Home
/
Netscape
/
NETSCAPE DIRECTORY SERVER 6.2 - GATEWAY CUSTOMIZATION
/
Manual

Netscape NETSCAPE DIRECTORY SERVER 6.2 - GATEWAY CUSTOMIZATION, Manual

Share

Page: 94 / 612

Netscape NETSCAPE DIRECTORY SERVER 6.2 - GATEWAY CUSTOMIZATION Manual Download Page 94

How the Authentication Process Works

94

Netscape Directory Server Plug-In Programmer’s Guide • December 2003

❍

If the credentials are correct, the server sets the

SLAPI_CONN_DN

parameter to the DN and the

SLAPI_CONN_AUTHTYPE

parameter to

LDAP_AUTH_SIMPLE

. The server sends an

LDAP_SUCCESS

result code back

to the client and ends the processing of the bind request.

❍

If the credentials are incorrect, the server sends an

LDAP_INVALID_CREDENTIALS

result code back to the client and ends the

processing of the bind request.

9.

The server calls any pre-operation bind plug-in functions. If the function
returns a non-zero value, the server ends the processing of the bind request.

If you are writing your own plug-in function to handle authentication, you
should return a non-zero value so that the server does not attempt to continue
processing the bind request.

10.

The server calls the backend bind function. The bind function returns one of
the following values:

❍

If the function returns a non-zero value (

SLAPI_BIND_FAIL_OR_ANONYMOUS

in Netscape Directory Server 4.x), the server ends the processing of the
bind request. The bind function is responsible for sending the appropriate
result code back to the client before returning a non-zero value.

❍

If the function returns 0 (

SLAPI_BIND_SUCCESS

in Netscape Directory

Server 4.x), the server continues processing the bind request. The server
sends the

LDAP_SUCCESS

result code back to the client. (The bind function

does not do this.)

11.

If the backend bind function succeeds, the server sets the

SLAPI_CONN_DN

parameter to the DN and the

SLAPI_CONN_AUTHTYPE

parameter to the

authentication method.

12.

The server sends an

LDAP_SUCCESS

result code back to the client and ends the

processing of the bind request.

If the client’s password is going to expire, the server includes a “password
expiring” control (with the OID 2.16.840.1.113730.3.4.5) with the result sent to
the client. If the client is logging in for the first time and needs to change the
password, the server includes a “password expired” control (with the OID
2.16.840.1.113730.3.4.4) with the result sent to the client.

«
...
92
93
94
95
96
...
»

Summary of Contents for NETSCAPE DIRECTORY SERVER 6.2 - GATEWAY CUSTOMIZATION

Page 1: ...Plug In Programmer s Guide Netscape Directory Server Version6 2 December 2003...

Page 2: ...on code by the Info ZIP group There are no extra charges or costs due to the use of this code and the original compression sources are freely available from http www infozip com on the Internet This p...

Page 3: ...ctions 21 The Directory Server Architecture 21 Types of Directory Server Plug Ins 24 Chapter 2 Writing and Compiling Plug Ins 27 Writing a Plug In Function 27 Including the API Header File 28 Passing...

Page 4: ...47 An Example Pre Operation Plug In 47 Writing the Plug In Example 48 Compiling the Plug In Example 51 Registering the Plug In Example 52 Running the Plug In Example 53 Part 2 Basic Plug In Programmi...

Page 5: ...fying Start and Close Functions 78 Processing an LDAP Bind Operation 78 Defining Functions for the Bind Operation 78 Getting and Setting Parameters for the Bind Operation 79 Processing an LDAP Unbind...

Page 6: ...ing Extended Operation Plug Ins 117 How Extended Operation Plug Ins Work 117 Writing Extended Operation Functions 118 Registering Extended Operation Functions 119 Specifying Start and Close Functions...

Page 7: ...istribution Logic 147 About Distributing Flat Namespaces 147 Creating a Distribution Function 148 Adding the Distribution Function to Your Directory 150 Adding Multiple Databases to a Single Suffix 15...

Page 8: ...fic to Extended Operation 367 Functions Specific to Bind Methods 368 Functions for Thread Safe LDAP Connections 369 Functions for Logging 372 Functions for Handling Matching Rules 375 Functions for LD...

Page 9: ...ute Names 570 Attribute Flags 571 Attribute Comparisons 571 Information About Targets 572 Parameters for the Bind Function 572 Parameters for the Search Function 573 Parameters Passed to the Search Fu...

Page 10: ...or Generating LDIF Strings 588 Parameters for Error Logging 589 Parameters for Filters 590 Parameters for Comparison Filters 591 Parameters for Filter Operations 591 Parameters for Password Storage 59...

Page 11: ...general understanding of the Internet and the World Wide Web WWW A general understanding of the Lightweight Directory Access Protocol LDAP and the Directory Server This book does not duplicate basic i...

Page 12: ...Runtime NSPR PRNetADDr structure for storing the IP addresses Because of this the NSPR files are shipped with Directory Server The NSPR API allows compliant applications to use system facilities such...

Page 13: ...ry_attr_hasvalue slapi_entry_attr_has_syntax_value The following internal operation calls are deprecated The new internal operation functions that are defined in slapi plugin h take a Slapi_PBlock for...

Page 14: ...in the literal sense Variables are enclosed in angle brackets Boldface type is used for glossary terms Where to Find Directory Server Information This book explains how to write your own server plug...

Page 15: ...ma For a list of documentation installed with Directory Server open the server_root manual en slapd index htm file where server_root is the directory in which you installed Directory Server For the la...

Page 16: ...Where to Find Directory Server Information 16 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 17: ...17 Part 1 Introduction to Directory Server Plug Ins Chapter 1 An Overview of Directory Server Plug Ins Chapter 2 Writing and Compiling Plug Ins Chapter 3 Configuring Plug Ins Chapter 4 A Quick Example...

Page 18: ...18 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 19: ...est version of the Directory Server What Are Directory Server Plug Ins If you want to extend the capabilities of the Directory Server you can write your own Directory Server plug in A server plug in i...

Page 20: ...the Directory Server has hooks that allow you to register your own functions to be called when specific events occur For example the Directory Server has hooks to call a registered plug in in the foll...

Page 21: ...2 Places pointers to the DN and the entry in the parameter block 3 Calls any registered pre operation add functions passing the parameter block to these functions 4 Calls the registered database add f...

Page 22: ...write data The front end then sends the results back to the client The back end reads and writes data to the database containing the directory entries The back end abstracts the database from the fro...

Page 23: ...How Directory Server Plug Ins Work Chapter 1 An Overview of Directory Server Plug Ins 23 Figure 1 1 Directory Server Architecture...

Page 24: ...ase back end For example you can create an entry storage plug in that encrypts an entry before it is saved to the database and an entry fetch plug in that decrypts an entry after it is read from the d...

Page 25: ...Types of Directory Server Plug Ins Chapter 1 An Overview of Directory Server Plug Ins 25 Figure 1 2 Architecture of the Directory Server and Server Plug Ins...

Page 26: ...Types of Directory Server Plug Ins 26 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 27: ...If you have already written a plug in for the Directory Server refer to the section Using Directory Server Plug In APIs on page 11 for information on migrating your plug in to the latest version of th...

Page 28: ...wing plug in function types pass a parameter block as a function argument Pre operation plug in functions Post operation plug in functions Matching rule functions for indexing Factory functions for ma...

Page 29: ...ns to verify that an entry complies with the schema or you can split up a search filter into its individual components For details see the section Calling Front End Functions on page 31 Getting Data f...

Page 30: ...xt of the database Indicate the point when the plug in starts executing slapi_log_error SLAPI_LOG_PLUGIN searchdn_preop_search PREOPERATION SEARCH PLUGIN n Get the base DN of the search from the param...

Page 31: ...functions provided with the Directory Server For example using the the front end API functions you can Write messages to the error log Get the attributes of an entry Get or set the DN of an entry Add...

Page 32: ...r plug in functions 3 Return a value to the Directory Server Your initialization function should have a prototype similar to the following int my_init_function Slapi_PBlock pb Notice that in the initi...

Page 33: ...on 3 SLAPI_PLUGIN_VERSION_03 is compatible with versions 6 1 and later of the Directory Server Specifying Information About the Plug In You specify information about your plug in such as a description...

