  LDAP Linux HOWTO

  Luiz Ernesto Pinheiro Malere, malere@yahoo.com
  v1.04, 2001 2 28
  , s_ryong@hotmail.com
  2001 3 7

    LDAP(Lightweight Directory Access Protocol)  ġ, ,
        Ѵ. LDAP Ÿ̽ ,
  Ÿ̽  Ű , ο    ݽ
  ּҷ    λ׵ Ѵ.   κ ̽ð
     OpenLDAP  ħ ٰѴ.
  ______________________________________________________________________

  

  1. Ұ
     1.1 LDAP ΰ?
     1.2 丮 񽺶 ΰ?
     1.3 LDAP  ۵ϴ°?
     1.4 LDAP 鿣, ü Ӽ
     1.5  ο 
     1.6 ǰ߰ 
     1.7  ǥ 
     1.8 Acknowledgments
     1.9 Copyright and Disclaimer

  2. LDAP  ġϱ
     2.1  ʼ, Pre-Requirements
     2.2 Ű ٿε ޱ
     2.3 Ű  ϱ
     2.4 Ʈ ϱ
     2.5  ϱ

  3. LDAP  ϱ AID CDATA 3(LABEL)LABEL
     3.1   
     3.2   AID CDATA 3.2(LABEL)LABEL
     3.3 Ϲ 鿣 ɼ
     3.4 Ϲ Ÿ̽ 
     3.5 LDBM 鿣 Ư 
     3.6 ٸ 鿣 Ÿ̽
     3.7   
     3.8   

  4. LDAP  ϱ AID CDATA 4(LABEL)LABEL
     4.1 Command Line Options
     4.2 LDAP  ϱ AID CDATA 4.2(LABEL)LABEL
     4.3 LDAP  ϱ

  5. Ÿ̽   
     5.1 ¶λ󿡼 Ÿ̽ ϱ
     5.2 λ󿡼 Ÿ̽ ϱ
     5.3 More on the LDIF format
     5.4 The ldapsearch, ldapdelete and ldapmodify utilities AID CDATA 5.4(LABEL)LABEL

  6. ΰ  Ư¡
     6.1 ο (Roaming Access)
     6.2 ݽ ּҷ
     6.3 LDAP Migration Tools
     6.4 LDAP  
     6.5 ׷ LDAP 
     6.6 α

  7.  
     7.1 URLs
     7.2 
     7.3 RFCs

  ______________________________________________________________________

  1.  Ұ

    LDAP 丮  ġϿ ϴµ ־  ֱ
    LDAP  ġ, ,      .
    LDAP Ŭ̾Ʈ ƿƼ Ͽ 丮  ,
  ˻  ϴ  . LDAP 丮  , slapd
    UNIX ÷ ۵ȴ.

  LDAP 鰣 纻 ٷ ٸ , slurpd ִµ, а
  ο  ʿ䰡 .   纻,  slurpd ,
    ο  丮 񽺸 ϴ slapd 
  ۵Ѵ.

       ٷµ ó   ϸ 
  ʿ ٸ  ϴ  .    LDAP
   뿡  Ȯ ʱȭ Ѵ. Ƹ   
  Ŀ   ɷ ȮӸ ƴ϶  밡 C, C++ 
  ڹ  (JDKs) Ͽ ڽ Ŭ̾Ʈ ۼ  
  ̴.

  1.1.  LDAP ΰ?

  LDAP 丮    Ŭ̾Ʈ- ݷ
  ʱ⿡ X.500 (front-end) Ǿ ĵ (stand-
  alone)  ٸ  丮  Բ   ִ.

  1.2.  丮 񽺶 ΰ?

  丮 Ÿ̽   ̰ Ӽ 
    ִ. 丮  Ϲ ⺸ٴ б
  ۾   ̿ȴ. , 丮  
  Ÿ̽ ٷ (high-volume complex)  
  ϴ  ó(transaction) Ǵ ѹ ȹ(α׷  ٷ
   üũƮ ư, roll-back)  ʴ´. 丮
  Ϲ,  ȴٸ,  ŵǰų ƹ ͵ 
  ʴ´.

  丮 ٷ (lookup) Ǵ ˻ 꿡   ϱ
   ȴ. 丮  ð ҽŰ ݸ 뼺
  ŷڼ Ű   θ   ִ. 丮 
       Ͻ ġ ᱹ ġȴٸ
   ̴.

  丮 񽺸 ϴ  ٸ  ִ.  
  پ   丮 Ǵ  ϸ, ׷ 
   ,   ŵ  ִ Ǵ 㰡  κ
   ȣǴ     д.  丮
  񽺴 ѵ Ȳ(  ܵ ӽſ finger ) ؼ
  񽺸 ϴ  ݸ ٸ 񽺴   Ȳ ؼ
  񽺸 ϴ ü̴.

  1.3.  LDAP  ۵ϴ°?

  LDAP 丮 񽺴 Ŭ̾Ʈ- 𵨿 ϴµ, ϳ Ǵ 
  ̻ LDAP  LDAP 丮 Ʈ Ǵ 鿣(backend)
  Ÿ̽ ϴ ڷḦ  ִ. LDAP Ŭ̾Ʈ LDAP
    ϸ,   Ǵ Ŭ̾Ʈ   
    ִ (Ϲ ٸ LDAP)  Ѵ.
  Ŭ̾Ʈ  LDAP  ϴ   丮 
  ;  LDAP   ̸ ٸ LDAP   ִ 
  Ʈ ϸ ̰ LDAP  ü 丮  ߿
  Ư¡̴.

  1.4.  LDAP 鿣, ü Ӽ

  Slapd  ٸ 鿣 Ÿ̽ ߿ ϳ   ִ;
   ũ  Ÿ̽ LDBM,  н ɾ Ǵ 
  ũƮ  Ÿ̽ ̽ SHELL,  н 
  Ÿ̽ PASSWD.

    LDBM Ÿ̽ õȴٰ Ѵ.

  LDBM Ÿ̽ Ÿ̽  Ʈ Ʈ 4 Ʈ
   ĺڸ Ҵν ۵Ѵ. Ÿ̽ Ʈ 
  ĺ(entry's unique identifier, EID) Ʈ ü ǥϴ
  ؽƮ ִ id2entry ϳ  ε Ϸ Ǵµ
  ٸ ε ϵ鵵  ȴ.

  LDAP  丮 鰣 丮  import  export
  ϰų 丮 Ǿ ϴ Ϸ  ϱ 
  LDIF(LDAP Data Interchange Format)   Ϲ ȴ.
  LDIF  Ʈ ü    ϴµ LDAP
  Ʈ Ű LDIF  LDBM  ȭִ ƿƼ
  ִ.

  Ϲ LDIF  ó δ:

       dn: o=TUDelft, c=NL
       o: TUDelft
       objectclass: organization
       dn: cn=Luiz Malere, o=TUDelft, c=NL
       cn: Luiz Malere
       sn: Malere
       mail: malere@yahoo.com
       objectclass: person

     Ʈ Ǵ ̸(DN, distinguished name) 
  ϰ ĺǸ DN Ʈ ̸ Ʈ  丮 
   ֻ ã ̸ η ȴ.

  LDAP ü Ŭ Ʈ ϴµ   ִ Ӽ 
  Ѵ. LDAP ǥ   ⺻  ü Ŭ Ѵ:

  o   ü Ǵ ü ׷ ĵ  Ʈ ϰ ִ
     丮 ׷

  o   (description)  

  o  丮 

  o  丮 

  Ʈ ϳ ̻ ü Ŭ   ִµ,   
   Ʈ person ü Ŭ  ǵ inetOrgPerson,
  groupOfNames Organization ü Ŭ Ӽ ؼ ǵ 
  ִ.  ü Ŭ ( Ű, schema) Ư Ʈ
   ʼ   Ӽ  Ʈ Ѵ.

  丮 ڷ Ӽ-  ǥǴµ   Ư κ
   Ӽ ȴ.

   , commonName Ǵ cn Ӽ  ̸ ϴµ
  ȴ.  Jonas Salk ̸   丮 
   ǥ  ִ.

       cn: Jonas Salk

  丮    person ü Ŭ Ӽ տ
   ǵǴµ  Ʈ ϱ  ϴ ٸ Ӽ
     ִ.

       givenname: Jonas
       surname: Salk
       mail: jonass@airius.com

  ʼ Ӽ ü Ŭ ϴ Ʈ ؾ ϴ Ӽ
  ϴµ  Ʈ Ʈ ϴ ü Ŭ ƮǾ
  ִ objectClass Ӽ ʿ Ѵ.

   Ӽ ü Ŭ ϴ Ʈ   ִ Ӽ
  ϴµ   person ü Ŭ cn  sn Ӽ ʼ
  description, telephoneNumber, seeAlso userpassword Ӽ ʼ
  ƴ  ͵̴.

   Ӽ Ӽ  Ǵ   ϴ ش (syntax)
  Ǹ ´:

  o  bin binary (̳ʸ)

  o  ces case exact string (case 񱳽 ġؾ Ѵ)

  o  cis case ignore string (case 񱳽 õȴ)

  o  tel telephone number string (cis  񱳽  ñȣ
     `-'  õȴ)

  o  dn distinguished name (Ǵ ̸)

  Objectclass Ӽ ǵ ý  ִ ˱ ؼ
  ``'' ù  .

  1.5.   ο 

    ڵ鿡  Ǵ ǵ鿡   ŵ 
  ִ.    ο  ؼ  ؾ Ѵ:

  <http://www.mobilesoft.com.br/HOWTO/LDAP-HOWTO.html>

  1.6.  ǰ߰ 

      ִ     Ǳ ִٸ 
  ڿ ּҷ  ֱ ٶ.

  malere@yahoo.com

  ּ/Ǵ  ִٸ  ڿ ˷ֱ ٶ.

