directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r1403804 - in /directory/site/trunk/content/apacheds: ./ basic-ug/ basic-ug/images/
Date Tue, 30 Oct 2012 17:53:14 GMT
Author: elecharny
Date: Tue Oct 30 17:53:13 2012
New Revision: 1403804

URL: http://svn.apache.org/viewvc?rev=1403804&view=rev
Log:
Added the missing pages, fixed some links

Added:
    directory/site/trunk/content/apacheds/basic-ug/images/open-schema-browser.png   (with
props)
    directory/site/trunk/content/apacheds/basic-ug/images/schema-browser.png   (with props)
    directory/site/trunk/content/apacheds/basic-ug/images/schema-objects.png   (with props)
Modified:
    directory/site/trunk/content/apacheds/basic-ug/1-how-to-begin.mdtext
    directory/site/trunk/content/apacheds/basic-ug/2-handling-data.mdtext
    directory/site/trunk/content/apacheds/basic-ug/2.2-searching-data.mdtext
    directory/site/trunk/content/apacheds/basic-ug/2.2.1-simple-search.mdtext
    directory/site/trunk/content/apacheds/basic-ug/2.2.2-more-search-options.mdtext
    directory/site/trunk/content/apacheds/basic-ug/2.3-introducing-schema.mdtext
    directory/site/trunk/content/apacheds/basic-users-guide.mdtext

Modified: directory/site/trunk/content/apacheds/basic-ug/1-how-to-begin.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/basic-ug/1-how-to-begin.mdtext?rev=1403804&r1=1403803&r2=1403804&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/basic-ug/1-how-to-begin.mdtext (original)
+++ directory/site/trunk/content/apacheds/basic-ug/1-how-to-begin.mdtext Tue Oct 30 17:53:13
2012
@@ -23,6 +23,7 @@ Notice: Licensed to the Apache Software 
 # 1 - How to begin
 This chapter helps you to set up a server, with the minimal configuration options being explained.
That should be enough to get a running server.
 
+This user guide is **not** intended to be a **LDAP** guide : there are some excellent tutorials
or books, we won't try to challenge them !
 
 ## Table of content
 

Modified: directory/site/trunk/content/apacheds/basic-ug/2-handling-data.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/basic-ug/2-handling-data.mdtext?rev=1403804&r1=1403803&r2=1403804&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/basic-ug/2-handling-data.mdtext (original)
+++ directory/site/trunk/content/apacheds/basic-ug/2-handling-data.mdtext Tue Oct 30 17:53:13
2012
@@ -31,8 +31,6 @@ Now that your server is up and running, 
 * [2.1 - Data modification](2.1-data-modification.html)
 	* [2.1.1 - Adding Entries](2.1.1-adding-entries.html)
 	* [2.1.2 - Deleting Entries](2.1.2-deleting-entries.html)
-	* [2.1.3 - Modifying Entries](2.1.3-modifying-entries.html)
-	* [2.1.4 - Moving Entries](2.1.4-moving-entries.html)
 * [2.2 - Searching Data](2.2-searching-data.html)
 	* [2.2.1 - Simple search](2.2.1-simple-search.html)
 	* [2.2.2 - More search options](2.2.2-more-search-options.html)

Modified: directory/site/trunk/content/apacheds/basic-ug/2.2-searching-data.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/basic-ug/2.2-searching-data.mdtext?rev=1403804&r1=1403803&r2=1403804&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/basic-ug/2.2-searching-data.mdtext (original)
+++ directory/site/trunk/content/apacheds/basic-ug/2.2-searching-data.mdtext Tue Oct 30 17:53:13
2012
@@ -24,7 +24,9 @@ Notice: Licensed to the Apache Software 
 
 # 2.2 - Searching Data
 
-TODO
+Searching is the most frequent operation done on a LDAP server : everything is optimizd so
that the search operation is as fast as possible.
+
+We will show how to do some simple searches on _Apache Directory Server_ in the following
pages.
 
 ## Table of content
 

Modified: directory/site/trunk/content/apacheds/basic-ug/2.2.1-simple-search.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/basic-ug/2.2.1-simple-search.mdtext?rev=1403804&r1=1403803&r2=1403804&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/basic-ug/2.2.1-simple-search.mdtext (original)
+++ directory/site/trunk/content/apacheds/basic-ug/2.2.1-simple-search.mdtext Tue Oct 30 17:53:13
2012
@@ -24,4 +24,31 @@ Notice: Licensed to the Apache Software 
 