Page 34: ...ration plug in Registering Your Plug In Functions Whether you register your plug in through the initialization function depends upon the type of function you are registering For some plug in types you...

Page 35: ...ug in that you are registering Returning a Value to the Directory Server If the initialization function is successful it should return 0 If an error occurs it should return 1 If the initialization fun...

Page 36: ...nker for details Make sure that the server_root plugins slapd slapi include directory is in your include path Use server_root plugins slapd slapi include for Windows NT and Windows 2000 plug ins On Wi...

Page 37: ...a specific type of plug in The following code shows a sample Makefile for Solaris The example assumes that the source files are located in the following directory server_root plugins slapd slapi exam...

Page 38: ...Compiling a Directory Server Plug In 38 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 39: ...plug in entry to the Directory Server configuration and reload the server configuration This section illustrates how to create your plug in entry The section Loading the Plug In Configuration File on...

Page 40: ...on that the server calls to register the plug in In this example the initialization is set to searchdn_preop_init For information on implementing initialization functions see Writing Plug in Initializ...

Page 41: ...slapd pluginvendor Example Corporation Finally Line 13 sets the description of the plug in The description you set will be the plug in description that is visible through the Directory Server Console...

Page 42: ...arch for any and all plug ins of the type s specified If none are found processing will continue without errors However the Directory Server must load all plug ins of the type s specified before it ca...

Page 43: ...on from a client matchingRule Declares a matching rule plug in which is called by the server when receives a search request with an extensible matching search filter from a client This type of plug in...

Page 44: ...arious ways to shut down and restart the Directory Server for example you can Use the Directory Server Console Use the UNIX scripts stop slapd and start slapd Use the Windows NT Services applet which...

Page 45: ...n the start function The preferred method of communicating plug in specific configuration is through custom attribute value pairs in the plug in entry in the dse ldif file Two examples are shown below...

Page 46: ...nipulation can be used for configuration retrieval For additional information check the code samples provided here server_root plugins slapd slapi examples Setting the Log Level of the Server If your...

Page 47: ...re operation plug in for the LDAP search operation In other words the Directory Server will process the registered plug in functions before it processes each LDAP search operation The example contains...

Page 48: ...file so that the server calls this initialization function on startup ifdef _WIN32 __declspec dllexport endif int test_preop_init Slapi_PBlock pb Specify the version of the plug in 01 in this release...

Page 49: ...SLAPI_SEARCH_SCOPE LDAP_SCOPE_BASE n break case LDAP_SCOPE_ONELEVEL slapi_log_error SLAPI_LOG_PLUGIN SLAPI_SEARCH_SCOPE LDAP_SCOPE_ONELEVEL n break case LDAP_SCOPE_SUBTREE slapi_log_error SLAPI_LOG_P...

Page 50: ...SLAPI_LOG_PLUGIN SLAPI_SEARCH_FILTER LDAP_FILTER_GE n break case LDAP_FILTER_LE slapi_log_error SLAPI_LOG_PLUGIN SLAPI_SEARCH_FILTER LDAP_FILTER_LE n break case LDAP_FILTER_APPROX slapi_log_error SLA...

Page 51: ..._error SLAPI_LOG_PLUGIN SLAPI_SEARCH_FILTER LDAP_FILTER_EXTENDED n break default slapi_log_error SLAPI_LOG_PLUGIN SLAPI_SEARCH_FILTER Unknown filter type slapi_filter_get_choice returned d n filter_ty...

Page 52: ...ion file see Loading the Plug In Configuration File on page 44 3 Shut down the Directory Server 4 Restart the Directory Server When you restart the Directory Server it will read the entries in the dse...

Page 53: ...Server and check the error log to see that the plug in is properly registered You should see the following line in the error log Error log messsage here Verify that the Plugins log level is selected...

Page 54: ...An Example Pre Operation Plug In 54 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 55: ...sic Plug In Programming Techniques Chapter 5 Front End API Functions Chapter 6 Writing Pre Post Operation Plug Ins Chapter 7 Defining Functions for LDAP Operations Chapter 8 Defining Functions for Aut...

Page 56: ...56 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 57: ...messages and work with entries attributes and filters While all of the functions described here must be used in conjunction with other API functions understanding how these functions work will help yo...

Page 58: ...atabase processes a search operation it attempts to use indexes to narrow down the list of candidates matching the search criteria If the back end is unable to use indexes it appends the following str...

Page 59: ...refer the LDAP request to a different LDAP server call the slapi_str2filter function For example the following statement sends an LDAP_SUCCESS status code back to the client slapi_send_ldap_result pb...

Page 60: ...tries passed in parameter blocks These functions are described in more detail in the sections that follow the table Table 5 1 Front End Functions for Manipulating Entries and Attributes Front end func...

Page 61: ...a new entry of the datatype Slapi_Entry that contains the copied data When you are finished using the entry you should free it from memory by calling the slapi_entry_free function Converting Between...

Page 62: ...convert an LDIF string representation back to an entry of the datatype Slapi_Entry call the slapi_str2entry function This function returns an entry of the datatype Slapi_Entry If an error occurred dur...

Page 63: ...of the entry This function returns a pointer to the first attribute in the entry With a pointer to the attribute you can test to see if it is the attribute you are interested in To retrieve the subse...

Page 64: ...ithin parameter blocks you can call the following front end routines Determining if a DN is the Root DN To determine if a DN is the root DN call slapi_dn_isroot This function returns 1 if the specifie...

Page 65: ...ix directive in the server configuration file specifies which DNs are served by a particular back end For example suppose the suffix directive is configured to the following suffix o Example Corporati...

Page 66: ...ter To manipulate search filters call the following front end routines NOTE These functions operate on the actual DN specified in the argument not a copy of the DN If you want to modify a copy of the...

Page 67: ...r from other filters slapi_filter_list_first slapi_filter_list_next Get the components of a filter only applicable to LDAP_FILTER_AND LDAP_FILTER_OR and LDAP_FILTER_NOT searches slapi_filter_free Free...

Page 68: ...ilter_list_next functions Both of these functions will return either a filter component of the complex filter or a NULL value according to the following If slapi_list_first returns a NULL the complex...

Page 69: ...filter_join function The slapi_filter_join function returns the complex filter you ve created When you are done using the complex filter you should free it by calling slapi_filter_free Filters of the...

Page 70: ...a password storage scheme plug in SSHA means Salted Secure Hashing Algorithm and can be defined using the ssha password storage scheme plug in To determine if a given password is one of the values of...

Page 71: ...bind Search Modify Add Delete Modify RDN Compare and Abandon You can configure the Directory Server to call your custom plug in functions before and after executing any of these LDAP operations For ex...

Page 72: ...AP referral back to the client Figure 6 1 illustrates how the Directory Server front end calls pre operation and post operation functions before and after executing an LDAP operation When processing a...

Page 73: ...ion SLAPI_PLUGIN_PRE_BIND_FN Specifies the function called before the Directory Server executes an LDAP bind operation For information on writing this type of function see Processing an LDAP Bind Oper...

Page 74: ...UGIN_PRE_ABANDON_FN Specifies the function called before the Directory Server executes an LDAP abandon operation For information on writing this type of function see Processing an LDAP Abandon Operati...

Page 75: ...mation on writing this type of function see Processing an LDAP Compare Operation on page 84 SLAPI_PLUGIN_POST_ADD_FN Specifies the function called after the Directory Server executes an LDAP add opera...

Page 76: ...le when you call slapi_send_ldap_search_entry the post operation entry function is called after the entry is sent back to the client SLAPI_PLUGIN_POST_REFERRAL_FN Specifies the function called after t...

Page 77: ...ent a parameter block defined by the data type Slapi_PBlock For more information on this see Passing Data with Parameter Blocks on page 28 This chapter outlines how to define plug in functions to do t...

Page 78: ...mines the DN that the client is attempting to bind as and the authentication method being used The front end also gets the credentials used for authentication and if SASL is used for authentication th...

Page 79: ...edentials were provided Processing an LDAP Unbind Operation When the Directory Server receives an LDAP unbind request from a client the front end calls the unbind function for each back end No operati...

Page 80: ...using an index if applicable For example for a search filter that finds entries where mail a the server checks the index for the mail attribute if the index exists finds the keys that start with a an...

Page 81: ...arch criteria to the search function for that back end The front end makes this information available to pre operation and post operation plug in functions in the form of parameters in a parameter blo...