  1.7.   ǥ 

    ñ⺰ з  ǥ  Ѵ.  ǥ  ʱ
   Ե , ο ߰    Ѵ.

  v1.0: 20 June 1999, Initial version.

  v1.01: 15 February 2000, added the following sections:

  o  LDAP Migration Tools

  o  Authentication using LDAP

  o  Graphical LDAP tools

  o  RFCs

     v1.02: 13 September 2000, correction of typos and addition of the
     following section:

  o  History of Releases

     v1.03: 28 September 2000, presenting OpenLDAP 2.0, which comprises
     Ldap v3, defined on the RFC2251 <ftp://ftp.isi.edu/in-
     notes/rfc2251.txt>.  v1.04: 28 Februrary 2001, correction of more
     typos and update on the following sections:

  o  Roaming Access

  o  Authentication using LDAP

  1.8.  Acknowledgments

    Netherlands TUDelft п  Ͻ ̴.
  ڴ    ⸦   е鿡  ǥϰ
  ʹ: Rene van Leuken Wim Tiwon ſ  Ѵ. ׵ 
  ڿ   ҵ̴. ڴ   ⿩ Ͼ LDAP
  HOWTO   Thomas Bendler LDP Ʈ  
  Joshua  ǥϰ ʹ.

  1.9.  Copyright and Disclaimer

  The LDAP Linux HOWTO is Copyrighted 1999 by Luiz Ernesto Pinheiro
  Malere. It can be distributed freely. It cannot be modified. If you
  have any kind of sugestion, please send me an email (I will update the
  document if the sugestion proceeds).

  If you want a translation, for example to Portuguese, you can send me
  an email about it too.

  No liability for the contents of this document can be accepted. I have
  no responsability about the consequences of following the steps
  provided in this document.

  If you have questions, please contact, the Linux HOWTO coordinator, at

  linux-howto@metalab.unc.edu

  2.  LDAP  ġϱ

  LDAP  ġ  ʼ Ű ġ(ġǾ   ), 
  ٿε, Ʈ ü, Makefile    ټ ܰ踦
   ̷.

  2.1.   ʼ, Pre-Requirements

  LDAP  3    OpenLDAP Ŭ̾Ʈ  ణ
  ΰ Ű ġ ʿѴ:

  OpenSSL TLS libraries

   ü  ̺귯 ⺻ ý κ Ǵ 
  Ʈ Ʈ   , OpenSSL   ġ
  ʿ Ѵ. OpenSSL  Ʈ   ִ.

  <http://www.openssl.org/>

  Kerberos Authentication Services

  OpenLDAP Ŭ̾Ʈ  Kerberos   񽺸
  ϴµ Ư Heimdal Ǵ MIT Kerberos V Ű ̿ SASL/GSAPI
   ⱸ Ѵ. Kerberos  SASL/GSSAPI  ϰ
  ʹٸ Heimdal Ǵ MIT Kerberos V ġؾ Ѵ. Heimdal Kerbero
  <http://www.pdc.kth.se/heimdal>κ   ִ.

  MIT Kerberos  <http://web.mit.edu/kerberos/www>κ   ִ.
  Kerberos ϴ Ͱ      
  õѴ.

  Cyrus's Simple Authentication and Security Layer Libraries

   ü  ̺귯 ⺻ ý κ Ǵ 
  Ʈ Ʈ   , Cyrus SASL  
  ġ ʿ Ѵ. Cyrus SASL  <http://asg.web.cmu.edu/sasl/sasl-
  library.html>κ   ִ.  Cyrus SASL OpenSSL
  Kerberos/GSSAPI ̺귯 ̸ ġǾ ִٸ ̵ 
  ̴.

  Database Software

  OpenLDAP slapd ⺻ ͺ̽ 鿣 LDBM Ʈ  
  ȣȯ Ÿ̽ Ű ʿ Ѵ. LDBM Sleepycat
  Ʈ BerkeleyDB(õ) Ǵ  Ʈ (FSF, Free
  Software Foundation) GNU Ÿ̽ Ŵ(GDBM) ȣȯȴ.
  ̷ Ű  ̿  ٸ ⺻ Ÿ̽ 鿣
   ϴ slapd     ̴.

  ü ⺻ ý۳ Ǵ  Ʈ Ʈν 
  Ű  ϳ   ִµ ̷ Ʈ ؼ ġ
  ʿ䰡 ִ.

  BerkekeyDB  Sleepycat Ʈ ٿε 
  <ttp://www.sleepycat.com/download.html>κ   ִ. 
   ̿  ִµ   ۼϴ  ֽ  
  3.1  õȴ.

  GDBM FSF ٿε Ʈ  <ftp://ftp.gnu.org/pub/gnu/gdbm>κ
    ִµ   ۼϴ   1.8  ֽ
  ̴.

  Threads

  OpenLDAP 带 ̿  ֵ Ǿ ִµ POSIX pthreads,
  Mach CThreads  ٸ  Ѵ. configure ũƮ
     ý ã  ٸ  ޼ ϴµ
  ̷  OpenLDAP FAQ Ʈ - ġ - ÷ Ʈ  ϱ
  ٶ.

  <http://www.openldap.org/faq>

  TCP Wrappers

  slapd TCP wrappers(IP    ) ̹ ġǾ ִٸ
  ̸ ϴµ    ϴ    TCP
  wrappers Ǵ ٸ IP   (IP  ȭ ϴ Ͱ
  )  õѴ.

  2.2.  Ű ٿε ޱ

  LDAP δ Michigan  LDAP  OpenLDAP   
   Ǵ LDAP    ݽ 丮 
   Ͽ    ִ(  
     ִ). OpenLDAP  Michigan  LDAP  ֽ
   ϴµ    ̿  ִ ϸ Ʈ ΰ
   ִ.   OpenLDAP   Ѵ.

  ֽ tar gzipped   ּҿ   ִ:

  <http://www.openldap.org/>

  Michigan  LDAP  ֽ   ּҿ   ִ:

  <ftp://terminator.rs.itd.umich.edu/ldap>

    ۼϱ  ڴ ֽ   1.2.11  
  2.0.4  ΰ OpenLDAP Ű ߴ. ü Ŀ 2.2.13
   ̴.

  OpenLDAP Ʈ  OpenLDAP  ֽ     ã
   ִ.   ŵǾ  ֽ   ֽ 
    openldap-stable-20000704.tgz openldap-2.0.4.tgz .

  2.3.  Ű  ϱ

  tar gzipped Ű   Ѵ.

  켱 Ű ϴ 丮,   /usr/local,  ϱ
  ٶ.

  ׸   ϱ ٶ:

       tar xvzf openldap-stable.tgz

       ִ:

   gunzip openldap-stable.tgz | tar xvf -

  2.4.  Ʈ ϱ

  Ʈ  Ʈ ġ  ֵ
  ȭ(customization)  ִ  ɼǵ ִ.

  Ʈ   ܰ迡  ȴ:

  o  Ʈ  丮   丮 include
     ġ ldapconfig.h.edit  Ѵ

  o  configure ũƮ Ų (ȣ ٸ configure
     ũƮ Ű  Make-common    ִ)

  include/ldapconfig.h.edit Ͼȿ slapd slurpd  ġ 
  ɼ   ִ. ü  ּó Ǿ ְ default 
  κ Ϲ   ݿϰ ִµ ϴٸ  ܰ踦
  ĥ  ִ:

       vi include/ldapconfig.h.edit

  OpenLDAP  ҽ ġ 丮, Ϸ Ŀ ÷׿  ɼ
     ũƮ Բ Ǵµ Ʈ 
  丮   Ų:

       ./configure --help

    Ʈ ġϱ  configure ũƮ 
  ȭ  ִ  û  ̴. ġ 丮 
    ɼ --prefix=pref, --exe-prefix=eprefix  --bindir=dir
   ִ.  Ϲ ɼǾ configure Ųٸ ũƮ
    ڵ ؼ default  ġ ġϱ 
  غ ̴.     Ų:

       ./configure

     Ǵ   ȭ鿡 µǴ   ٶ.

  2.5.   ϱ

  Ʈ    ϴµ 켱   ̿Ͽ
   Ѵ:
       make depend

    ̿Ͽ  Ѵ:

       make

     ȴٸ  ȴ  ̴. ׷ ʴٸ
    ϱ   ܰ ư ٶ. ÷
  Ǵ Ư ø ˻ؾ ϴµ Ʈ 
  丮 doc/install/hints  ִ.

  ̳ʸ man  ġѴ.  ġϴĿ  
  ʿ䰡 ִ.

       su
       make install

  ġ ϷǾ  ̳ʸ  ٸ ƿƼ Ǿ
  ̴. LDAP  ۵    ؼ ``'' 
  ٶ.

  OpenLDAP 2.0  ̳ʸ slapd̴. OpenLDAP 2.0 
  8 30 ǥǾµ RFC 2251 ǵ ٿ  Ldap  v2
  ϰ ִ.

  OpenLDAP 2.0  ֵ Ư¡  :

  o  LDAPv2 and LDAPv3 Support (RFC2251-2256,2829-2831)

  o  Maintenance of interoperability with existing clients

  o  IPv4 and IPv6 support

  o  Strong Authentication (SASL) (RFC2829)

  o  Start TLS (RFC2830)

  o  Language Tags (RFC2596)

  o  DNS-based service location (RFC2247+"locate" I-D)

  o  Enhanced Standalone Server

  o  Named References/ManageDsaIT ("nameref" I-D)

  o  Enhanced Access Control subsystem

  o  Thread pooling

  o  Preemptive threading support

  o  Multiple listener support

  o  LDIFv1 (RFC2849)

  o  Improved platform/subsystem detection

  Note: LDP(Linux Document Projext) LDAP Implementation HOWTO 
   ̴.   OpenLDAP 2.0  ο Ư¡ ̿ϱ ϴ
  鿡  ڷḦ  ̴.  ¥ 2000 12
  ̴.