 # 2.2.1 - Simple search
 
-TODO
\ No newline at end of file
+Basically, a search in **LDAP** requires a few parameters :
+* A server on which we will send the request
+* A port for this server
+* A base _DN_, the location where to start the search from
+* A filter to select the entries to be returned
+* The user doing the search
+* A password if the user is not already bound
+* A scope, defining the depth we should look for
+* The list of attributes to return
+
+There are several other options, which will be exposed in the next chapter.
+
+## Doing a Simple Search on the command line
+
+Here is an exemple of search done on the base we have created :
+
+	$ ldapsearch -h zanzibar -p 10389 -b "o=sevenSeas" -s sub "(cn=James Hook)" +
+	version: 1
+	dn: cn=James Hook,ou=people,o=sevenSeas
+	accessControlSubentries: cn=sevenSeasAuthorizationRequirementsACISubentry,o=sevenSeas
+	creatorsName: cn=Horatio Nelson,ou=people,o=sevenSeas
+	createTimestamp: 20061203140109Z
+
+Here, we see that we are connecting to the **sanzibar** server, on its **10389** port. As
we haven't provided any user, this is an anonymous search, which should be allowed if the
server accept anonymous searches.
+We then have the base _DN_, **"o=sevenseas"**, the filter **"(cn=James Hook)"** and the scope
: **"sub"**. The last parameter, **"+"**, asks the server to return all the operational attributes.
+
+The result is just shown as a result of the command (here, we get back one single entry).
+

Modified: directory/site/trunk/content/apacheds/basic-ug/2.2.2-more-search-options.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/basic-ug/2.2.2-more-search-options.mdtext?rev=1403804&r1=1403803&r2=1403804&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/basic-ug/2.2.2-more-search-options.mdtext (original)
+++ directory/site/trunk/content/apacheds/basic-ug/2.2.2-more-search-options.mdtext Tue Oct
30 17:53:13 2012
@@ -24,4 +24,98 @@ Notice: Licensed to the Apache Software 
 
 # 2.2.2 - More search options
 
-TODO
\ No newline at end of file
+There are many parameters we haven't explained in the previous chapter. 
+
+## Bound/anonymous searches
+
+When you send a SearchRequest to the server, you may be anonymous, or you mave have been
bound before the search is done. Binding on a server creates an **LDAP** session, which stores
the credentials. This is used by the authorization system to filter the requests and the returned
data, depending on the server settings.
+
+Not all the server allow an anonymous search : _Apache Dorectory Server_ default to not enabling
such anonymous searches (this is for security questions).
+
+Generally speaking, users do bind before sending a search request.
+
+## Filters
+
+The **LDAP** filters can be quite complex. Although they aren't even close to what **SQL**
provide : there is no way you can do a Join on a LDAP server.
+
+A filter is a set of nodes connected with operators like **and**, **or**, **not**...
+
+Here is the list of possible connectors :
+
+<div class="table-wrap">
+	<table class="confluenceTable">
+		<tbody>
+			<tr>
+				<th class="confluenceTh"> Connector </th>
+				<th class="confluenceTh"> Description </th>
+				<th class="confluenceTh"> Example </th>
+			</tr>
+			<tr>
+				<td class="confluenceTd"> And </td>
+				<td class="confluenceTd">  All the nodes should be evaluated to true </td>
+				<td class="confluenceTd"> (&(objectClass=person)(cn=acme)) </td>
+			</tr>
+			<tr>
+				<td class="confluenceTd"> Or </td>
+				<td class="confluenceTd"> At least one of the node should be evaluated to true</td>
+				<td class="confluenceTd"> (|(objectClass=person)(cn=acme)) </td>
+			</tr>
+			<tr>
+				<td class="confluenceTd"> Not </td>
+				<td class="confluenceTd"> select the entries that does not evaluate to true for
this filter </td>
+				<td class="confluenceTd"> (!(objectClass=person))</td>
+			</tr>
+		</tbody>
+	</table>
+</div>
+
+Each node proceeds a check on the attributeType and value provided in the filter. For instance,
the **"(o=sevenseas)"** filter tells the server to look for all teh entries whcih have an
"organization" atribute with a value of **"sevenseas"**. Here are the various kind of filters
you can use :
+
+<div class="table-wrap">
+	<table class="confluenceTable">
+		<tbody>
+			<tr>
+				<th class="confluenceTh">Filter</th>
+			</tr>
+			<tr>
+				<td class="confluenceTd"> = (Equality)</td>
+			</tr>
+			<tr>
+				<td class="confluenceTd">Substring</td>
+			</tr>
+			<tr>
+				<td class="confluenceTd"> &gt;= </td>
+			</tr>
+			<tr>
+				<td class="confluenceTd"> &lt;= </td>
+			</tr>
+			<tr>
+				<td class="confluenceTd"> =* (Present) </td>
+			</tr>
+			<tr>
+				<td class="confluenceTd"> ~= (ApproxMatch)</td>
+			</tr>
+			<tr>
+				<td class="confluenceTd"> extensibleMatch </td>
+			</tr>
+		</tbody>
+	</table>
+</div>
+
+## Scope
+
+A Search can span across the whole **DIT**, or just a subset of it. In **LDAP**, you can
use three different scopes :
+
+* OBJECT : the Object itself, none of its children
+* ONELEVEL : all of the base direct children, but not it's children's children not the base
object
+* SUBLEVEL : everything
+
+## Returned attributes
+
+A search can also list the attributes to be returned. This can be :
+* '*' for all the user attributes
+* '+' for all the operational attributes
+* a list of attributes name
+* 1.1 if we don't want the attributes values to be returned, but we want the entries' DN
that match the filter
+
+