Page 82: ...referral URLs Finally after sending the last entry to the client the front end sends an LDAP result message specifying the number of entries found Iterating Through Candidates In addition to the para...

Page 83: ...limit has been exceeded The maximum number of entries has been exceeded If no more entries exist in the set of results the next entry function should set the SLAPI_SEARCH_RESULT_ENTRY parameter to NUL...

Page 84: ...ction should return 0 If an error occurs for example if the specified attribute doesn t exist the compare function should call slapi_send_ldap_result to send an LDAP error code and should return 1 Pro...

Page 85: ...present call slapi_pblock_get to get the value of the SLAPI_MANAGEDSAIT parameter If the value is 1 the control is included in the request If 0 the control is not included in the request If the parent...

Page 86: ...unction should call slapi_str2filter to send a referral and return 1 To determine if a manageDSAIT control is present call slapi_pblock_get to get the value of the SLAPI_MANAGEDSAIT parameter If the v...

Page 87: ...ction should call slapi_send_ldap_result to send an LDAP_SUCCESS code back to the client and should return 0 Processing an LDAP Modify RDN Operation When the Directory Server receives an LDAP modify R...

Page 88: ...the function should call slapi_send_ldap_referral to send a referral and return 1 Otherwise the function should call slapi_send_ldap_result to send an LDAP error code LDAP_NO_SUCH_OBJECT and return 1...

Page 89: ...parameter block If the delete function is successful it should return 0 Processing an LDAP Abandon Operation When the Directory Server receives an LDAP abandon request from a client the front end gets...

Page 90: ...Processing an LDAP Abandon Operation 90 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 91: ...g in Using SASL with an LDAP Client Understanding Authentication Methods Authentication methods for LDAP is described in RFC 2829 which you can find at this location http www ietf org rfc rfc2829 txt...

Page 92: ...ent requests the server to perform an LDAP operation the server checks the DN in the SLAPI_CONN_DN parameter to determine if the client has the appropriate access rights How the Authentication Process...

Page 93: ...rver for example if the DN is uid moxcross o netscape com and the directory root of the server is o example com the server sends one of the following two results back to the client and ends the proces...

Page 94: ...If the function returns a non zero value SLAPI_BIND_FAIL_OR_ANONYMOUS in Netscape Directory Server 4 x the server ends the processing of the bind request The bind function is responsible for sending...

Page 95: ...ion Writing a Pre Operation Bind Plug in on page 95 Writing a Pre Operation Bind Plug in You can define your own pre operation bind plug in function to authenticate LDAP clients The server will call y...

Page 96: ...r Plug In Programmer s Guide December 2003 Figure 8 1 Using a Pre Operation Bind Plug In Function to Handle Authentication Figure 8 2 illustrates the steps that your pre operation bind plug in functio...

Page 97: ...Credentials What to Do If Authentication Fails What to Do If Authentication Succeeds Getting and Checking the Bind Parameters Call the slapi_pblock_get function to get the values of the following para...

Page 98: ...ent In both cases return a non zero value to prevent the server from calling the default backend function for authentication Getting the Entry and Checking the Credentials Get the entry for the DN spe...

Page 99: ...on to send the result code back to the client specify the closest matching DN as the matched argument If the client fails to provide the necessary credentials or if credentials cannot be found in the...

Page 100: ...LDAP_AUTH_SASL are integer values defined in the ldap h header file If you want to specify the credentials that you want sent back to the client If the value of the SLAPI_BIND_METHOD parameter is LDAP...

Page 101: ...enticates clients and bypasses the default backend bind function In this example the function just compares the client s credentials against the value of the userpassword attribute for the entry NOTE...

Page 102: ...NULL return 1 Check the authentication method switch method case LDAP_AUTH_SIMPLE First get the entry specified by the DN searchpb slapi_search_internal dn LDAP_SCOPE_BASE objectclass NULL NULL 0 if...

Page 103: ...connection if slapi_pblock_set pb SLAPI_CONN_DN slapi_ch_strdup dn 0 slapi_pblock_set pb SLAPI_CONN_AUTHTYPE SLAPD_AUTH_SIMPLE 0 slapi_log_error SLAPI_LOG_PLUGIN testbind_init Failed to set DN and au...

Page 104: ...function that registers the pre operation bind function break This plug in does not support any other method of authentication case LDAP_AUTH_SASL default slapi_log_error SLAPI_LOG_PLUGIN test_bind U...

Page 105: ...ration file The plugin directive should be added somewhere after the database directive In Directory Server 6 x add this to the end of the dse ldif file which is located in the server_root slapd insta...

Page 106: ...part of the Netscape LDAP C SDK 3 0 The syntax for these functions are listed below LDAP_API int LDAP_CALL ldap_sasl_bind LDAP ld const char dn const char mechanism struct berval cred LDAPControl serv...

Page 107: ...sult LDAP ld int msgid int all struct timeval timeout LDAPMessage result The parameters are described below ld is the connection handle which is a pointer to the LDAP structure containing information...

Page 108: ...de is extracted If 0 the result is not freed If non zero the result is freed The following example is an LDAP client that authenticates using the SASL method named babsmechanism Code Example 8 3 LDAP...

Page 109: ...babs example com vals0 1 NULL mod0 mod_values vals0 mod1 mod_op LDAP_MOD_ADD mod1 mod_type description time now sprintf buf This entry was modified with the modattrs program on s ctime now Get rid of...

Page 110: ...Using SASL with an LDAP Client 110 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 111: ...niques Chapter 9 Writing Entry Store Fetch Plug Ins Chapter 10 Writing Extended Operation Plug Ins Chapter 11 Writing Matching Rule Plug Ins Chapter 12 Using the Custom Distribution Logic Chapter 13 U...

Page 112: ...112 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 113: ...efault database The chapter contains the following sections How Entry Store Fetch Plug Ins Work Writing Entry Store Fetch Functions Registering Entry Store Fetch Functions How Entry Store Fetch Plug I...

Page 114: ...lug in functions entry store and entry fetch plug in functions are not passed a parameter block when called Instead entry store and entry fetch plug in functions must have the following prototype void...

Page 115: ...s cn config objectClass top objectClass nsSlapdPlugin objectClass extensibleObject cn Test entry nsslapd pluginPath usr netscape servers plugins slapd slapi examples libtest plugin so nsslapd pluginIn...

Page 116: ...ore as the entry store plug in function and my_fetch as the entry fetch plug in function Both functions are defined in the library usr nslib myentry so plugin entrystore on my entrystore plugin server...

Page 117: ...ed operation you assign an object identification OID to identify that operation LDAP clients request the operation by sending an extended operation request Within the request the client specifies The...

Page 118: ...orm an operation on the value specified in the SLAPI_EXT_OP_REQ_VALUE parameter After the extended operation completes your function should return a single value according to the following If your fun...

Page 119: ...T_OP_OIDLIST parameter to the list of OIDs of the extended operations supported by your function You can write your initialization function so that the OID is passed in from the directive See Passing...

Page 120: ...netscape servers plugins slapd slapi examples libtest plugin so nsslapd pluginInitfunc testexop_init nsslapd pluginType extendedop Get the number of additional arguments and copy them for i 0 argv i N...

Page 121: ...eration For example the following directive registers the function named my_ext_op as the extended operation plug in function for the operation with the OID 1 2 3 4 plugin extendedop on my extended op...

Page 122: ...Specifying Start and Close Functions 122 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 123: ...n Function Registering Matching Rule Functions Specifying Start and Close Functions Understanding Matching Rules A matching rule specifies how one or more attributes of a particular syntax should be c...

Page 124: ...ie In the search filter the client can specify the OID that identifies a matching rule and the attribute type This indicates that the value in the filter should be compared against the attribute using...

Page 125: ...use extended match filters Understanding Matching Rule Plug Ins A matching rule plug in can create filters that the server can use when handling extensible search filters A matching rule plug in can a...

Page 126: ...ing rule plug in the server adds this OID to the list of matching rule OIDs to use for indexing For information on setting up the server to index based on matching rule see Indexing Based on Matching...

Page 127: ...To determine which matching rule plug in is responsible for indexing an attribute with a given matching rule based on its OID the server does the following for each plug in 1 In a new Slapi_PBlock pa...