  OpenLDAP Ű ֽ   ̳ʸ ϴ  
   ѵ   ̿Ͽ  ũƮ ų  ִ:

       make test

      ʴ´ٸ Ctrl-C  ߰ ų  ִ.
    ũƮ    ߰ ߾µ ·
  OpenLDAP    ޽   ־.

  3.  LDAP  ϱ

  Ʈ ġ   Ϸ Ʈ ϰ   ִµ
   slapd Ÿ   ũƮ  prefix 丮 Ǵ
  default /usr/local/etc/openldap 丮 ġ slapd.conf 
   ̷.

    slapd.conf ϳ Ϲ Ǵ 
  (configuration directive)  Ѵ.  Ʈ
  ؼ slap.conf(5) Ŵ   ٶ.   õ
  , 鿣 Ư  Ÿ Ư ι зȴ.  
    ׵ default (Ѵٸ)  ׵   
   ִ.

  3.1.    

  Slapd.conf  , 鿣 Ư  Ÿ̽ Ư
      Ǵµ ,  鿣 ¿
  õ   Ÿ̽ νϽ õ 
   ȴ.

   ô 鿣/Ǵ ͺ̽ ÿ ȿȭ  ,
  鿣 ô ͺ̽ ÿ  ȿȭ ִ.

  ΰ '#' ϴ ּ õǸ white space ϴ
      ȴ. Slapd.conf  Ϲ 
  :

  # global configuration directives
  <global config directives>

  # 鿣 definition
  鿣 <typeA>
  <鿣-specific directives>

  # first database definition & config directives
  database <typeA>
  <database-specific directives>

  # second database definition & config directives
  database <typeB>
  <database-specific directives>

  # second database definition & config directives
  database <typeA>
  <database-specific directives>

  # subsequent backend & database definitions & config directives
  ...

   ô μ   ִµ white space  Ѵ. μ
  white space Ѵٸ "like this"   οȣ ξ
  Ѵ. μ  οȣ Ǵ  `\' ϸ 
  ڰ ̵  տ ־ Ѵ.

   /usr/local/etc/openldap 丮 ġ  ִ  
   Ѵ. Ű (Ӽ ¿ ü Ŭ)  ټ
  ϵ /usr/local/etc/openldap/schema 丮 ġȴ.

  3.2.   

     õ 鿣 Ǵ Ÿ̽ ǿ Ư
  ȿȭ ʴ´ٸ  鿣忡 ȴ.  ؽƮ 
  üǴ μ <> ȣ ִ.

  access to <what> [ by <who> <accesslevel> <control> ]+

        ô Ѹ Ǵ  ̻ û(<who>  )  Ϸ Ʈ/Ǵ Ӽ(<what> 
       )  (<accesslevel>  ) Ѵ. λ ˰ ʹٸ   
        ٶ.

  attributetype <RFC2252 Attribute Type Description>

        ô Ӽ ¸ Ѵ.

  defaultaccess { none | compare | search | read | write }

   ô  ð  ʾ  ûڿ  default  Ѵ. 
  ־       Ѵ (, б  ˻ 񱳸 
  ⸦  ʴ´).

  Default:
  defaultaccess read

  idletimeout <integer>

        Ŭ̾Ʈ   ϱ  ٸ ð() Ѵ. Default 0ǰ ideltimeout
        Ư¡ ۵Ű ʴ´.

  include <filename>

        ô      ϱ  slapd  ־ Ϸκ ΰ  
       о  Ѵ. Included  Ϲ slapd config   Ѵ.  Ϲ
       Ű (specification) ִ ϵ ϱ ȴ.

  Note:  include     (loop) Ž
   ʱ   ø   ؾ Ѵ.

  loglevel <integer>

        ô  (statement) operation 谡 syslogged( syslogd(8) LOCAL4 α׵Ǿִ)
       Ǿ ϴ  Ѵ. ̰  ۵ǵ( ۵ǰ ִ    ϰ) OpenLDAP
       --enable-debug(default) ɼ  ߾ Ѵ. α  ΰ̴.  ڰ  
       뿡 شǴ  ϱ -?  ɼǰ Բ slapd Űų Ʒ ̺ ϱ
       ٶ. <integer>    :

       -1 enable all debugging
       0 no debugging
       1 trace function calls
       2 debug packet handling
       4 heavy trace debugging
       8 connection management
       16 print out packets sent and received
       32 search filter processing
       64 configuration file processing
       128 access control list processing
       256 stats log connections/operations/results
       512 stats log entries sent
       1024 print communication with shell backends
       2048 print entry parsing debugging

       :
       loglevel 255 or loglevel -1
       ̴ ſ    sysloggedǰ  ̴.
       Default: loglevel 256

  objectclass <RFC2252 Object Class Description>

   ô ü Ŭ Ѵ.

  referral <URI>

        ô û óϴ  Ÿ̽ ã    referral Ѵ.

       :
       referral ldap://root.openldap.org

       ̴ non-local ǿ  OpenLDAP Ʈ  Ʈ LDAP  ϶  ǹѴ. Smart LDAP
       Ŭ̾Ʈ   Ǹ  û , κ Ŭ̾Ʈ ȣƮ κа 
       Ǵ ̸ κ ϴ  LDAP URLs óϴ  ˷ Ѵٴ  ָϱ ٶ.

  sizelimit <integer>

        ô ˻  ϵǴ ִ Ʈ Ѵ.

       Default:
       sizelimit 500

  timelimit <integer>

        ô slapd ˻ û 亯ϱ   ִ ִð(ð, ) Ѵ. û  ð
         ʴ´ٸ ʰ timelimit ϴ  ϵ ̴.

       Default:
       timelimit 3600

  3.3.  Ϲ 鿣 ɼ

    õ  ׵ ǵ 鿣忡 Ǵµ 
   鿣尡  õ Ѵ. 鿣 ô   
  ͺ̽ νϽ   óĿ  ͺ̽
  ÿ  ȿȭ  ִ.

  backend <type>

        ô 鿣   Ÿ. <type> ldbm, shell, passwd Ǵ ٸ Ǵ 鿣  
       ϳ Ѵ.

  3.4.  Ϲ Ÿ̽ 

    õ  ׵ ǵ Ÿ̽ Ǵµ 
   Ÿ̽  õ Ѵ.
  database <type>

        ô ο ͺ̽ νϽ   Ÿ. <type> ldbm, shell, passwd Ǵ ٸ
       Ǵ 鿣  ϳѴ.

       :
       database ldbm

       ̴ LDBM 鿣 ͺ̽ νϽ   Ÿ.

  readonly { on | off }

        ô ͺ̽ "read-only"  . ͺ̽ Ϸ  õ
       "unwilling to perform""   ̴.

       Default:
       readonly off

  replica host=<hostname>[:<port>] [bindmethod={ simple | kerberos |
  sasl }] ["binddn=<DN>"] [mech=<mech>] [authcid=<identity>]
  [authzid=<identity>] [credentials=<password>] [srvtab=<filename>]

        ô ͺ̽ 纻 Ʈ Ѵ. host=  ȣƮ ɼ slave slapd νϽ
       ã  ִ Ʈ Ѵ. <hostname>   Ǵ IP ּҰ   ִ. <port> 
        ǥ LDAP Ʈ ѹ(389) ȴ.

       binddn=  slave slapd   bind DN ش. ̴ Ϲ slave config Ͽ rootdn
       ־µ slave slapd ͺ̽  б/   DN ̾ Ѵ.  slave slapd config
       ϳ updatedn ÿ ġؾ Ѵ. DN ߰ space   ֱ⶧ ü "binddn=<DN>" ڿ
        οȣ ξ Ѵ.

       bindmethod slave slapd    н忡  , Kerberos  Ǵ SASL 
       Ǵ  simple, kerveros Ǵ sasl ̴.

       Simple   Ἲ ̹ ȣ (, TLS Ǵ IPSEC) ʴٸ  ʾƾ Ѵ.
       Simple  binddn credential    ʿ Ѵ.

  Kerberos  SASL  ⱸ, Ư KERBEROUS_V4 GSSAPI ⱸ  ״  ϰ ִ. Kerberos
   binddn srvtab  ʿ Ѵ.

       SASL  Ϲ õǴµ mech  ϴ ⱸ   ʿ Ѵ. ī 
        identity /Ǵ credentials  authcid credentials Ͽ   ִ. authzid 
       ΰ(authorization) identity ϱ    ִ.

  replogfile <filename>

        ô slapd ׵  纻 α  ̸ Ѵ. replication α
       Ϲ slapd  ۼǸ slurpd  .   ô slurpd ͺ̽ ϱ
        Ǵ 츸 ȴ. ׷ slurpd ۵ ʴ Ʈ(transaction) α׸ ϱ
        ̸   ִ.     Ŀ  ֱ  ֱ  truncate
       ʿ䰡 ִ.

  rootdn <dn>

        ô ͺ̽ ۾ ϱ    Ǵ  Ѱ  ʿ ʴ DN
       Ѵ. DN 丮 Ʈ  ʿ䰡 . DN SASL identity   ִ.

       Entry-based Example:
       rootdn "cn=Manager, dc=example, dc=com"

       SASL-based Example:
       rootdn "uid=root@EXAMPLE.COM"

  rootpw <password>

        ô ־ DN  Ʈ ϴ Ǵ н带    ־ DN 
       ׻ ۿ н带 Ѵ.  ô SASL    ״  ϰ ִ.

       :
       rootpw secret

  suffix <dn suffix>

   ô 鿣 ͺ̽   DN ̻縦 Ѵ.  ̻  ־  
   ͺ̽ Ǹ   ϳ ʿϴ.

