--- /dev/null
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html lang="en">
+<head>
+ <meta http-equiv="Content-Type" content="text/html; charset=">
+ <title>Debian Project -- Direct LDAP Access</title>
+ <link rev="made" href="mailto:webmaster@debian.org">
+ <meta name="Generator" content="WML 2.0.8 (30-Oct-2001)">
+ <meta name="Modified" content="2006-12-22 10:24:29">
+</head>
+<body text="#000000" bgcolor="#FFFFFF" link="#0000FF" vlink="#800080" alink="#FF0000">
+<table width="100%" align="center" border="0" cellpadding="3" cellspacing="0" summary="">
+<tr>
+ <td align="left" valign="middle">
+ <a href="http://www.debian.org/"><img src="http://www.debian.org/logos/openlogo-nd-50.png" border="0" hspace="0" vspace="0" alt=""></a>
+ <a href="http://www.debian.org/" rel="start"><img src="http://www.debian.org/Pics/debian.png" border="0" hspace="0" vspace="0" alt="Debian Project"></a>
+ </td>
+</tr>
+</table>
+<!--UdmComment-->
+<table bgcolor="#DF0451" border="0" cellpadding="0" cellspacing="0" width="100%" summary="">
+<tr>
+<td valign="top">
+<img src="http://www.debian.org/Pics/red-upperleft.png" align="left" border="0" hspace="0" vspace="0" alt="">
+</td>
+<td rowspan="2" align="center">
+<a href="http://www.debian.org/intro/about"><img src="http://www.debian.org/Pics/about.en.gif" align="middle" border="0" hspace="4" vspace="7" alt="About Debian"></a>
+<a href="http://www.debian.org/News/"><img src="http://www.debian.org/Pics/news.en.gif" align="middle" border="0" hspace="4" vspace="7" alt="News"></a>
+<a href="http://www.debian.org/distrib/"><img src="http://www.debian.org/Pics/getting.en.gif" align="middle" border="0" hspace="4" vspace="7" alt="Getting Debian"></a>
+<a href="http://www.debian.org/support"><img src="http://www.debian.org/Pics/support.en.gif" align="middle" border="0" hspace="4" vspace="7" alt="Support"></a>
+<a href="http://www.debian.org/devel/"><img src="http://www.debian.org/Pics/devel.en.gif" align="middle" border="0" hspace="4" vspace="7" alt="Developers' Corner"></a>
+<a href="http://www.debian.org/sitemap" rel="contents"><img src="http://www.debian.org/Pics/sitemap.en.gif" align="middle" border="0" hspace="4" vspace="7" alt="Site map"></a>
+<a href="http://search.debian.org/"><img src="http://www.debian.org/Pics/search.en.gif" align="middle" border="0" hspace="4" vspace="7" alt="Search"></a>
+</td>
+<td valign="top">
+<img src="http://www.debian.org/Pics/red-upperright.png" align="right" border="0" hspace="0" vspace="0" alt="">
+</td>
+</tr>
+<tr>
+<td valign="bottom">
+<img src="http://www.debian.org/Pics/red-lowerleft.png" align="left" border="0" hspace="0" vspace="0" alt="">
+</td>
+<td valign="bottom">
+<img src="http://www.debian.org/Pics/red-lowerright.png" align="right" border="0" hspace="0" vspace="0" alt="">
+</td>
+</tr>
+</table>
+<!--/UdmComment-->
+<h1>Direct LDAP Access</h1>
+<p>Since the
+<a href="http://lists.debian.org/debian-announce/debian-announce-2003/msg00001.html">compromise</a>,
+the information available to non-developers via the LDAP interface has been
+limited a great deal. However, as always, the full database is accessible from
+any .debian.org machine. If you wish relatively unfettered access to the LDAP
+database, connect to it from a .debian.org machine, such as gluck.debian.org
+(which is recommended for general shell usage anyhow).