Page 128: ...TE_FN parameter for the plug in 3 The server checks the SLAPI_PLUGIN_MR_FILTER_MATCH_FN parameter If the parameter is NULL the plug in does not handle the matching rule specified by that OID If the pa...

Page 129: ...arily be accessible to other plug in functions since each function is usually passed a new and different parameter block Indexing Based on Matching Rules This section explains how to set up the server...

Page 130: ...ing added modified or removed in the SLAPI_PLUGIN_MR_TYPE parameter 2 Next the server calls the indexer factory function specified in the SLAPI_PLUGIN_MR_INDEXER_CREATE_FN parameter for the plug in to...

Page 131: ...ction to sort search results See Handling Sorting by Matching Rules on page 142 for more information If the value is SLAPI_PLUGIN_MR_USAGE_INDEX the server is calling your function to index an entry Y...

Page 132: ...o a Indexer Factory Function Parameter Name Data Type Description SLAPI_PLUGIN_MR_OID char Input parameter Matching rule OID if any specified in the index directive SLAPI_PLUGIN_MR_TYPE char Input par...

Page 133: ...urn 0 or the result code LDAP_SUCCESS if everything completed successfully The server adds or removes the keys and the corresponding values from the appropriate indexes SLAPI_PLUGIN_PRIVATE void Input...

Page 134: ...Function Writing a Filter Matching Function Note that you also need to define an initialization function to register your filter factory function Table 11 2 Input and output parameters available to an...

Page 135: ...checks the value of the SLAPI_PLUGIN_MR_QUERY_OPERATOR parameter If the operator is an known type such as SLAPI_OP_EQUAL the server will use the operator when searching the index for candidates For d...

Page 136: ...an LDAP error code a positive value an error occurred 4 If the entry matches the filter the server verifies that the entry is in the scope of the search before returning the entry to the LDAP client a...

Page 137: ...s supported by your plug in If the OID is not supported you need to return the result code LDAP_UNAVAILABLE_CRITICAL_EXTENSION The server will send this back to the client If the OID is supported cont...

Page 138: ...OY_FN parameter to the function responsible for freeing the filter object if you have defined this function optional See Writing a Destructor Function on page 143 for details 6 Return 0 or the result...

Page 139: ...VATE void Input parameter Pointer to any private data originally specified in the initialization function See Writing an Initialization Function on page 143 for details SLAPI_PLUGIN_MR_FILTER_MATCH_FN...

Page 140: ...de LDAP_SUCCESS if everything completed successfully Getting and Setting Parameters in Filter Index Functions The following table summarizes the different parameters that the filter index function sho...

Page 141: ...an to manipulate global variables keep in mind that the server can call this function concurrently for different filter objects The filter matching function should do the following 1 From the filter o...

Page 142: ...andling Sorting by Matching Rules If you have set up indexing by a matching rule you can also sort search results by that matching rule The server can use the keys in the index to sort the search resu...

Page 143: ...er block that is passed in For example your destructor function can get the indexer object from the SLAPI_PLUGIN_OBJECT parameter and free the object from memory This function will never be called for...

Page 144: ...for details The SLAPI_PLUGIN_PRIVATE parameter should be set to any private data you want made accessible to the plug in functions optional You need to register the initialization function see Registe...

Page 145: ...ginEnabled on nsslapd pluginId test matchingrule nsslapd pluginarg0 usr netscape servers slapd host1 customplugins filename conf In Netscape Directory Server 4 x add this directive to the slapd ldbm c...

Page 146: ...ialization function should get and set in the parameter block that is passed in If you register multiple plug ins with different start and close functions the functions are called in the order that th...

Page 147: ...lowing sections About Distributing Flat Namespaces Creating a Distribution Function Adding the Distribution Function to Your Directory Using the Distribution Logic Examples Custom Distribution Checkli...

Page 148: ...ted into a different database For example if you distribute entries according to their telephone number you cannot change the telephone number attribute of an entry without breaking entry distribution...

Page 149: ...n order for the distribution function to work properly For example for the suffix o example com you need to create an entry corresponding to o example com in each database involved in the distribution...

Page 150: ...ormed above a suffix that is distributed among several databases the search will be performed on all databases This means that the shared suffix entry that you create on each database in the example o...

Page 151: ...click Browse to locate the path on your local machine 6 Click OK to save your changes A warning message displays telling you to declare a distribution function in the suffix The next procedure describ...

Page 152: ...line Using the Console 1 In the Directory Server Console select the Configuration tab 2 Expand the Data tree and select the suffix to which you want to add the distribution function 3 Select the Datab...

Page 153: ...to a read write replica from a read only replica chaining_distribution Usually the directory returns a referral to clients making update requests to a read only replica This example uses a distributio...

Page 154: ...slapd distribution plugin plugin distrib plugin so nsslapd distribution funct hash_distribution Custom Distribution Checklist In summary the following steps are involved in adding the distribution fun...

Page 155: ...data stores You do this by developing a custom pre operation plug in to provide an alternate functionality for the LDAP operations such as search modify add and so on These operations are generally t...

Page 156: ...ectory deployment check Managing Servers with Netscape Console Note that because the DIOP plug in is a pre operation plug in enabling the plug in will impose certain limitations on the default behavio...

Page 157: ...ger Syntax Internationalization Plugin JPEG Syntax ldbm database Legacy Replication Plugin X Multimaster Replication Plugin X Octet String Syntax OID Syntax Pass Through Authentication X Postal Addres...

Page 158: ...the DIOP feature Figure 13 1 A Typical Directory Server Deployment State Change Plugin X Telephone Syntax uid uniqueness X URI Syntax Views X CLEAR CRYPT DES NS MTA MD5 SHA SSHA Table 13 1 Plug In St...

Page 159: ...ble from within Netscape Console The management and administration of slapd diopInstance is done via the Directory Server Console of the slapd configInstance instance This is because the slapd diopIns...

Page 160: ...e the unsupported plug ins in the second Directory Server instance slapd diopInstance For general information about installing Directory Server refer to the accompanying Netscape Directory Server Inst...

Page 161: ...in select the plug in and then on the right panel uncheck the Enable the Plugin option Note that some plug ins may depend on other plug ins and you may see messages that reflect such a dependency 9 U...

Page 162: ...This section explains how you can verify whether the DIOP feature works in Directory Server After you have successfully installed and configured two instances of Directory Servers as explained in the...

Page 163: ...pluginPath server_root plugins slapd slapi examples libtest plugin so nsslapd pluginInitfunc nullsuffix_init nsslapd pluginType preoperation nsslapd pluginEnabled on nsslapd pluginId nullsuffix preop...

Page 164: ...lug In on page 166 explains how you can trobleshoot the plug in The sample plug in is located in the server_root plugins slapd slapi examples directory The shared library for the plug in is named libt...

Page 165: ...DELETE_FN nullsuffix_delete SLAPI_PLUGIN_PRE_BIND_FN nullsuffix_bind SLAPI_PLUGIN_PRE_MODRDN_FN nullsuffix_modrdn Reserved Naming Contexts cn schema cn config cn monitor slapi_op_reserved pb is called...

Page 166: ...ng LDIF entries without the required object classes or parent entries will still get processed by the server populating the db created by the plug in See nullsuffix_modify and testdbinterop c for deta...

Page 167: ...a custom DIOP plug in without affecting the default behavior of the Directory Server a new function named slapi_op_reserved is being made available For details about this function see Functions Relate...

Page 168: ...Plug In API Reference 168 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 169: ...169 Part 4 Reference Chapter 14 Data Type and Structure Reference Chapter 15 Function Reference Chapter 16 Parameter Block Reference...

Page 170: ...170 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 171: ...ng simplified Basic Encoding Rules BER computed_attr_context Represents information used for a computed attribute LDAPControl Represents a client or server control associated with an LDAP operation LD...

Page 172: ...he prototype for a callback function which allows a plug in to register for callback when a backend changes its state Slapi_ComponentID Represents the component ID in an entry slapi_compute_callback_t...

Page 173: ...d size of the data are included in a berval structure Slapi_Operation Represents an operation pending from an LDAP client Slapi_PBlock Contains name value pairs that you can get or set for each LDAP o...

Page 174: ...nes if any of the attributes are computed generates the attributes and includes the generated attributes in the entry As part of this process the server creates a computed_attr_context structure to pa...

Page 175: ...can have one of the following values LDAP_OPT_ON specifies that the control is critical to the operation LDAP_OPT_OFF specifies that the control is not critical to the operation To do this Call this...