  :
  suffix "dc=example, dc=com"

  "dc=example, dc=com"  ǰ  鿣  ̴.

  Note: Ǹ Ѱ 鿣尡 õ   ͺ̽ ǿ ־  suffix  ã´.
    ͺ̽ suffix ٸ  prefix config Ͽ ߿ Ÿ Ѵ.

  updatedn <dn>

        ô  slave slapd شȴ. ̴ replica   DN Ѵ. ̴ replica  
       slurpd(8) bind DN Ǵ SASL identity õ DN   ִ.

       Entry-based Example:
       updatedn "cn=Update Daemon, dc=example, dc=com"

       SASL-based Example:
       updatedn "uid=slurpd@EXAMPLE.COM"

  updateref <URL>

        ô  slave slapd  شȴ. ̴ replica   û ϴ Ŭ̾Ʈ 亯ϴ
       URL Ѵ.  Ϸ  URL ´.

       : update  ldap://master.example.net

  3.5.  LDBM 鿣 Ư 

   ׸ ô  LDBM 鿣 ͺ̽ Ǹ "database
  ldbm"     ٸ "database"  տ  Ѵ.

  cachesize <integer>

        ô LDBM 鿣 ͺ̽ νϽ  Ǵ in-memory cache Ʈ ũ⸦ Ѵ.

       Default:
       cachesize 1000

  dbcachesize <integer>

   ô   ε ϰ õ in-memory cache Ʈ ũ⸦ Ѵ. ⺻ ͺ̽
    ʴ´ٸ ּó õȴ.     ޸  ǹ Ư
  ε  Ǵ   ȿ   ̴.

  Default:
  dbcachesize 100000

  dbnolocking

        ɼ Ѵٸ ͺ̽ locking  Ѵ.  ɼ ۵Ű   ߸鼭
        ų ̴.

  dbnosync

        ɼ ũ ͺ̽  ޸𸮳 ٲ 濡 ﰢ ȭ ʵ Ѵ.
        ɼ Ȱȭ     ų ̴.

  directory <directory>

        ô ͺ̽  ε ϴ LDBM  ̴ 丮 Ѵ.

       Default:
       directory /usr/local/var/openldap-ldbm

  index {<attrlist> | default} [pres,eq,approx,sub,none]

        ô ־ Ӽ   ε Ѵ.  <attrlist> ־ٸ Ʈ ε
       ȴ.

       :
       index default pres,eq
       index objectClass,uid
       index cn,sn eq,sub,approx

       ù °  present equality  Ʈ ε  Ѵ.  °  Ʈ(pret,eq)
       ε  objectClass uid Ӽ ¸  ǵ Ѵ.  °  equality, substring
       approximate ε cn sn Ӽ ¸  ǵ Ѵ.

  mode <integer>

        ô   ͺ̽ ε   ϴ  ȣ 带 Ѵ.

       Default:
       mode 0600

  3.6.  ٸ 鿣 Ÿ̽

  slapd Ʈ LDBM ̿ܿ  鿣 ͺ̽ ¸ Ѵ:

  o  ldbm: Berkeley or GNU DBM compatible backend

  o  passwd: Provides read-only access to /etc/passwd

  o  shell: Shell (extern program) backend

  o  sql: SQL Programmable backend

     λ ˱ ؼ slapd.conf(5) Ŵ   ٶ.

  3.7.    

  ``3.2''    ô ſ ѵ   
      ش. 켱, ణ  :

       access to * by * read

    ô   б  Ѵ.  ð
  ܵ Ÿ  defaultaccess ΰ .

       defaultaccess read

     ߿   ÿ DN  Ʈ ϴ
   ǥ   ش.

       access to dn=".*, o=U of M, c=US"
       by * search
       access to dn=".*, c=US"
       by * read

  ˻   "o=University of Michigan, c=US"  Ʈ
  Ʈ  c=Us  Ʈ Ʈ б  ȴ.
  ̷    Ǹ,  U-M Ʈ c=US Ʈ
  ϱ  U-M Ư ô  յ  .

      ÿ "by" (clause)  ߿伺
  ִµ Ư Ӽ پ <who> ڿ   ϴ
  Ӽ    ش.

  access to dn=".*, o=U of M, c=US" attr=homePhone
  by self write
  by dn=".*, o=U of M, c=US" search
  by domain=.*\.umich\.edu read
  by * compare
  access to dn=".*, o=U of M, c=US"
  by self write
  by dn=".*, o=U of M, c=US" search
  by * none

    "o=U of M, c=US" Ϻ Ʈ Ʈ ȴ. homePhone
    Ӽ鿡  Ʈ Ӽ   ְ, ٸ U-M
  Ʈ Ӽ鿡  ˻Ǹ     Ѵ.
  homePhone Ӽ Ʈ    ְ, ٸ U-M Ʈ 
  ˻  ְ, umich.edu  󿡼 ϴ Ŭ̾Ʈ 
    ְ, ٸ      ִ.

   Ư DN ڽ Ӽ ߰ Ǵ   ִ  ִ
   ϴ.   ׷ ؼ  Ͽ member
  Ӽ ׵  DN ߰    ְ ϰ ʹٸ
    ø ̿   ִ:

       access to attr=member,entry
       by dnattr=member selfwrite

  dnattr <who> ڴ  member Ӽ Ʈ Ʈ
   ش. selfwrite  ڴ  member ٸ 
   ׵ DN  Ӽ ߰     ش. 
  Ʈ Ӽ  ؼ Ʈ  ʿϱ  Ʈ
  Ӽ ߰ ʿϴ.

  <what> attr=member  "dn=* attr=member" ( ̰ 
  Ʈ member Ӽ յȴ) ӱ ָϱ ٶ.

  Note:Ldap        
  <http://openldap.org/> OpenLDAP  ħ .

  3.8.    

    ؽƮ ִ   ̴. ̴ X.500 Ʈ
   κе ٷ  LDBM Ÿ̽ νϽ  
  ͺ̽ Ѵ.  ڴ     Ͽ
  . 켱   κ:

  o  1.   # example config file - global configuration section

  o  2.   include /usr/local/etc/schema/core.schema

  o  3.   referral ldap://root.openldap.org

  o  4.   access to * by * read

   1 ̴ּ.  2 ٽ Ű Ǹ  ٸ config 
  Ѵ.  3 referral ô ؿ ǵ ͺ̽  ϳ
   ƴ Ǵ root.openldap.org ȣƮ ǥ Ʈ(389)
  ۵Ǵ LDAP    ǹѴ.

   4    յǴ ͺ̽  
  ų Ǵ Ÿ ü Root DSE   ͺ̽ Ͽ
   ȴ.

     κ Ʈ "dc=example,dc=com" κп ִ 뿡
   Ǹ ٷ LDBM 鿣带 Ѵ. ͺ̽ 
  truelies judgementday   slapd   ̴. ε 
  Ӽ  Ǹ userPassword Ӽ ΰ   
  ȣȴ.

  o  5.   # ldbm definition for the example.com

  o  6.   database ldbm

  o  7.   suffix "dc=example, dc=com"

  o  8.   directory /usr/local/var/openldap

  o  9.   rootdn "cn=Manager, dc=example, dc=com"

  o  10.  rootpw secret

  o  11.  # replication directives

  o  12.  replogfile /usr/local/var/openldap/slapd.replog

  o  13.  replica host=slave1.example.com:389

  o  14.              binddn="cn=Replicator, dc=example, dc=com"

  o  15.              bindmethod=simple credentials=secret

  o  16.  replica host=slave2.example.com

  o  17.              binddn="cn=Replicator, dc=example, dc=com"

  o  18.              bindmethod=simple credentials=secret

  o  19.  # indexed attribute definitions

  o  20.  index uid pres,eq

  o  21.  index cn,sn,uid pres,eq,approx,sub

  o  22.  index objectClass eq

  o  23.  # ldbm access control definitions

  o  24.  access to attr=userPassword

  o  25.               by self write

  o  26.               by anonymous auth

  o  27.               by dn="cn=Admin,dc=example,dc=com" write

  o  28.               by * none

  o  29.  access to *

  o  30.               by self write

  o  31.               by dn="cn=Admin,dc=example,dc=com" write

  o  32.               by * read

   5 ̴ּ.  6 ͺ̽ Ű忡  ͺ̽
  ǰ ۵ȴ.  7  ͺ̽  ǿ  DN
  suffix Ѵ.  8 ͺ̽   丮
  Ѵ.

   9 10 ͺ̽ "super user" Ʈ  н带
  Ѵ.  Ʈ   Ǵ ũ Ǵ ð Ѱ 
  ʿ  ʴ´.

   11-18 纻    11 纻 α 
  Ѵ (ͺ̽    ϵǴµ slapd  
   slurpd   ).  12-14  ȣƮ 
  ȣƮ Ӱ Ʈ, Ҷ bind DN, binddn  bind
  () credentials(н) Ѵ.  15-18  °
  纻 Ʈ Ѵ.

  20-22 پ Ӽ  Ǵ ε Ų.

   24-32 ͺ̽ Ʈ    Ѵ.
   Ʈ  userPassword Ʈ ü  "admin" Ʈ 
    ִ. ̴ /ΰ     ׷  
    .  ٸ Ӽ Ʈ "admin" Ʈ   
    ڿ    ִ.

      κ ٸ LDBM ͺ̽ ϴµ 
  ͺ̽ dc=example,dc=net  Ʈ  Ǹ óѴ.
   38 ٸ  4 ִ   Ģ  б 
     ָϱ ٶ.

  o  33.  # ldbm definition for example.net

  o  34.  database ldbm

  o  35.  suffix "dc=example, dc=net"

  o  36.  directory /usr/local/var/ldbm-example-net

  o  37.  rootdn "cn=Manager, dc=example, dc=com"

  o  38.  access to * by users read

  4.  LDAP  ϱ

  slapd ĵ  μ ۵ǵ Ǿ ־  ĳ
  ̿, ⺻ ͺ̽  ۿ  ó  ý ڿ ȣ
    ִ. inetd(8)κ ۵ ɼ ƴϴ.

