Title: How to Deal with OpenLDAP
Question: OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol.
It has become the de-facto standard for enterprise directory services.
But how it works with Delphi?
Answer:
Major enterprise directories such as NDS and Active Directory have LDAP interfaces or integrated LDAP Functionality.
The libldap API is a library that supports LDAP functionality over TCP, SSL, or IPC -- see the OpenLDAP site for detailed documentation.
In Delphi is a translation unit for the built-in windows LDAP client API, and some examples from JEDI.
the uses winldap.pas is an import unit from
LDAPLib = 'wldap32.dll';
function ldap_openA; external LDAPLib name 'ldap_openA';
.........
We slightly improved the example to get a Digital Certificate from verisign. Download at:
http://www.softwareschule.ch/download/openldap_delphi.zip
Here's an commented extract from the source:
// open directory connection
pld:= ldap_open(PChar(sServer), iPort);
if Assigned(pld) then
try
// authenticate anonymously
LDAPCheck(ldap_simple_bind_s(pld, NIL, NIL));
// perform search
LDAPCheck(ldap_search_s(pld, PChar(sBase), LDAP_SCOPE_SUBTREE,
PChar(sSearch), NIL, 0, plmSearch));
try
// initialize results
iRow:= 0;
msResults.Clear;
slAttribs.Clear;
// loop thru entries
plmEntry:= ldap_first_entry(pld, plmSearch);
while Assigned(plmEntry) do begin
// clear attributes
slAttribs.Clear;
// loop thru attributes
pszAttr:= ldap_first_attribute(pld, plmEntry, pbe);
while Assigned(pszAttr) do begin
// store attribute
iCol:= slAttribs.Add(pszAttr);
// get value
ppcVals:= ldap_get_values(pld, plmEntry, pszAttr);
This also gives you a working example app to examine and improve further.
LDAP is also the basis of Active Directory, so you can use it query domain information in a standard manner on W2K+ domains.
There's also a way to install a server on a win-box, which you don't need for the client example source over TCP/IP!
For the Windows platform, ILEX has created this OpenLDAP for Windows distribution. It's a packaged version using Nullsoft NSIS and includes OpenLDAP, SASL, BDB, and OpenSSL.
It supports LDAP, LDAPS and LDAP+TLS. The wizard guides you through the installation and permit the creation of the slapd.conf file, the database root, the certificates generation (CA+server), the system service installation and much more.
otherwise you install it on a linux-box like this:
# cd /usr/src/�
# wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.18.tgz�
# tar zxvf openldap-2.3.18.tgz�
# cd openldap-2.3.18�
# ./configure�
# make�
# make install�
So the example connects to verisign, checks the form and gets a certificate like this url:
http://directory.verisign.com/cgi-bin/ds?ISSUER_PARM_NAME=issuerSerial&ISSUER_PARM_VAL
=0ab839085b0d8dd6687993182cef824c&MS_PATH=http://directory.verisign.com/ldap/ds_splash.
html&NS_PATH=https://digitalid.verisign.com/cgi-bin/Xquery.exe&QM_TEMPLATE=certByIssuer
&XQ_FDF=../fdf/userQueryResult.fdf Download This Digital ID
Further Links:
OpenLDAP-Projekt: http://www.openldap.org
RFC1777 - LDAProtocol: ftp://ftp.isi.edu/in-notes/rfc1777.txt
http://www.delphi-jedi.org/
www.ilex.fr/openldap
http://ldapadmin.sourceforge.net/