Page 176: ...d_op char mod_type union mod_vals_u char modv_strvals struct berval modv_bvals mod_vals define mod_values mod_vals modv_strvals define mod_bvalues mod_vals modv_bvals LDAPMod Parameters This function...

Page 177: ...LDAP_MOD_DELETE 0x01 define LDAP_MOD_REPLACE 0x02 define LDAP_MOD_BVALUES 0x80 LDAP_MOD_ADD specifies that you want to add the attribute values to the entry LDAP_MOD_DELETE specifies that you want to...

Page 178: ...e the value of an attribute attribute1 mod_op LDAP_MOD_REPLACE Specify that you want to change the value of the mail attribute attribute1 mod_type mail Specify the new value of the mail attribute attr...

Page 179: ...called by the server when processing an extensible match filter An extensible match filter specifies either the OID of a matching rule or an attribute type or both that indicates how matching entries...

Page 180: ...alues in the candidate entry For more information on writing a filter matching function see Writing a Filter Matching Function plugin_referral_entry_callback This typedef is used for LDAP referral ent...

Page 181: ...def void plugin_result_callback int rc void callback_data Parameters The function takes the following parameters Returns 0 if successful or 1 if an error occurred Description A function that matches t...

Page 182: ...parameter of slapi_seq_internal_callback_pb The LDAP referral entry callback function will be called once for each referral entry found by a search operation which means it could be called 0 or any n...

Page 183: ...r plug in initialization function register your function by setting the SLAPI_PLUGIN_PRE_REFERRAL_FN parameter in the parameter block to the name of your function if you are using the pre operation pl...

Page 184: ...can replace the function that sends LDAP result codes to the client with your own function To do this 1 Write a function with the prototype specified by send_ldap_result_fn_ptr_t pb Parameter block e...

Page 185: ...henever the slapi_send_ldap_search_entry function is called Syntax include slapi plugin h typedef int send_ldap_search_entry_fn_ptr_t Slapi_PBlock pb Slapi_Entry e LDAPControl ectrls char attrs int at...

Page 186: ...dd an attribute value slapi_attr_add_value Return the base type of an attribute slapi_attr_basetype Duplicate an attribute slapi_attr_dup Get the first value of an attribute slapi_attr_first_value Det...

Page 187: ...ponsible for handling an attribute type slapi_attr_type2plugin Compare two attribute names to determine if they represent the same attribute slapi_attr_types_equivalent Find the first attribute in an...

Page 188: ..._be_get_instance_info Return the name of the specified backend slapi_be_get_name Indicate if the database associated with the backend is in read only mode slapi_be_get_readonly Get pointer to a callba...

Page 189: ...he backend Backend s can be identified by name and type slapi_be_select_by_instance_name Set the specified flag in the backend slapi_be_set_flag Set the instance information of the specified backend w...

Page 190: ...ts a the component ID in a directory entry Syntax include slapi plugin h typedef struct slapi_componentid Slapi_ComponentId Description Slapi_ComponentId is the data type for an opaque structure that...

Page 191: ...ld write a function of this type See Also slapi_compute_output_t slapi_compute_output_t Represents a prototype for an output function for contributed attributes Syntax include slapi plugin h typedef i...

Page 192: ..._callback_t function you need to call this slapi_compute_output_t function For example static int my_compute_callback computed_attr_context c char type Slapi_Entry e slapi_compute_output_t outputfn in...

Page 193: ...y entry Syntax include slapi plugin h typedef struct slapi_condvar Slapi_CondVar Description Slapi_CondVar is the data type for an opaque structure that represents a synchronization lock in the server...

Page 194: ...nsitive slapi_dn_ignore_case Determine if a DN is equal to a specified suffix slapi_dn_issuffix Determine if a DN is the parent of a specific DN slapi_dn_isparent Specify a distinguished name is a roo...

Page 195: ...summarizes the front end API functions that you can call to work with entries Get the DN of the parent of an entry slapi_dn_parent Add an RDN to a DN slapi_dn_plus_rdn To do this Call this function Ge...

Page 196: ...slapi_entry_attr_get_uint Get the first value as an unsigned long slapi_entry_attr_get_ulong Check if an attribute in an entry contains a value slapi_entry_attr_has_syntax_value Adds an array to the a...

Page 197: ...ntry has child entries slapi_entry_has_children Initializes the values of an entry slapi_entry_init Adds an array of data values to an attribute in an entry slapi_entry_merge_values_sv Find the next a...

Page 198: ...lapi_filter_get_choice Get the attribute type and value used for comparison in a filter only applicable to LDAP_FILTER_EQUALITY LDAP_FILTER_GE LDAP_FILTER_LE and LDAP_FILTER_APPROX searches slapi_filt...

Page 199: ...tion Compare two berval structures to determine if they are equal slapi_berval_cmp Call the indexer function associated with an extensible match filter slapi_mr_filter_index Free the specified matchin...

Page 200: ...nothing slapi_matchingrule_unregister To do this Call this function Add a value to a Slapi_Mod structure slapi_mod_add_value Free internals of Slapi_Mod structure slapi_mod_done Dump the contents of a...

Page 201: ...ttribute type of a Slapi_Mod structure slapi_mod_get_type Initialize a Slapi_Mod structure slapi_mod_init Initialize a Slapi_Mod structure that is a wrapper for an existing LDAPMod slapi_mod_init_byre...

Page 202: ...dbvps Append a new mod to a Slapi_Mods structure with attribute values provided as an array of Slapi_Value slapi_mods_add_mod_values Append a new mod to Slapi_Mods structure with a single attribute va...

Page 203: ...pi_Mods that is a wrapper for an existing array of LDAPMod slapi_mods_init_byref Initialize a Slapi_Mods structure from an array of LDAPMod slapi_mods_init_passin Insert an LDAPMod into a Slapi_Mods s...

Page 204: ...tax include slapi plugin h typedef struct op Slapi_Operation Description Slapi_Operation is the data type for an opaque structure that represents an operation pending from an LDAP client The following...

Page 205: ...the Slapi_PBlock structure You can call slapi_pblock_get to get the DN and credentials of the client requesting authentication For plug in initialization functions you can use the Slapi_PBlock structu...

Page 206: ...block to modify a directory entry slapi_modify_internal_pb Set up a parameter block so that it can be used by slapi_modify_internal_pb for an internal modify operation slapi_modify_internal_set_pb Pe...

Page 207: ...ess operation slapi_seq_internal_callback_pb Set up a parameter block for use by slapi_seq_internal_callbac k_pb for an internal sequential access operation slapi_seq_internal_set_pb spd_id Unique ide...

Page 208: ...ntax include slapi plugin h typedef struct slapi_rdn Slapi_RDN Description Slapi_RDN is the data type for an opaque structure that represents a relative distinguished name in the server plug in The fo...

Page 209: ...ture with an RDN value slapi_rdn_init_rdn Initialize a Slapi_RDN structure with an RDN value taken from the DN contained in a given Slapi_RDN slapi_rdn_init_sdn Check if an RDN value is stored in a Sl...

Page 210: ...ng a good way to unambiguously refer to an entry in a distributed replicated environment Slapi_Value Represents the value of the attribute in a directory entry Syntax include slapi plugin h typedef st...

Page 211: ...ted slapi_value_get_string Convert the value into an unsigned integer slapi_value_get_uint Convert the value into an unsigned long slapi_value_get_ulong Initialize a Slapi_Value structure with no valu...

Page 212: ...work with sets of Slapi_Value Allocate anew Slapi_Value from another Slapi_Value structure slapi_value_new_value Set the value slapi_value_set Copy the value from a berval structure into a Slapi_Valu...

Page 213: ...alueset_first_value Free the specified Slapi_ValueSet structure and its members from memory slapi_valueset_free Reset a Slapi_ValueSet structure to no values slapi_valueset_init Allocate a new Slapi_V...

Page 214: ...Summary of Data Types and Structures 214 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 215: ...for Setting Internal Operation Flags Functions for Handling Attributes Functions for Managing Backend Operations Functions for Dealing with Controls Functions for Syntax Plug In Functions for Managin...

Page 216: ...ctions for Handling Valueset Functions Specific to Virtual Attribute Service Functions for Managing Locks and Synchronization Functions for Managing Computed Attributes Functions for Manipulating Bits...