  4.1.  Command Line Options

  slapd ޴    ٿ   command-line
  ɼ Ѵ.   Ϲ  Ǵ ణ ɼ 
  Ѵ:

  -f <filename>

   ɼ slapd  ü   Ѵ. Ʈ  /usr/local/etc/openldap/slapd.conf ̴.

  -h <URLs>

        ɼ ü listener  Ѵ. Ʈ ldap:///  Ʈ LDAPƮ 389 TCP ̽ 
       LDAP ǹѴ. ȣƮ-Ʈ   ldaps:// Ǵ ldapi://   ٸ  ȹ   ִ.
       , -h "ldaps:// ldap:/127.0.0.1:667"   listener  ̴: ϳ Ʈ LDAP/SSL Ʈ
       636  ̽ SSL ̿ϴ LDAP̰ ٸ ϳ Ʈ 667  ȣƮ(,loopback)
       TCP ̿ LDAP. ȣƮ IPv4 dotted-decimal  Ǵ ȣƮ  Ͽ   ִ.
       Ʈ ġ Ѵ.

  -n <service-name>

        ɼ α ٸ   Ǵ  ̸ Ѵ. Ʈ  ̸ slapd̴.

  -l <syslog-local-user>

        ɼ syslog(8)    ڸ Ѵ. LOCAL0, LOCAL1, LOCAL2,...,  LOCAL7  ִ.
       Ʈ LOCAL4̴.  ɼ  ýۿ    ִ.

  -u user -g group

        ɼǵ   ۵ϴ ڿ ׷ Ѵ. ڿ ׷    ׷ ̸
       uid  gid   ִ.

  -r directory

        ɼ Ÿ 丮 Ѵ. slapd listener   ׷   б  Ǵ
        鿣带 ʱȭϱ   丮 chroot(2)  ̴.

  -d <level> | ?

   ɼ slapd   <level> Ѵ.  `?'    ɼǿ  پ
    µǸ slapd  ȴ.     :

  -1  enable all debugging
  0  no debugging
  1  trace function calls
  2  debug packet handling
  4  heavy trace debugging
  8  connection management
  16  print out packets sent and received
  32  search filter processing
  64  configuration file processing
  128  access control list processing
  256  stats log connections/operations/results
  512  stats log entries sent
  1024  print communication with shell 鿣s
  2048  print entry parsing debugging

   ϴ    ɼ ν   ۵ų  ִ.    
  ΰ̱      ִ. , function call tracing ؼ config 
  μ̵Ǵ   Ѵٸ ̷   (  -d 65)     ̴.
  Ǵ slapd   ϵ   ִ(, -d 1 -d 64).   λ ˱ ؼ <ldap.h> 
  ϱ ٶ.

  Note: slapd   stats  ̻    ̿  ֵ ǵ -DLDAP_DEBUG ɼ
   ϵǾ־ Ѵ.

  4.2.  LDAP  ϱ

  Ϲ slapd    Ų:

  /usr/local/etc/libexec/slapd [<option>]*

  /usr/local/etc/libexec configure  Ǹ <option> 
   ɼ(Ǵ slapd(8))  ϳ̴.   0 Ͽ 
    ʴ´ٸ slapd ڵ б(fork)Ͽ  ڽ
   ͹̳ηκ иؼ ׶忡 ȴ.

  4.3.  LDAP  ϱ

  slapd ϰ Ű    Ѿ Ѵ:

  kill -TERM `cat $(ETCDIR)/slapd.pid`

     slapd ϴ  װ  پ
  ۸ flush  ʿ䰡   ֱ  LDBM ͺ̽
  ջų  ִ. slapd ڽ pid slapd.conf Ͽ ߴ
  丮( /usr/local/var/slapd.pid) slapd.pid Ͽ
  ٴ  ָض.

  include/ldapconfig.h.edit  SLAD_PIDFILE  ν 
  pid  ġ   ִ.

  Slapd  slapd.conf Ͽ ߴ 丮(
  /usr/local/var/slapd.args) slapd.args Ͽ  μ 
  ̴.

  include/ldapconfig.h.edit.  SLAPD_ARGSFILE  ν
  args  ġ   ִ.
  5.  Ÿ̽   

    scratchκ slapd Ÿ̽ ϴ  
  Ѵ. Ÿ̽ ΰ    ִ. ù°, LDAP
  ̿Ͽ ¶λ󿡼 ͺ̽   ִµ  slapd
  ϰ  LDAP Ŭ̾Ʈ ̿Ͽ Ʈ ָ߰ ȴ.
      ͺ̽ ؼ   
  (䱸   Ǵ õ Ʈ).

   ° ε   ̿Ͽ λ󿡼 ͺ̽
  ϴ ε LDAP  ̿  ſ  ð ҿ  ִ
   Ʈ  Ǵ ͺ̽ Ǵ   ʱ⸦
     ̴.

  5.1.  ¶λ󿡼 Ÿ̽ ϱ

  OpenLDAP Ʈ Ű LDAP  ۵߿ Ʈ ߰ϴµ
  ϴ ldapadd ƿƼ ϰ ִ. ¶λ󿡼 ͺ̽
  Ϸ Ѵٸ Ʈ ߰  ldapadd    ִ. ù
  ° Ʈ ߰    Ʈ ߰ϱ  ldapadd
    ִ. slapd ϱ  slapd.conf Ͽ  ɼ
  Ǿ  Ȯؾ Ѵ.

  suffix <dn>

  ``3''  ٿ   ɼ  Ʈ  Ÿ̽
  ִ ִµ ̸ Ϸ ϴ  Ʈ Ʈ DN
  ؾ Ѵ:

  suffix "o=TUDelft, c=NL"

  ε  Ǿ ̴ 丮  Ȯ ־ Ѵ:

  directory <directory>

  :

  directory /usr/local/tudelft

  Ʈ ߰  ִ 㰡   slapd   
  ֵ  ʿ䰡 ִµ ̴ ͺ̽ ǿ   ɼ
   ̷:

  rootdn <dn>

  rootpw <passwd> /* ȣȭ н带 ϴ  ض !!! */

   ɼǵ ͺ̽  Ʈ( ۾̵   ִ
  Ʈ) ϴµ   ִ DN password Ѵ. ⼭
   DN password  ̸  Ʈ ϵ Ǵ
  Ʈ  н带    ۵Ѵ. ̴  
  Ʈ ϱ⵵    ϰ  Ʈ
  ߰ϴ chicken and egg (Ƹ    ϴ )
   ذѴ.

   ͺ̽ ǰ ϴ ε Ǹ ϴ
  Ȯؾ Ѵ:

  index {<attrlist> | default} [pres,eq,approx,sub,none]

   cn, sn, uid  objectclass Ӽ εϱ   ε
      ִ.

  index cn,sn,uid

  index objectclass pres,eq

  index default none

  ⿡ ° ߴٸ slapd ϰ LDAP Ŭ̾Ʈ Ͽ
  Ʈ ߰ ض.  ldapadd  ̿Ͽ TUDelft
  Ʈ Postmaster Ʈ  ߰ϱ    
  /tmp/newentry    ִ:

       o=TUDelft, c=NL
       objectClass=organization
       description=Technical University of Delft Netherlands

       cn=Postmaster, o=TUDelft, c=NL
       objectClass=organizationalRole
       cn=Postmaster description= TUDelft postmaster - postmaster@tudelft.nl

  ׸ Ʈ  ϱ    Ѵ:

       ldapadd -f /tmp/newentry -D "cn=Manager, o=TUDelft, c=NL" -w secret

    rootdn "cn=Manager, o=TUDelft, c=NL"  rootpw
  "secret" ߴٰ Ѵ. command-line 󿡼 н带
  Ÿϱ  ʴ´ٸ -w "password"  ldapadd ɿ  -W
  ɼ ض. н带 Էϴ Ʈ    ̴:

       ldapadd -f /tmp/newentry -D "cn=Manager, o=TUDelft, c=NL" -W
       Enter LDAP Password:

  5.2.  λ󿡼 Ÿ̽ ϱ

  ͺ̽ ϴ  °    ε 
   ̿Ͽ λ󿡼 ۾ ϴ ε LDAP  ̿
   ſ  ð ҿ  ִ  Ʈ  Ǵ
  ͺ̽ Ǵ   ʱ⸦   
  ̴.   slapd  ϰ ߰Ǵ Ʈ ؽƮ ǥ
  ϴ Է LDIF  о̴µ LDBM ε  
  Ѵ. config  ͺ̽ ǿ 켱 Ȯ 
  ϱ ϴ  ߿  ɼ ִ:

  suffix <dn>

     ٿ ,  ɼ  Ʈ 
  Ÿ̽  ִ ִµ ̸ Ϸ ϴ Ϻ
  Ʈ Ʈ DN ؾ Ѵ. :

  suffix "o=TUDelft, c=NL"

  ε  Ǿ ̴ 丮  Ȯ ־ Ѵ.

  directory <directory>

  :

  directory /usr/local/tudelft

   Ƹ   ε  ϴ in-core ĳ ũ⸦
  Ű   ִµ ε  ֻ   ü
  ε ޸𸮻  Ѵ. Ͱ ޸𸮿 ø  
  ϰų Ǵ ޸𸮰 ʹ ۴ٸ ޸ ũ⸦ Űų ¡
  ý ۵ų  ִ.  ũ  ɼǿ  ȴ:

  dbcachesize <integer>

  : dbcachesize 50000000

   ɼ  ū(Michigan п ͺ̽ 뷫 125K Ʈ
    ū ε  뷫 45MB ̴) 50MB ũ ĳø 
  ̴. ý  ɼ  ֻ ۵ϴ  캸 
   Ʈ Ʒ Ǵ parallelism  ȭŰ鼭
  غ.  ε  ϴ Ǹ slapd Ű  
   ҽŰ   .

