About the LDAP Configuration Interface
The LDAP Configuration Interface (LCI) consists of an LDAP interface in the RSA RADIUS Server and an LDAP virtual schema. The LDAP virtual schema enables the LDAP interface to translate LDAP requests into a format that can be understood by the RSA RADIUS Server database.
Figures 25 illustrates the relationship between LDAP components.
LDAP Command
Line Utility
Java
Administration
Program
|
|
|
|
|
|
|
|
|
| Core RADIUS Modules |
| ||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| LDAP |
| Virtual |
|
|
|
|
| Interface |
| Schema |
| Embedded |
| |
|
|
|
|
|
| ||
|
|
|
|
| RADIUS |
| |
|
|
| Proprietary |
| Database |
| |
|
|
|
|
|
|
| |
|
|
| HTTPS |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Figure 25 LDAP Components
LDAP Utilities
Freeware LDAP utilities, such as ldapsearch, ldapmodify, and ldapdelete, act as clients of the LDAP interface. LDAP utilities let you read and modify an LDAP database.
Xldapsearch – The ldapsearch utility locates and retrieves LDAP directory entries. The ldapsearch utility opens a connection to an LDAP interface using the specified distinguished name and password, binds, and locates entries based on the specified search filter. A search can return a single entry, an entry's immediate subentries, or an entire tree or subtree. Search results are returned in LDIF format.
Xldapmodify – The ldapmodify utility adds or modifies entries in an existing LDAP directory. ldapmodify opens a connection to an LDAP interface using the distinguished name and password you supply, binds, and adds or modifies the entries based on the LDIF update statements contained
82 | Using the LDAP Configuration Interface | September 2005 |
