HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server

541

542

543

544

545

546

547

548

549

550

A.3.2 Base-64 encoding

Binary data can be converted to base-64, which can be used in LDIF files, for a variety of data,

from images to SSL certificates. Base 64-encoded data are identified by using the :: symbol. For

example:

jpegPhoto::encoded_data

In addition to binary data, other values that must be base-64 encoded include the following:

• Any value that begins with a colon (:) or a space.

• Any value that contains non-ASCII data, including new lines.

Use the ldif command line utility with the -b option to convert binary data to LDIF format:

ldif -b attribute_name

attribute_name is the name of the attribute to which the binary data is supplied. The binary

data is read from standard input and the results are written to standard output. Thus, use redirection

operators to select input and output files.

The ldif command line utility will take any input and format it with the correct line continuation

and appropriate attribute information. The ldif utility also assesses whether the input requires

base-64 encoding. For example:

ldif -b jpegPhoto < mark.jpg > out.ldif

This example takes a binary file containing a JPEG-formatted image and converts it into LDIF format

for the attribute jpegPhoto. The output is saved to out.ldif.

The -b option specifies that the ldif utility should interpret the entire input as a single binary

value. If -b is not present, each line is considered to be a separate input value.

A.4 Specifying directory entries Using LDIF

Many types of entries can be stored in the directory. This section concentrates on three of the most

common types of entries used in a directory: domain, organizational unit, and organizational

person entries.

The object classes defined for an entry are what indicate whether the entry represents a domain

or domain component, an organizational unit, an organizational person, or some other type of

entry.

A.4.1 Specifying domain entries

Directories often have at least one domain entry. Typically this is the first, or topmost, entry in the

directory. The domain entry often corresponds to the DNS host and domain name for your directory.

For example, if the Directory Server host is called ldap.example.com, then the domain entry

for the directory is probably named dc=ldap,dc=example,dc=com or simply

dc=example,dc=com.

The LDIF entry used to define a domain appears as follows:

dn: distinguished_name

objectClass: top

objectClass: domain

dc: domain_component_name

list_of_optional_attributes

...

The following is a sample domain entry in LDIF format:

dn: dc=example,dc=com

objectclass: top

objectclass: domain

dc: example

description: Fictional example company

Each element of the LDIF-formatted domain entry is defined in Table 78 (page 550).

A.4 Specifying directory entries Using LDIF 549