    ε ϱ ϴ  ʿ䰡 ִµ ̴
  ϳ Ǵ  ̻ ε ɼǿ  ȴ:

  index {<attrlist> | default} [pres,eq,approx,sub,none]

  :

  index cn,sn,uid pres,eq,approx

  index default none

  ̴ cn, sn uid Ӽ  presence, equality  approximate
  ε ϸ  ٸ Ӽ ؼ ε  
  ̴.  ɼǿ      ؼ ``3'' 
   .

  ⿡ ° ߴٸ slapadd(8) α׷ Ŵν ⺻
  ͺ̽  ε Ѵ:

  slapadd -l <inputfile> -f <slapdconfigfile> [-d <debuglevel>] [-n
  <integer>|-b <suffix>]

  μ  ǹ̸ ´:

       -l <inputfile>

  ؽƮ · ߰Ǵ Ʈ  LDIF Է  Ѵ(
   ).

       -f <slapdconfigfile>

  ε  ϴ,  ε ϴ  ִ
  slapd   Ѵ.

       -d <debuglevel>

  <debuglevel>    ۵Ų.   slapd 
    . 4.1  ɼ .

       -n <databasenumber>

   ͺ̽ Ǵ° ϴ  μ  Ͽ
  õ ù ° ͺ̽ 1,  ° 2  ǥȴ. Ʈ
    ù ° ldbm ͺ̽ ȴ. -b ɼǰ Բ
  Ǽ ȵȴ.

       -b <suffix>

   ͺ̽ Ǵ° ϴ  μ ͺ̽
  ѹ ϱ  ͺ̽ suffix ÿ յ ʴ´. -n
  ɼǰ Բ Ǽ ȵȴ.

  slapd.conf(5)   Ŀ   ε  
  ʿ䰡   ִµ ̴ slapindex(8) α׷ ̿Ͽ ϴ.
  slapindex    Ų:

  slapindex -f <slapdconfigfile> [-d <debuglevel>] [-n
  <databasenumber>|-b <suffix>]

  -f, -d, -n  -b ɼ slapadd(1) α׷  ɼǰ ϴ.
  slapindex  ͺ̽ 뿡   ε 
  Ѵ.

  ͺ̽ LDIF Ϸ (dump)ϴµ Ǵ slapcat ̶
  α׷ ִµ ̴ ͺ̽   ִ(human-readable)
   Ҷ ͺ̽  󿡼 Ϸ  
  ϴ.   α׷   Ų:

  slapcat -l <filename> -f <slapdconfigfile> [-d <debuglevel>] [-n
  <databasenumber>|-b <suffix>]

  -n Ǵ -b ɼ -f Ͽ  slapd.conf(5)
  ͺ̽ ϴµ ȴ. ش LDIF  ǥ  Ǵ -l
  ɼ Ͽ  Ͽ ۼȴ.

  5.3.  More on the LDIF format

  LDAP Data Interchange Format (LDIF)  ؽƮ  LDAP
  Ʈ ǥϱ  ȴ. Ʈ ⺻ :

       #comment
       dn: <distinguished name>
       <attrdesc>; <attrvalue>
       <attrdesc>; <attrvalue>
       ...

  `#' ڷ ϴ ε ̴ּ. Ӽ (attrdesc) cn Ǵ
  objectClasse Ǵ 1.2.3(Ӽ ¿ õ OID)   Ӽ
  ̰ų cn:lang_en_US Ǵ userCertificate;binay  ɼ 
   ִ.

   single space Ǵ tab ڷ   ν ӵ 
  ִ. :

       dn: cn=Barbara J Jensen, dc=example, dc=
        com
       cn: Barbara
             Jensen

  

       dn: cn=Barbara J Jensen, dc=example, dc=com
       cn: Barbara J Jensen

   ϴ.

   Ӽ   ο ȴ. :

       cn: Barbara J Jensen
       cn: Babs Jensen

  <attrvalue> µ ʴ ڵ ϰų  Ǵ space, ݷ(':')
  Ǵ '<'  ۵ȴٸ, <attrdesc>  ݷа base64 
  ȣȭ  ´.  "space "Ǵ   
  ȣȭ ̴:

        cn:: IGJlZ2lucyB3aXRoIGEgc3BhY2U=

  Ӽ ϴ URL   ִ. ,  jpegPhoto
   /path/to/file.jpg Ϸκ   Ѵ.

       cn:<file://path/to/file.jpeg

   LDIF ϳ  Ʈ blank  ȴ.  
  Ʈ  LDIF    :

       # Barbara's Entry
       dn: cn=Barbara J Jensen, dc=example, dc=com
       cn: Barbara J Jensen
       cn: Babs Jensen
       objectClass: person
       sn: Jensen

       # Bjorn's Entry
       dn: cn=Bjorn J Jensen, dc=example, dc=com
       cn: Bjorn J Jensen
       cn: Bjorn Jensen
       objectClass: person
       sn: Jensen
       # Base64 encoded JPEG photo
       jpegPhoto:: /9j/4AAQSkZJRgABAAAAAQABAAD/2wBDABALD
       A4MChAODQ4SERATGCgaGBYWGDEjJR0oOjM9PDkzODdASFxOQ
       ERXRTc4UG1RV19iZ2hnPk1xeXBkeFxlZ2P/2wBDARESEhgVG

       # Jennifer's Entry
       dn: cn=Jennifer J Jensen, dc=example, dc=com
       cn: Jennifer J Jensen
       cn: Jennifer Jensen
       objectClass: person
       sn: Jensen
       # JPEG photo from file
       jpegPhoto:<file://path/to/file.jpeg

  Bjorn Ʈ jpegPhoto base64 ȣȭǾ ְ Jennifer Ʈ
  jpegPhoto URL Ű ġκ  ָ϶.

  trailing space LDIF  κ    
   space  ʴ´. ͳ trailing  space
   ʴ´ٸ ű⿡ ׵  .

  5.4.  The ldapsearch, ldapdelete and ldapmodify utilities

  ladpsearch - ldapsearch  ldap_search(3) ̺귯 ݿ  
    ִ ̽ LDAP ͺ̽ 鿣 Ʈ
  ˻ϱ  Ѵ.

  ldapsearch ȣϱ     ( ɼ ǹ̸ ˱
   ldapsearch man  ãƺ):

       ldapsearch  [-n]  [-u]  [-v]  [-k]  [-K]  [-t]  [-A] [-B] [-L] [-R] [-d debuglevel] [-F sep] [-f file]
       [-D binddn]  [-W]  [-w bindpasswd] [-h ldaphost]  [-p ldapport]   [-b searchbase]   [-s base|one|sub]
       [-a never|always|search|find] [-l timelimit] [-z sizelimit] filter [attrs...]

  ladpsearch LDAP  , ε ͸ ̿Ͽ ˻
  Ѵ.  ʹ RFC 1558 ǵ Ͱ  LDAP Ϳ  ڿ
  ǥ  Ѵ. ldapsearch ϳ Ǵ  ̻ Ʈ ã
  attrs   Ӽ ˻Ǿ Ʈ  ǥ 
  µȴ. attrs õ   Ӽ ǵش.

   ldapsearch  ̴:

       ldapsearch -b 'o=TUDelft,c=NL' 'objectclass=*'

       ldapsearch -b 'o=TUDelft,c=NL' 'cn=Rene van Leuken'

       ldasearch -u -b 'o=TUDelft,c=NL' 'cn=Luiz Malere' sn mail

  -b ɼ searchbase(initial search point, ʱ ˻ ) -u ɼ
  ڿ (userfriendly)   Ÿ.

  ldapdelete - ldapdelete ldap_delete(3) ̺귯 ݿ  
    ִ ̽ LDAP ͺ̽ 鿣 Ʈ
  ϱ  Ѵ.

  ldapdelete ȣϱ     ( ɼ ǹ̸ ˱
   ldapdelete man  ãƺ):

       ldapdelete   [-n]   [-v]  [-k]  [-K]  [-c]  [-d debuglevel]  [-f file]  [-D binddn]  [-W]  [-w passwd]
       [-h ldaphost] [-p ldapport] [dn]...

  ldapdelete LDAP  , ϳ Ǵ  ̻ Ʈ ε
  Ѵ. ϳ Ǵ  ̻ dn μ Ǹ ̷ DN 
  Ʈ ȴ.  dn RFC 1779 ǵ Ͱ  ڿ ǥ
  DN ̾ Ѵ. dn μ ٸ DN Ʈ ǥ Է(Ǵ -f
  flag ȴٸ )κ .

   ldapdelete  ̴:

       ldapdelete 'cn=Luiz Malere,o=TUDelft,c=NL'

       ldapdelete -v 'cn=Rene van Leuken,o=TUDelft,c=NL' -D 'cn=Luiz malere,o=TUDelft,c=NL' -W

  -v ɼ verbose , -D ɼ Binddn(Ǿ ϴ dn), -W
  ɼ н Ʈ Ÿ.

  ldapmodify - ldapmodify  ldap_modify(5) ldap_add ̺귯 ݿ
      ִ ̽ LDAP ͺ̽ 鿣
  Ʈ ϱ  Ѵ.