+</p>
+<p>
+The LDAP utilities package (<a href="http://packages.debian.org/ldap-utils">ldap-utils</a>) provides an utility called ldapsearch that can be used
+to execute direct queries to the database. This is done by supplying
+the following arguments to ldapsearch: <strong>-x -H
+ldap://db.debian.org -b dc=debian,dc=org</strong>. Alternatively, the
+<strong>-H</strong> and <strong>-b</strong> options can be put in
+one's ~/.ldaprc, in the following form:
+</p><pre>
+[ dbharris@gluck: ~/ ]$ cat ~/.ldaprc
+HOST db.debian.org
+BASE dc=debian,dc=org
+</pre>
+<p>
+<strong>-x</strong> tells ldapsearch to use "simple" (non-SASL, non-Kerberos)
+authentication. There appears to be no ~/.ldaprc option which does the same as
+<strong>-x</strong>. With these parameters specified, we're ready to begin
+searching. Here's an example:
+</p><pre>
+[ dbharris@gluck: ~/ ]$ ldapsearch -x uid=dbharris keyfingerprint
+<snip>
+dn: uid=dbharris,ou=users,dc=debian,dc=org
+keyFingerPrint: CC53F12435C07BC258FE7A3C157DDFD959DDCB9F
+<snip>
+</pre>
+<p>
+The first non-option argument (<strong>uid=dbharris</strong> in this case) is
+the query to perform, and the rest of the arguments are the attributes to
+return. If you only specify the query, but don't provide any attributes to
+return, all readable attributes are returned. While the example was quite
+simple, complex queries can be performed as well:
+</p><pre>
+[ dbharris@gluck: ~/ ]$ ldapsearch -x -H ldap://db.debian.org -b dc=debian,dc=org '(&(!(loginshell=/bin/bash))(uid=*))' loginshell
+</pre>
+<p>
+That query shows users that do not use bash as their shell. Some other
+interesting queries are:</p>
+<ul>
+<li>Count the number of developers
+<tt>(&(keyfingerprint=*)(gidnumber=800))</tt></li>
+<li>Show people in a certain group <tt>gidmembership=adm</tt></li>
+<li>People named james <tt>cn=james</tt></li>
+<li>Someone whos last name phonetically sounds like 'Ackerma'
+<tt>sn~=ackerm</tt></li>
+<li>All the sparcs <tt>host=sparc</tt></li>
+</ul>
+<p><a href="http://www.faqs.org/rfcs/rfc2254.html">RFC 2254</a>
+has more information about the filter expressions.</p>
+<h1>Other LDAP Browsers</h1>
+<p>
+The GQ package has a graphical LDAP browser that can browse the debian.org
+tree. It is somewhat ungainly with the large number of entries in our
+directory, but it does work nonetheless. Configuration is similar, use the
+preferences dialog to add a new host with the information given above.
+<p>
+Netscape has a browser for their mailer, but I have never been able to get
+it to work, please email if you have any luck.
+<p>
+To my knowledge there are no interfaces for popular mailers like mutt and
+gnus. Such an interface would allow using the directory as an enhanced address
+book.
+<hr noshade width="100%" size="1">
+Back to the <a href="http://www.debian.org/">Debian Project homepage</a>.
+<hr noshade width="100%" size="1">
+<small>
+You can contact us at
+<a href="mailto:admin@db.debian.org">admin@db.debian.org</a>.
+</small>
+<p>
+<p><small>
+Last Modified: Fri, Jan 28 19:13:06 UTC 2005
+ <br>
+ Copyright © 1997-2005
+ <a href="http://www.spi-inc.org/">SPI</a>; See <a href="http://www.debian.org/license" rel="copyright">license terms</a><br>
+ Debian is a registered trademark of Software in the Public Interest, Inc.
+</small></p>
+</body>
+</html>
projects / mirror / userdir-ldap-cgi.git / blobdiff