Page 217: ...ckend distribution is the capability to span the LDAP subtree contents under a specified DIT node into multiple backends in the same server and or database links to other servers Under such a configur...

Page 218: ...Control Routines Function Description slapi_access_allowed Determines if a user who is requesting the current operation has the access rights to perform an operation on a given entry attribute or valu...

Page 219: ...AD Permission to read a specified attribute SLAPI_ACL_SEARCH Permission to search on a specified attribute or value SLAPI_ACL_WRITE Permission to write a specified attribute or value or permission to...

Page 220: ...n is stored If for some reason the function cannot determine which operation is being requested the function returns LDAP_OPERATIONS_ERROR If no connection to a client exists in other words if the req...

Page 221: ...the following values LDAP_SUCCESS if the user has write permission to the values in the specified attributes LDAP_INSUFFICIENT_ACCESS if the user does not have write permission to the values of the sp...

Page 222: ...ified in the LDAPMod array the function determines if the user has permissions to write to that value Essentially the function calls slapi_access_allowed with SLAPI_ACL_WRITE as the access right to ch...

Page 223: ...entry are valid Syntax include slapi plugin h int slapi_acl_verify_aci_syntax Slapi_Entry e char errbuf Parameters This function takes the following parameters Returns This function returns one of the...

Page 224: ...ters This function takes the following parameter Table 15 3 Internal Operations and Plug In Callback Routines Function Description slapi_add_internal_pb Performs an LDAP add operation based on a param...

Page 225: ...pb or slapi_add_entry_internal_set_pb Memory Concerns None of the parameters that are passed slapi_add_internal_set_pb are altered or consumed by this function The entry parameter that is passed to sl...

Page 226: ...initialized by calling slapi_delete_internal_set_pb Memory Concerns None of the parameters that are passed to slapi_delete_internal_set_pb are altered or consumed by this function slapi_free_search_re...

Page 227: ...ULT field of the parameter block should be consulted to determine the precise LDAP result code Description This function performs an internal modify operation based on a parameter block The parameter...

Page 228: ...ternal_set_pb Memory Concerns None of the parameters that are passed to slapi_modrdn_internal_set_pb are altered or consumed by this function slapi_search_internal_callback_pb Performs an LDAP search...

Page 229: ...client This function must have the prototype specified by plugin_result_callback You specify this function in the prc argument of slapi_search_internal_callback_pb You can write a callback function t...

Page 230: ...tries passed to the search entry callback function do not need to be freed If you need to access an entry after returning from the callback function call slapi_entry_dup to make a copy The referral UR...

Page 231: ...entry should be freed by calling slapi_entry_free See Also slapi_search_internal_pb slapi_entry_free slapi_search_internal_pb Performs an LDAP search operation based on a parameter block to search the...

Page 232: ...outines for setting internal operation flags Table 15 4 Internal Operation Flag Routines Function Description slapi_add_entry_internal_set_pb Sets up a parameter block so that it can be used by slapi_...

Page 233: ...or an internal sequential access operation pb Parameter block populated with add parameters e Entry to be added controls List of controls associated with the operation plugin_identity Plug in identity...

Page 234: ...slapi_add_entry_internal_set_pb except that it constructs the entry from a DN and a set of attributes The function sets pblock to contain the following data pb Parameter block populated with add param...

Page 235: ...clude slapi plugin h void slapi_delete_internal_set_pb Slapi_PBlock pb const char dn LDAPControl controls const char uniqueid Slapi_ComponentId plugin_identity int operation_flags Parameters This func...

Page 236: ...al_pb for an internal modify operation Syntax include slapi plugin h void slapi_modify_internal_set_pb Slapi_PBlock pb const char dn LDAPMod mods LDAPControl controls const char uniqueid Slapi_Compone...

Page 237: ...mods Modifications to be applied to the entry controls List of controls associated with the operation uniqueid Unique identifier of the entry to be modified All directory entries contain a unique ide...

Page 238: ...ly deloldrdn Specifies whether the old RDN should be removed or left as a non DN attribute controls List of controls associated with the operation uniqueid Unique identifier of the entry to be renamed...

Page 239: ...o request controls if present For DN based search SLAPI_TARGET_DN set to the entry DN SLAPI_MODRDN_NEWRDN set to the new RDN of the entry SLAPI_MODRDN_DELOLDRDN indicates whether the old RDN should be...

Page 240: ...identifier of the entry Non NULL value indicates unique ID based search In this case scope and filter are ignored however base is still required and is used to select the correct backend All directory...

Page 241: ...esult_callback res_callback plugin_search_entry_callback srch_callback plugin_referral_entry_callback ref_callback Parameters This function takes the following parameters Description This function per...

Page 242: ...llowing parameters Description This function sets up pblock for use by slapi_seq_internal_callback_pb for an internal sequential access operation the function sets up the parameter block contain the f...

Page 243: ...tr_get_oid_copy Searches for an attribute type and gives its OID string slapi_attr_get_type Gets the name of the attribute type slapi_attr_get_valueset Copies attribute values into a valueset slapi_at...

Page 244: ...s This function always returns 0 See Also slapi_attr_first_value slapi_attr_next_value slapi_attr_get_numvalues slapi_attr_value_cmp slapi_attr_value_find slapi_attr_basetype Returns the base type of...

Page 245: ...e and returns a pointer to it Description This function returns the base type of an attribute for example if given cn lang jp returns cn Memory Concerns You should free the returned base type when don...

Page 246: ...copy of an attribute Memory Concerns You must free the returned attribute using slapi_attr_free See Also slapi_attr_new slapi_attr_init slapi_attr_free slapi_attr_first_value Gets the first value of...

Page 247: ...articular attribute These flags can identify an attribute as a single valued attribute an operational attribute or as a read only attribute Syntax include slapi plugin h int slapi_attr_flag_is_set Sla...

Page 248: ...n attribute as a single valued attribute an operational attribute or as a read only attribute See Also slapi_attr_get_flags slapi_attr_free Frees an attribute Syntax include slapi plugin h void slapi_...

Page 249: ...of berval structure pointers Memory Concerns You should free this array using ber_bvecfree from the LDAP SDK for C slapi_attr_get_flags Gets the flags associated with the specified attribute These fla...

Page 250: ...alues Puts the count of values of an attribute into a provided integer Syntax include slapi plugin h int slapi_attr_get_numvalues const Slapi_Attr a int numValues Parameters This function takes the fo...

Page 251: ...es for an attribute type and returns a copy of its OID string Syntax include slapi plugin h int slapi_attr_get_oid_copy const Slapi_Attr attr char oidp Parameters This function takes the following par...

Page 252: ...plugin h int slapi_attr_get_type Slapi_Attr attr char type Parameters This function takes the following parameters Returns This function returns 0 if successful See Also slapi_attr_type2plugin slapi_a...

Page 253: ...slapi_valueset_new slapi_valueset_free slapi_valueset_init slapi_valueset_done slapi_valueset_add_value slapi_valueset_first_value slapi_valueset_next_value slapi_valueset_count slapi_attr_init Initi...

Page 254: ...e type See Also slapi_attr_new slapi_attr_free slapi_attr_dup slapi_attr_new Creates a new attribute Syntax include slapi plugin h Slapi_Attr slapi_attr_new void Parameters This function takes the no...

Page 255: ...is found 1 if NULL or if a value at hint is not found Description Use this function to get the next value of an attribute The value of an attribute associated with an index is placed into a value This...

Page 256: ...pecified Slapi_ValueSet structure the valueset in Slapi_Attr will be vs not a copy See Also slapi_valueset_set_valueset slapi_attr_syntax_normalize Searches for an attribute type in the syntaxes and r...

Page 257: ...slapi_attr_type2plugin Gets a pointer to information about the syntax plug in responsible for handling the specified attribute type Syntax include slapi plugin h int slapi_attr_type2plugin char type...

Page 258: ...ype names are equal A non zero value if the type names are not equal See Also slapi_attr_type2plugin t1 Name of the first attribute type that you want to compare t2 Name of the second attribute type t...

Page 259: ...This function takes the following parameters Returns This function returns one of the following values 1 if t1 and t2 represent the same attribute 0 if t1 and t2 do not represent the same attribute Se...