  ldapmodify ȣϱ    ( ɼ ǹ̸ ˱
   ldapmodify man  ãƺ)

       ldapmodify   [-a]  [-b]  [-c]  [-r]  [-n]  [-v]  [-k]  [-d debuglevel]  [-D binddn]  [-W]  [-w passwd]
       [-h ldaphost] [-p ldapport] [-f file]

       ldapadd [-b] [-c] [-r] [-n] [-v]  [-k]  [-K]  [-d debuglevel]  [-D binddn]  [-w passwd]  [-h ldaphost]
       [-p ldapport] [-f file]

  ldapadd ldapmodify   ϵ ũǾ Ǵµ ldapadd
    ldapmodify -a (ο Ʈ ߰) flag  ڵ
  ȴ. ldapmodify LDAP  , ε Ʈ  Ǵ
  ߰Ѵ. Ʈ  ǥ Է Ǵ -f ɼ  Ϸκ
  .

   ldapmodify  ̴:

  /tmp/entrymods  ϰ    ִٰ Ѵ:

       dn: cn=Modify Me, o=University of Michigan, c=US
       changetype: modify
       replace: mail
       mail: modme@terminator.rs.itd.umich.edu
       -
       add: title
       title: Grand Poobah
       -
       add: jpegPhoto
       jpegPhoto: /tmp/modme.jpeg
       -
       delete: description
       -

  :

       ldapmodify -b -r -f /tmp/entrymods

  ̴ "Modify Me" Ʈ  Ӽ 
  "modme@terminator.rs.itd.umich.edu" üϰ, "Grand Poobah"
  ŸƲ /tmp/modme.jpeg   jpegPhoto ߰ϸ,
  description Ӽ  Ѵ.

      ldapmodify Է  ̿Ͽ  
  ִ:

       cn=Modify Me, o=University of Michigan, c=US mail=modme@terminator.rs.itd.umich.edu
       +title=Grand Poobah
       +jpegPhoto=/tmp/modme.jpeg
       -description

    Ų: ldapmodify -b -r -f /tmp/entrymods

  /tmp/newentry  ϰ   ´ٰ Ѵ:

  dn: cn=Barbara Jensen, o=University of Michigan, c=US
  objectClass: person
  cn: Barbara Jensen
  cn: Babs Jensen
  sn: Jensen
  title: the world's most famous manager
  mail: bjensen@terminator.rs.itd.umich.edu
  uid: bjensen

    Ų:

       ldapadd -f /tmp/entrymods

  /tmp/newentry  ϰ   ´ٰ Ѵ:

       dn: cn=Barbara Jensen, o=University of Michigan, c=US
       changetype: delete

    Babs Jensen Ʈ Ѵ:

       ldapmodify -f /tmp/entrymods

  -f ɼ (ǥ Է´ Ϸκ   д), -b ɼ
  ̳ʸ(Է  '/' ۵Ǵ   ̳ʸ ؼȴ),
  -r ɼ ü(Ʈ   üѴ) Ÿ.

  6.  ΰ  Ư¡

    丮 ϴµ   ִ LDAP Ŭ̾Ʈ
  Netscape Address Book   ٷ.  ݽ ׺
   4.5 Ǵ  ̻ LDAP  ̿Ͽ ο (roaming
  access) ϴ   λ׵ Ѵ. ο  
   ʱ  OpenLDAP ϸ Ʈ ſ  ǵǰ
  ִµ κ ڵ LDAP  ٿε  ε带 ϴ ݸ
  ݽ ׺Ͱ LDAP  Բ ۵Ǵ  
  ʴ´.     ο  ϴ Ĵ ۵
  ʴ´ ϴ ġ ⸦ ٶ.  ̷  ̹
   Դ.   鿡 LDAP  ɼ  ̵
  ϱ  ̷ Ư¡ ҰѴ. slapd μ ϰ ϴ
  Ͱ slapd α׿  ټ  ȴ.

  6.1.  ο (Roaming Access)

  ο  ϸ ݻ  ִ ݽ ׺Ϳ
  LDAP ̿Ͽ ϸũ, preference,     
  ִµ ̴ ſ  Ư¡̴.   ϴ 
       ִٰ غ. ߿  ϸũ
   ȭ Ʈ  ʿ䰡 ִٸ  . ϸũ
  ٸ ϵ LDAP  εؼ   ҿ ִ
  ׵    ִ.

  ο  ϱ  ܰ踦  Ѵ:

  o  slapd.conf Ͽ ο Ű(schema)  Ѵ

  o  slapd.conf  Ÿ̽ κп  ʵ带 Ѵ

  o  ο   ϴ ڵ鿡   Ʈ
     ÷ν Ldif  Ѵ

  o  LDAP  ο   ϱ  ݽ
     ׺͸ Ѵ

  o  ο   LDAP  Ѵ

  - ο Ű  ϱ:  κ   ٿֱ 
  .schema Ȯڸ  ؽƮ Ϸ Ѵ. 밳  
  /usr/local/etc/openldap/schema 丮  ̴. Ѵٸ
    <http://home.kabelfoon.nl/~hvdkooij/mull.schema>κ
  ٿ  ִ. slapd.conf Ͽ   core.schema 
   ؾ  ϶:

       include /usr/local/etc/schema/core.schema

  #        Ű core Ű Ǵ   Ѵ

  # ݽ ο   OpenLDAP v2  ϴµ 
  # ̴   ̸ Ÿ̽ Ѵ.
  attributeType ( 1.3.6.1.4.1.7081.1.1.1
           NAME 'nsLIProfileName'
           DESC 'Store Netscape Roaming Profile name'
           EQUALITY caseIgnoreMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

  # ݽ ο   OpenLDAP v2  ϴµ 
  attributeType ( 1.3.6.1.4.1.7081.1.1.2
           NAME 'nsLIPrefs'
           DESC 'Store Netscape Roaming Profile preferences'
           EQUALITY caseExactIA5Match
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

  # ݽ ο   OpenLDAP v2  ϴµ 
  attributeType ( 1.3.6.1.4.1.7081.1.1.3
           NAME 'nsLIElementType'
           DESC ''
           EQUALITY caseIgnoreMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

  # ݽ ο   OpenLDAP v2  ϴµ 
  attributeType ( 1.3.6.1.4.1.7081.1.1.4
           NAME 'nsLIData'
           DESC 'Store the actual data blocks'
           EQUALITY bitStringMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

  # ݽ ο   OpenLDAP v2  ϴµ 
  attributeType ( 1.3.6.1.4.1.7081.1.1.5
           NAME 'nsLIVersion'
           DESC 'Store Netscape Roaming Profile version'
           EQUALITY integerMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )

  # ݽ ο   OpenLDAP v2  ϴµ 
  # ̴ ο  ⺻ ڷ LDAP Ÿ̽ 
  # ϱ Ǿ Ѵ.
  objectClass ( 1.3.6.1.4.1.7081.1.2.1
           NAME 'nsLIProfile'
           DESC 'Base holder of the NetScape Roaming Profile'
           SUP top
           MUST ( objectClass $ nsLIProfileName )
           MAY ( nsLIPrefs $ uid $ owner )
           )

  # ݽ ο   OpenLDAP v2  ϴµ 
  #  ü Ŭ  Ÿ  ̴.
  objectClass ( 1.3.6.1.4.1.7081.1.2.2
           NAME 'nsLIProfileElement'
           DESC 'Contains the actual Roaming Profile data'
           SUP top
           MUST ( objectClass $ nsLIElementType )
           MAY ( owner $ nsLIData $ nsLIVersion )
           )

  # EOF

  -  ʵ ϱ: ݽ  Ÿ  纻
  LDAP     Ȯϱ  Ÿ̽ 
  ð  ʿ䰡 ִ. slapd.conf  Ÿ̽ κп
      ÷ϴ  ϴ:

       lastmod on

  - Ldif  ϱ: ݽ ο  Ư¡ ̿Ϸ
  ϴ  ڵ Ldif Ͽ  Ʈ ʿ Ѵ. 
  Ʈ   Ldif   :

       dn: o=myOrg,c=NL
       o: myOrg
       objectclass: organization

       dn: cn=seallers,ou=People,o=myOrg,c=NL
       cn: seallers
       userpassword: myPassword
       objectclass: top
       objectclass: person

       dn: nsLIProfileName=seallers,ou=Roaming,o=myOrg,c=NL
       nsLIProfileName: seallers
       owner: cn=seallers,ou=People,o=myOrg,c=NL
       objectclass: top
       objectclass: nsLIProfile

   Ʈ ``ldapadd'' α׷ ̿Ͽ ߰  ִ. Ƹ
   ο  (dn: nsLIProfileName=...) ġϴ Ʈ
  ߰ ʿ䰡  ̴.

  - ݽ ׺ ϱ:  ܰ LDAP   ο
   ۵ǵ ݽ ϴ ̴.   :

  Go to Menu Edit -> Preferences -> Roaming User

   ɼǿ شϴ üũڽ Ŭν  Ͽ  ó
  ο  ۵ѾѴ.

    username ڽ µ ̴ LDIF   
  Ʈ nsLIProfileName= κа ġؾ Ѵ. : sealers

  ο   ɼ   Preferences Window  ִ
  ο  ɼ ȭǥ ŬѴ.

    Ŭϰ LDAP  ɼ ȰȭŰ   ڽ
  .

  Address: ldap://myHost/nsLIProfileName=$USERID,ou=Roaming,o=myOrg,c=NL

  User DN: cn=$USERID,ou=People,o=myOrg,c=NL

  IMPORTANT: ݽ  Ű  ڵ
  $USERID   ̸ üѴ. ׷  sealler
  ϸ $USERID sealler üϰ  gonzales ϸ
  $USERID gonzales üѴ. Ͽ ͼġ ʴٸ ݽ
  Ŀ´ Ű ִ  Ŵ ø̼ Ѷ.
  ̴  ӽſ     ֵ 
  ø̼    ڽ    
  ִ.

    ϴ ̴. ̸ ϰ ϴ  ٽ
  ϴ   ``4.2'' ``4''  ٶ.