Modified: directory/site/trunk/content/apacheds/basic-ug/2.3-introducing-schema.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/basic-ug/2.3-introducing-schema.mdtext?rev=1403804&r1=1403803&r2=1403804&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/basic-ug/2.3-introducing-schema.mdtext (original)
+++ directory/site/trunk/content/apacheds/basic-ug/2.3-introducing-schema.mdtext Tue Oct 30
17:53:13 2012
@@ -24,4 +24,37 @@ Notice: Licensed to the Apache Software 
 
 # 2.3 - The Schema
 		
-TODO
\ No newline at end of file
+All the data stored into a LDAP server are structured following a schema, a bit like any
DBMS. _Apache Directory Server_ does have a dynamic schema : that means you can modify the
schema wihout having to restart the server.
+
+We won't describe in the basic user guide how to manage the schema, this will be extensively
described in the _Advanced user guide_, this chapter is just a short introduction.
+
+## What is the LDAP schema ?
+
+It's a set of elements defining the data structure that can be stored in the server. It defines
the following elements :
+
+* AttributeType : the type of values that can be stored in an attribute
+* ObjectClass : the set of AttributeType that can or must be used in an entry
+* Syntax : The syntax the values must abide to
+* MatchingRule : The rules used to retrieve the data 
+
+There are more schema elements which are not currently used in _Apache Directory Server_.
+
+The following diagram shows all the interactions between each schema element :
+
+![Schema elements interactions](images/schema-objects.png)
+
+## How do we use it in ApacheDS ?
+
+The schema is everywhere in the server : each entry is controlled against the schema when
it's added or modified. The schema is a critical part of the server.
+
+The _Apache Directory Server_ comes with a predefined schema, which should fit a large part
of users need. You may though need to extend it...
+
+Hopefully, the schema can be extended. This will be explained in the _Advanced User Guide_.
+
+Enough said that you can browse the existing schema using _Apache Directory Studio_ :
+
+![Open Schema Browser](images/open-schema-browser.png)
+
+then you get the Schema browser :
+
+![Schema Browser](images/schema-browser.png)

Added: directory/site/trunk/content/apacheds/basic-ug/images/open-schema-browser.png
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/basic-ug/images/open-schema-browser.png?rev=1403804&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/site/trunk/content/apacheds/basic-ug/images/open-schema-browser.png
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: directory/site/trunk/content/apacheds/basic-ug/images/schema-browser.png
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/basic-ug/images/schema-browser.png?rev=1403804&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/site/trunk/content/apacheds/basic-ug/images/schema-browser.png
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: directory/site/trunk/content/apacheds/basic-ug/images/schema-objects.png
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/basic-ug/images/schema-objects.png?rev=1403804&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/site/trunk/content/apacheds/basic-ug/images/schema-objects.png
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Modified: directory/site/trunk/content/apacheds/basic-users-guide.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/basic-users-guide.mdtext?rev=1403804&r1=1403803&r2=1403804&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/basic-users-guide.mdtext (original)
+++ directory/site/trunk/content/apacheds/basic-users-guide.mdtext Tue Oct 30 17:53:13 2012
@@ -43,8 +43,6 @@ Getting started. Learn how to download a
 	* [2.1 - Data modification](basic-ug/2.1-data-modification.html)
 		* [2.1.1 - Adding Entries](basic-ug/2.1.1-adding-data.html)
 		* [2.1.2 - Deleting Entries](basic-ug/2.1.2-deleting-data.html)
-		* [2.1.3 - Modifying Entries](basic-ug/2.1.3-modifying-data.html)
-		* [2.1.4 - Moving Entries](basic-ug/2.1.4-moving-data.html)
 	* [2.2 - Searching Data](basic-ug/2.2-searching-data.html)
 		* [2.2.1 - Simple search](basic-ug/2.2.1-simple-search.html)
 		* [2.2.2 - More search options](basic-ug/2.2.2-more-search-options.html)



Mime
View raw message