Page 260: ...value slapi_attr_first_value slapi_attr_next_value slapi_attr_get_numvalues slapi_attr_value_find slapi_attr_value_find Determines is an attribute contains a given value Syntax include slapi plugin h...

Page 261: ...api_attr_first_value slapi_attr_next_value slapi_attr_get_numvalues slapi_attr_value_cmp slapi_valueset_set_from_smod Adds the changes in a modification to a valueset Syntax include slapi plugin h voi...

Page 262: ...that contains the specified DN exists slapi_be_free Frees memory and linked resources from the backend structure slapi_be_get_instance_info Gets the instance information of the specified backend slapi...

Page 263: ...backend slapi_be_set_instance_info Sets the instance information of the specified backend with given data slapi_be_set_readonly Sets a flag to denote that the backend is meant to be read only slapi_b...

Page 264: ...be_exist Checks if the backend that contains the specified DN exists Syntax include slapi plugin h int slapi_be_exist const Slapi_DN sdn Parameters This function takes the following parameter Returns...

Page 265: ...ance information of the specified backend Syntax include slapi plugin h void slapi_be_get_instance_info Slapi_Backend be Parameters This function takes the following parameter Returns This function re...

Page 266: ...ith the backend is in read only mode Syntax include slapi plugin h int slapi_be_get_readonly Slapi_Backend be Parameters This function takes the following parameter Returns This function returns one o...

Page 267: ...th the specified backend Syntax include slapi plugin h const Slapi_DN slapi_be_getsuffix Slapi_Backend be int n Parameters This function takes the following parameters Returns This function returns th...

Page 268: ...rned Memory Concerns You should not free the returned pointer slapi_be_gettype Returns the type of the backend Syntax include slapi plugin h const char slapi_be_gettype Slapi_Backend be Parameters Thi...

Page 269: ...be const Slapi_DN suffix Parameters This function takes the following parameters Returns This function returns one of the following values 0 if the suffix is not part of the specified backend 1 if th...

Page 270: ...to the specific backend should not be logged in the changelog 1 if the changes should be logged in the changelog slapi_be_new Creates a new backend structure allocates memory for it and initializes v...

Page 271: ...Returns This function returns one of the following values 0 if the backend is not hidden from the user 1 if the backend is hidden from the user for internal use only slapi_be_select Finds the backend...

Page 272: ...t_by_instance_name Find the backend used to service the database Syntax include slapi plugin h Slapi_Backend slapi_be_select_by_instance_name const char name Parameters This function takes the followi...

Page 273: ...o Sets the instance information of the specified backend with given data Syntax include slapi plugin h void slapi_be_set_instance_info Slapi_Backend be void data Parameters This function takes the fol...

Page 274: ...be_setentrypoint Slapi_Backend be int entrypoint void ret_fnptr Slapi_PBlock pb Parameters This function takes the following parameters Returns This function returns 0 if successful 1 otherwise slapi_...

Page 275: ...ion returns a pointer to the backend structure of the first backend If you wish to iterate through all of the backends use this function in conjunction with slapi_get_next_backend For example Slapi_Ba...

Page 276: ...eturns the first root suffix of the DIT If you wish to iterate through all of the suffixes use this function in conjunction with slapi_get_next_suffix For example void node NULL Slapi_DN suffix slapi_...

Page 277: ...cription This function returns a pointer to the next backend If you wish to iterate through all of the backends use this function in conjunction with slapi_get_first_backend For example Slapi_Backend...

Page 278: ...NULL if there are more suffixes to parse Description This function returns the DN of the next root suffix of the DIT If you wish to iterate through all of the suffixes use this function in conjunction...

Page 279: ...1 if the DN is a root suffix slapi_register_backend_state_change Registers for callback when a backend state changes Syntax include slapi plugin h void slapi_register_backend_state_change void handle...

Page 280: ...ter the callback See Also slapi_unregister_backend_state_change slapi_unregister_backend_state_change Unregisters backend state change callback Syntax include slapi plugin h int slapi_unregister_backe...

Page 281: ...on a struct berval an OID and a criticality flag slapi_control_present Determines whether or not the specified object identification OID identifies a control that is present in a list of controls sla...

Page 282: ...is returned in ctrlp should be freed by calling ldap_control_free which is an LDAP API function see the Netscape LDAP SDK for C Programmer s Guide See Also slapi_build_control_from_berval slapi_build...

Page 283: ...s been made The LDAPControl pointer that is returned in ctrlp should be freed by calling ldap_control_free which is an LDAP API function see the Netscape LDAP SDK for C Programmer s Guide See Also sla...

Page 284: ...ed_control slapi_dup_control Makes an allocated copy of an LDAPControl Syntax include slapi plugin h LDAPControl slapi_dup_control LDAPControl ctrl Parameters This function takes the following paramet...

Page 285: ...Also ldap_control_free slapi_get_supported_controls_copy Retrieves an allocated array of object identifiers OIDs representing the controls supported by the Directory Server You can register new contro...

Page 286: ...s_copy For each OID returned in the ctrloidsp array the corresponding array element with the same index in the ctrlopsp array identifies the operations that support the control For a list of the possi...

Page 287: ...rch operation SLAPI_OPERATION_MODIFY The specified control applies to the LDAP modify operation SLAPI_OPERATION_ADD The specified control applies to the LDAP add operation SLAPI_OPERATION_DELETE The s...

Page 288: ...include slapi plugin h int slapi_call_syntax_assertion2keys_ava_sv void vpi Slapi_Value val Slapi_Value ivals int ftype Parameters This function takes the following parameters Table 15 8 Syntax Plug...

Page 289: ...unction invoked by this function is responsible for comparing the value specified by val against the actual values of the attributes in the directory entries The syntax plug in function returns a list...

Page 290: ...The syntax plug in function invoked by this function is responsible for comparing the values specified by initial any and final against the actual values of the attributes in the directory entries The...

Page 291: ...rresponding function for the specified plug in is not found Description When adding or removing values from an index the Directory Server calls the function defined in the specified syntax plug in res...

Page 292: ...h_array_free Frees an existing array slapi_ch_bvdup Makes a copy of an existing berval structure slapi_ch_bvecdup Makes a copy of an array of existing berval structures slapi_ch_calloc Allocates space...

Page 293: ...mory Concerns The contents of the v parameter are not altered by this function The returned berval structure should be freed by calling ber_bvfree which is an LDAP API function see the Netscape LDAP S...

Page 294: ...up ber_bvfree slapi_ch_calloc Allocates space for an array of a number of elements of a specified size Syntax include slapi plugin h char slapi_ch_calloc unsigned long nelem unsigned long size Paramet...

Page 295: ...clude slapi plugin h void slapi_ch_free void ptr Parameters This function takes the following parameters Memory Concerns The ptr passed to slapi_ch_free should be the address of a pointer that was all...

Page 296: ...alloc Allocates space in memory Syntax include slapi plugin h char slapi_ch_malloc unsigned long size Parameters This function takes the following parameters Returns This function returns a pointer to...

Page 297: ...r to the reallocated space of memory If space cannot be allocated for example if no more virtual memory exists the slapd program terminates Memory Concerns This function terminates the slapd server wi...

Page 298: ...nter to a copy of the string If space cannot be allocated for example if no more virtual memory exists the slapd program terminates Memory Concerns This function terminates the slapd server with an ou...

Page 299: ...lapi_dn_ignore_case Converts all characters in a DN to lowercase slapi_dn_isbesuffix Determines if the a DN is the suffix of the local database slapi_dn_isparent Determines if a DN is the parent of a...

Page 300: ...ll characters in a distinguished name DN to lowercase Syntax include slapi plugin h char slapi_dn_ignore_case char dn Parameters This function takes the following parameters Returns The DN with lowerc...

Page 301: ...al database See Also slapi_dn_isroot slapi_dn_isparent Determines whether or not a particular DN is the parent of another specified DN Before calling this function you should call slapi_dn_normalize_c...

Page 302: ...root DN for this local database Before calling this function you should call slapi_dn_normalize_case to normalize the DN and convert all characters to lowercase Syntax include slapi plugin h int slap...

Page 303: ...n const char suffix Parameters This function takes the following parameters Returns This function returns one of the following values 1 if the specified DN is the same as the specified suffix 0 if the...

Page 304: ...normalize_case Converts a distinguished name DN to canonical format and converts all characters to lowercase Calling this function has the same effect as calling the slapi_dn_normalize function follow...