  6.2.  ݽ ּҷ

  LDAP  ϰ ִٸ   Ŭ̾Ʈ(
  ldapsearch command line utiltity) ̿Ͽ    ִµ
  ſ ̷ο  ݽ ּҷ̴. ̴ ݽ 4.x 
  ̿   LDAP   ȣ ؼ 4.5 Ǵ 
  ̻  ؾ Ѵ.

    :

  Open Netscape Navigator -> Go to Communicator Menu -> Address Book

  ݽ ּҷ  default LDAP 丮 Բ ۵  ִµ
   LDAP 丮 ߰ؾ Ѵ.

  Go to File Menu -> New Directory

    ڽ . :

  - Description: TUDelft

  - LDAP Server: dutedin.et.tudelft.nl

  - Server Root: o=TUDelft, c=NL

  Default LDAP Ʈ 389ε  Ҷ  ɼ 
  ʾҴٸ ̸  ٶ.

  box Show Names Containing ̿   Ǵ Search for
  button ̿  Ǹ غ.

  6.3.  LDAP Migration Tools

  LDAP ̵    LDIF  ȯϴµ Ǵ 
  ũƮ ε PADL Ʈ ȸ翡 ȴ. ڴ ̸
  ϱ,    , ̼ о 
  Ѵ.  ڸ ϱ  LDAP  ̿ ȹ̶ 
  ¸ſ  ̴. NIS Ǵ password ī̺ LDAP 
  ȣȯǰ ϴ LDIF  ȯϱ  ̵  ϶. 
  , ׷, ٸ(aliases), ȣƮ, ݱ׷, , RPCs
  񽺸   (NIS, flat ϰ NetInfo)κ LDIF
   ̵ϱ  ũƮ ϶. LDAP ̵ 
  ٿε     ؼ  ּҷ :

       <http://www.padl.com/tools.html>

  Ű README ִµ ũƮ  ̸ ε 켱
  README  а  ũƮ ϱ ٶ.

  6.4.  LDAP  

  LDAP 񽺸 ϱ  LDAP Ŭ̾Ʈ 񽺿  
  ޾ƾѴ. , Ŭ̾Ʈ   ۾   
     ֵ Ŭ̾Ʈ  Ÿ Ϸ
  Ѵٶ  ؾѴ. Ŭ̾Ʈ LDAP   
  ޴´ٸ  Ŀ  Ŭ̾Ʈκ û  Ŭ̾Ʈ
  û ϵ  Ǿ θ ˻ ̴.  μ
    Ѵ.

  LDAP  "bind" 꿡 Ǵµ Ldapv3 anonymous, simple
   SASL    Ѵ."bind"  LDAP û
   Ŭ̾Ʈ anonymous Ŭ̾Ʈ óȴ. Simple 
  LDAP  Ŭ̾Ʈ() FQDN(Fully Qualified Domain Name)
  ȣȭ  н带   ̷.  ⱸ
  н带 Ʈũ󿡼   ֱ     ִ.
  ̷ н  ϱ  LDAP   ȴٸ SSL
   ȣȭ äγ  simple  ⱸ   ִ.

   SASL Simple Authentication and Security Layer (RFC
  2222)      Ǵ   Ȯ 
  Ÿ Ŭ̾Ʈ  ȯ ̷ 䱸- (challenge-
  response)  Ѵ. SASL ν LDAP LDAP
  Ŭ̾Ʈ   ǵ      ִ.
  SASL  Cyrus SASL ̺귯 ġ ߿ϱ   Ͽ
      ̴.

   丮 Ʈ  ϴ ڸ ԰ ÿ LDAP
   ٸ  (Sendmail, Login, Ftp, )   ڸ
    ִ. ̴ Ư   LDAP  Ű PAM
  (Pluggable Authentication Module) ⱸ Ͽ ȴ.

  н â ķ   ڰ н带 Էϰ Էµ
  н带 ý /etc/passwd Ͽ Ǿ ִ ȣȭ 
  н忡 شϴ ˻ϴ   ̷. ̷ 
  â⿡ µ   /etc/passwd    ü 
  Ʈ ī Ҹ ϵ ̽ Ͽ ϴ  ο
   Ǿ. ׷ ο  Ű ߵɶ 
  ʿ α׷(login, ftp ) ̸ ϱ   ۼǾ
  ϴ  ̿. PAM  ȹ  α׷ 
   ִ  Ѵ. ̷ α׷ ۵ϱ  Ÿӽ
  α׷ Ǵ   ʿ Ѵ.

  LDAP     ּҿ tar ball · ̿  ִ:

       <http://www.padl.com/pam_ldap.html>

  ڴ  ǿ PAM ġǾ ִٰ Ѵ. ̷ 
    ּ  <http://www.kernel.org/pub/linux/libs/pam>  
  ٶ. پ  ǵ PAM Ͽ  ٸ ǥ 
  Ѵ. 밳 PAM   /etc/pam.d 丮 Ѵ. 
  丮  ڽ ǰ ִ  񽺿  
  ߰  ִ.   õ  ڵ αο LDAP
   ϱ Ѵٸ LDAP PAM ġϰ /etc/pam.d 丮
  login Ͽ   ϱٶ:

  #%PAM-1.0
  auth            required     /lib/security/pam_securetty.so
  auth            required     /lib/security/pam_nologin.so
  auth            sufficient   /lib/security/pam_ldap.so
  auth            required     /lib/security/pam_unix_auth.so try_first_pass
  account         sufficient   /lib/security/pam_ldap.so
  account         required     /lib/security/pam_unix_acct.so
  password        required     /lib/security/pam_cracklib.so
  password        required     /lib/security/pam_ldap.so
  password        required     /lib/security/pam_pwdb.so use_first_pass
  session         required     /lib/security/pam_unix_session.so

  6.5.  ׷ LDAP 

  o  Kldap

       Kldap KDE ȯ ׷ LDAP Ŭ̾Ʈ  ̽  丮   
       Ʈ   ִ. ø̼κ ణ screenshot ˻    ּҿ ٿε
         ִ.

       <http://www.mountpoint.ch/oliver/kldap/>

  o  GQ

       GQ   ̽  ٸ ׷ LDAP Ŭ̾Ʈ GNOME ȯ ۼǾ
       KDE ȯ濡 ۵ȴ. Kldap  GNOME ȯ濡 ۵Ѵ. ٿε     
       ؼ  ּҷ  ٶ:

       <http://biot.com/gq/>

  6.6.  α

  Slapd α׸ ߻Ű  syslog(8) ϴµ  ƿƼ
  default ڴ LOCAL4  LOCAL0, LOCAL1 LOCAL7 
  ȴ.

  α ߻ ۽Ű  밳 /etc 丮ִ syslog.conf
   ؾ Ѵ.

     ߰ϱ ٶ:

  local4.* /usr/adm/ldalog

  ̴ syslog  LOCAL4 default ڸ ̿ ̴.  
   ͼġʴٸ syslog, syslog.conf  syslogd man  .
  Default    Ǵ α  ϱ Ѵٸ slapd
  Ҷ  ɼ ϱٶ.
  -s syslog-level  ɼ slapd    
  syslog(8) α׵Ǿ ϴ  ش.  ޽ 
  ϴµ   Ʈ( ؿ  ) Ű̴:
  emerg, alert, crit, err, warning, notice, info, and debug. : slapd
  -f myslapd.conf -s debug

  -l syslog-local-user syslog(8)  ڸ Ѵ. LOCAL0,
  LOCAL1,..., LOCAL7     ִ. Ʈ LOCAL4 ̴.
  ׷  ɼ  ڿ syslogd(8) ϴ ýۿ 
  ȴ.

   α׸ . ̵ , , ε   
  ذϴµ    ̴.

  7.   

  On this section you will find additional documentation about LDAP:
  useful URLs, cool books and definition RFCs.

  7.1.  URLs

  Here are the URLs that contain very useful information about LDAP.
  From these URLs, this HOWTO was made, so if after reading this
  document you need more specific information, you probably will find
  here:

  o  University of Michigan LDAP Page:

     <http://www.umich.edu/~dirsvcs/ldap/index.html>

  o  University of Michigan LDAP Documentation Page:

     <http://www.umich.edu/~dirsvcs/ldap/doc/>

  o  OpenLDAP Administrator's Guide:

     <http://www.openldap.org/doc/admin>

  o  Manually Implementing Roaming Access:

     <http://help.netscape.com/products/client/communicator/manual_roaming2.html>

  o  Customizing LDAP Settings for Communicator 4.5:

     <http://developer.netscape.com/docs/manuals/communicator/ldap45.htm>

  o  Introducing to Directory Service (X.500):

     <http://www.nic.surfnet.nl/surfnet/projects/x500/introducing/>

  o  Linux Directory Service:

     <http://www.rage.net/ldap/>

  7.2.  

  These are the most popular and useful books about LDAP:

  o  Implementing LDAP by Mark Wilcox

  o  LDAP: Programming Directory-Enabled Applications with Lightweight
     Directory Access Protocol by Howes and Smith

  o  Understanding and Deploying LDAP Directory Servers by Howes, Smith,
     and Good

  7.3.  RFCs

  The RFCsw that support the LDAP development efforts:

  o  RFC 1558: A String Representation of LDAP Search Filters

  o  RFC 1777: Lightweight Directory Access Protocol

  o  RFC 1778: The String Representation of Standard Attribute Syntaxes

  o  RFC 1779: A String Representation of Distinguished Names

  o  RFC 1781: Using the OSI Directory to Achieve User Friendly Naming

  o  RFC 1798: Connectionless LDAP

  o  RFC 1823: The LDAP Application Programming Interface

  o  RFC 1959: An LDAP URL Format

  o  RFC 1960: A String Representation of LDAP Search Filters

  o  RFC 2251: Lightweight Directory Access Protocol (v3)

  o  RFC 2307: LDAP as a Network Information Service RFC 1558: A String
     Representation of LDAP Search Filters

