsoft Windows 2000 Server and Windows Server 2003 include an LDIF based command line tool named LDIFDE for importing and exporting information in Active Directory.

JXplorer is a cross platform open source java application that can browse and do basic editing of LDIF files.

Limitations of LDIF

Values in multi-valued attributes cannot be replaced directly. You need to delete the attributes values and then use "add:" multiple times to feed all of the required values in.

LDIF fields

dn: distinguished nameThis refers to the name that uniquely identifies an entry in the directory. dc: domain componentThis refers to each component of the domain. For example www.google.com would be written as DC=www,DC=google,DC=com ou: organizational unitThis refers to the organizational unit (or sometimes the user group) that the user is part of. If the user is part of more than one group, you may specify so: OU= Lawyer,OU= Judge. cn: common nameThis refers to the individual object (person's name; meeting room; recipe name; job title; etc.) for whom/which you are querying.

Examples of LDIF

This is an example of a simple directory entry with several attributes, represented as a record in LDIF: dn: cn=The Postmaster,dc=example,dc=com objectClass: organizationalRole cn: The Postmaster

This is an example of an LDIF record that modifies multiple single-valued attributes for two different directory entries (this format is used by Microsoft's LDIFDE tool): dn: CN=John Smith,OU=Legal,DC=example,DC=com changetype: modify replace:employeeID employeeID: 1234 - replace:employeeNumber employeeNumber: 98722 - replace: extensionAttribute6 extensionAttribute6: JSmith98 - dn: CN=Jane Smith,OU=Accounting,DC=example,DC=com changetype: modify replace:employeeID employeeID: 5678 - replace:employeeNumber employeeNumber: 76543 - replace: extensionAttribute6 extensionAttribute6: JSmith14 -

Note: the "-" character between each attribute change is required. Also note that each directory entry ends with a "-" followed by a blank line. The final "-" is required.

This is an example of an LDIF file that adds a telephone number to an existing user: dn: cn=Peter Michaels, ou=Artists, l=San Francisco, c=US changetype: modify add: telephonenumber telephonenumber: +1 415 555 0002

RFCs

* RFC 2849 — The LDAP Data Interchange Format (LDIF) - Technical Specification
* RFC 4510 — Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map
* RFC 4525 — LDAP Modify-Increment Extension

External links

* [http://msdn2.microsoft.com/en-us/library/ms870068.aspx MSDN : Windows 2003 : Using the LDIFDE Tool ]
* [http://msdn2.microsoft.com/en-us/library/ms677268.aspx MSDN : Active Directory : LDIF Scripts ]
* [http://alphacentauri.co.nz/sidvault/index.htm SIDVault - Windows LDAP server - Allows Easy Importing of LDIF files]


Wikimedia Foundation. 2010.

Look at other dictionaries:

  • LDAP Data Interchange Format — LDIF (LDAP Data Interchange Format) est un format standardisé d échange de données, qui permet la représentation des données contenues dans un annuaire LDAP. Il permet également la représentation d opérations sur les données de l annuaire (ajout …   Wikipédia en Français

  • LDAP Data Interchange Format — LDIF (Abkürzung aus dem Englischen für LDAP Data Interchange Format) ist ein ASCII basierendes Dateiformat zur Darstellung von Informationen aus einem LDAP Verzeichnis. LDAP beschreibt lediglich ein Kommunikationsprotokoll von Verzeichnisdiensten …   Deutsch Wikipedia

  • Lightweight Data Interchange Format — LDIF (Abkürzung aus dem Englischen für LDAP Data Interchange Format) ist ein ASCII basierendes Dateiformat zur Darstellung von Informationen aus einem LDAP Verzeichnis. LDAP beschreibt lediglich ein Kommunikationsprotokoll von Verzeichnisdiensten …   Deutsch Wikipedia

  • LDAP — son las siglas de Lightweight Directory Access Protocol (en español Protocolo Ligero de Acceso a Directorios) que hacen referencia a un protocolo a nivel de aplicación el cual permite el acceso a un servicio de directorio ordenado y distribuido… …   Wikipedia Español

  • LDAP — Lightweight Directory Access Protocol Lightweight Directory Access Protocol (LDAP) est à l origine un protocole permettant l interrogation et la modification des services d annuaire. Ce protocole repose sur TCP/IP. Il a cependant évolué pour… …   Wikipédia en Français

  • Ldap — Lightweight Directory Access Protocol Lightweight Directory Access Protocol (LDAP) est à l origine un protocole permettant l interrogation et la modification des services d annuaire. Ce protocole repose sur TCP/IP. Il a cependant évolué pour… …   Wikipédia en Français

  • LDAP — im TCP/IP‑Protokollstapel: Anwendung LDAP Transport UDP TCP Internet IP (IPv4, IPv6) Netzzugang …   Deutsch Wikipedia

  • Ldap — im TCP/IP‑Protokollstapel: Anwendung LDAP Transport UDP TCP Internet IP (IPv4, IPv6) Netzzugang …   Deutsch Wikipedia

  • LDIF — LDAP Data Interchange Format LDIF (LDAP Data Interchange Format) est un format standardisé d échange de données, qui permet la représentation des données contenues dans un annuaire LDAP. Il permet également la représentation d opérations sur les… …   Wikipédia en Français

  • Ldif — LDAP Data Interchange Format LDIF (LDAP Data Interchange Format) est un format standardisé d échange de données, qui permet la représentation des données contenues dans un annuaire LDAP. Il permet également la représentation d opérations sur les… …   Wikipédia en Français


Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”

We are using cookies for the best presentation of our site. Continuing to use this site, you agree with this.