HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server

561

562

563

564

565

566

567

568

569

570

C LDAP URLs

LDAP URLs identify the HP-UX Directory Server instance, similarly to the way site URLs identify a

specific web site or web page. There are three common times when the LDAP URL of the Directory

Server instance is used:

• The LDAP URL is used to identify the specific Directory Server instance when the Directory

Server is accessed using a web-based client such as Administration Express.

• LDAP URLs are used to configure Directory Server referrals.

• LDAP URLs are used to configure access control instructions.

NOTE:

The LDAP URL format is described in RFC 4516, which is available at http://www.ietf.org/rfc/

rfc4516.txt.

Topics include:

• “Components of an LDAP URL” (page 570)

• “Escaping unsafe characters” (page 571)

• “Examples of LDAP URLs” (page 571)

C.1 Components of an LDAP URL

LDAP URLs have the following syntax:

ldap[s]://hostname:port/base_dn?attributes?scope?filter

The ldap:// protocol is used to connect to LDAP servers over unsecured connections, and the

ldaps:// protocol is used to connect to LDAP servers over TLS/SSL connections. Table 84 (page

570) lists the components of an LDAP URL.

NOTE:

The LDAP URL format is described in RFC 4516, which is available at http://www.ietf.org/rfc/

rfc4516.txt.

Table 84 LDAP URL components

DescriptionComponent

Name (or IP address in dotted format) of the LDAP server. For example,

ldap.example.com or 192.202.185.90.

hostname

Port number of the LDAP server (for example, 696). If no port is specified, the standard

LDAP port (389) or LDAPS port (636) is used.

port

Distinguished name (DN) of an entry in the directory. This DN identifies the entry that is

the starting point of the search. If no base DN is specified, the search starts at the root of

the directory tree.

base_dn

The attributes to be returned. To specify more than one attribute, use commas to separate

the attributes; for example, cn,mail,telephoneNumber. If no attributes are specified

in the URL, all attributes are returned.

attributes

The scope of the search, which can be one of these values:scope

• base retrieves information only about the distinguished name (base_dn) specified in

the URL.

• one retrieves information about entries one level below the distinguished name

(base_dn) specified in the URL. The base entry is not included in this scope.

• sub retrieves information about entries at all levels below the distinguished name

(base_dn) specified in the URL. The base entry is included in this scope.

570 LDAP URLs