Page 305: ...de slapi plugin h char slapi_dn_normalize_to_end char dn char end Parameters This function takes the following parameters Returns This function returns a pointer to the end of the dn that has been nor...

Page 306: ...ion returns one of the following values The DN of the parent entry Null if the specified DN is NULL if the DN is an empty string or if the DN has no parent for example o example com See Also slapi_dn_...

Page 307: ...ype struct berval bv Parameters This function takes the following parameters Returns This function returns the new RDN value as a berval value in bv This function can be used for creating the RDN as a...

Page 308: ...te of an entry slapi_entry_attr_get_int Gets the first value as an integer slapi_entry_attr_get_long Gets the first value as a long slapi_entry_attr_get_uint Gets the first value as an unsigned intege...

Page 309: ...slapi_entry_has_children Determines if the specified entry has child entries slapi_entry_init Initializes the values of an entry slapi_entry_merge_values_sv Adds an array of data values to an attribu...

Page 310: ...n Jane Doe sn Doe To convert a string description in LDIF format to an entry of the Slapi_Entry data type call the slapi_str2entry function Memory Concerns When you no longer need to use the string yo...

Page 311: ...function options An option set that specifies how you want the string converted Flag Value Description SLAPI_DUMP_STATEINFO This is only used internally by replication This allows access to the inter...

Page 312: ...s When you no longer need to use the string you should free it from memory by calling the slapi_ch_free function See Also slapi_entry2str slapi_str2entry slapi_entry_add_rdn_values Adds the components...

Page 313: ...ntry Syntax include slapi plugin h int slapi_entry_add_string Slapi_Entry e const char type const char value Parameters This function takes the following parameters Returns This function returns 0 whe...

Page 314: ...value returned signals failure Description This function adds a Slapi_Value data value to the existing attribute values in an entry If the specified attribute does not exist in the entry the attribute...

Page 315: ...s in the attribute Description This function adds an array of Slapi_Value data values to an attribute If the attribute does not exist it is created and given the value contained in the Slapi_Value arr...

Page 316: ...with the specified Slapi_ValueSet value Memory Concerns This routine makes a copy of the parameter vs vs can be NULL slapi_entry_alloc Allocates memory for a new entry of the data type Slapi_Entry Syn...

Page 317: ...ts associated values from an entry Syntax include slapi plugin h int slapi_entry_attr_delete Slapi_Entry e char type Parameters This function takes the following parameters Returns This function retur...

Page 318: ...te Memory Concerns Do not free the returned attr It is a pointer to the internal entry data structure It is usually wise to make a copy of the returned attr using slapi_attr_dup to avoid dangling poin...

Page 319: ...is value free it from memory by calling the slapi_ch_free function slapi_entry_attr_get_charray Gets the values of a multi valued attribute of an entry Syntax include slapi plugin h char slapi_entry_a...

Page 320: ...rray e someattr int ii for ii 0 ary ary ii ii char strval ary ii slapi_ch_array_free ary Returns This function returns one of the following values A copy of all the values of the attribute NULL if the...

Page 321: ...ar type Parameters This function takes the following parameters Returns This function returns one of the following values The first value in the attribute converted to a long type 0 if the entry does...

Page 322: ...h unsigned long slapi_entry_attr_get_ulong const Slapi_Entry e const char type Parameters This function takes the following parameters Returns This function returns one of the following values The fir...

Page 323: ...precated slapi_entry_attr_hasvalue function and takes into consideration the syntax of the attribute type slapi_entry_attr_merge_sv Adds an array of Slapi_Value data values to the existing attribute v...

Page 324: ...tr_merge slapi_entry_attr_replace_sv Replaces the values of an attribute with the Slapi_Value data value you specify Syntax include slapi plugin h int slapi_entry_attr_replace_sv Slapi_Entry e const c...

Page 325: ...a copy of the parameter vals vals can be NULL See Also slapi_entry_attr_replace slapi_entry_attr_set_charptr Replaces the value or values of an attribute in an entry with a specified string value Syn...

Page 326: ...y If the attribute does not exist it is created with the integer value that you specify slapi_entry_attr_set_long Replaces the value or values of an attribute in an entry with a specified long data ty...

Page 327: ...bute does not exist it is created with the unsigned integer value you specify slapi_entry_attr_set_ulong Replaces the value or values of an attribute in an entry with a specified unsigned long data ty...

Page 328: ...ring Slapi_Entry e const char type const char value Parameters This function takes the following parameters Returns This function returns 0 when successful any other value returned signals failure sla...

Page 329: ...nical Support Description This function removes an attribute value set from an entry Note that both the attribute and its Slapi_Value data values are removed from the entry If you supply a Slapi_Value...

Page 330: ...DN and attributes of this entry Memory Concerns When you are no longer using the entry free it from memory by calling the slapi_entry_free function See Also slapi_entry_alloc slapi_entry_free slapi_e...

Page 331: ...ributes from memory Syntax include slapi plugin h void slapi_entry_free Slapi_Entry e Parameters This function takes the following parameter Description Call this function to free an entry that you ha...

Page 332: ...the DN unless you plan to replace it by calling slapi_entry_set_dn Memory Concerns Use slapi_ch_free if you are replacing the DN with slapi_entry_set_dn See Also slapi_ch_free slapi_entry_set_dn slapi...

Page 333: ...ar slapi_entry_get_ndn Slapi_Entry e Parameters This function takes the following parameter Returns This function returns the normalized DN from the entry that you specify If the entry you specify doe...

Page 334: ...lue of the Slapi_DN object from the entry that you specify Syntax include slapi plugin h const Slapi_DN slapi_entry_get_sdn_const const Slapi_Entry e Parameters This function takes the following param...

Page 335: ...value of the entry specified Memory Concerns Never free this value If you need a copy use slapi_ch_strdup See Also slapi_ch_strdup slapi_entry_has_children This function determines if the specified e...

Page 336: ...tribute values of an entry Also during the course of processing the unique ID of the entry is set to NULL and the flag value is set to 0 Use this function to initialize a Slapi_Entry pointer Memory Co...

Page 337: ...to a specified attribute in an entry If the entry does not contain the attribute specified the attribute is created with the value supplied Syntax include slapi plugin h int slapi_entry_merge_values_...

Page 338: ...rminate state The present value set may be truncated rc delete_values_sv_internal e type vals 1 Ignore Errors Memory Concerns This function makes a copy of vals vals can be NULL slapi_entry_next_attr...

Page 339: ...nes if the entry has the cn attribute with the value Barbara Jensen Syntax include slapi plugin h int slapi_entry_rdn_values_present Slapi_Entry e Parameters This function takes the following paramete...

Page 340: ...required attributes if it has any attributes not allowed by the schema but does not have the object class extensibleObject or if the entry has multiple values for a single valued attribute Memory Conc...

Page 341: ...lue Note In Netscape Directory Server 3 x and 4 x the slapi_entry_set_dn call did not free the old dn See Also slapi_entry_free slapi_entry_get_dn slapi_entry_set_sdn Sets the Slapi_DN value in an ent...

Page 342: ...entry already contains a SLAPI_ATTR_UNIQUEID attribute its value is updated with the new value supplied Memory Concerns Do not free the uniqueid after calling this function The value will eventually b...

Page 343: ...metadata are not included in the size returned It is assumed that the size of the metadata et al is well enough accounted for by the rounding of the size to the next largest 1k this holds true especi...

Page 344: ...api_str2entry char s int flags Parameters This function takes the following parameters The value of the flags argument can be one of the following values dn The DN that you want to test to see if it i...

Page 345: ...nctions If an error occurred during the conversion process the function returns NULL instead of the entry When you are done working with the entry you should call the slapi_entry_free function To conv...

Page 346: ...can be set is SLAPI_ENTRY_FLAG_TOMBSTONE This flag means that the entry is a tombstone entry More flags may be exposed in future releases Do not use your own flags See Also slapi_entry_flag_is_set sl...

Page 347: ...is flag means that the entry is a tombstone entry More flags may be exposed in future releases You should not use your own flags See Also slapi_entry_clear_flag slapi_entry_set_flag slapi_entry_set_fl...

Page 348: ...pi_filter_dup Duplicates the specified filter slapi_filter_free Frees the specified filter slapi_filter_get_attribute_type Gets the attribute type for all simple filter choices slapi_filter_get_ava Ge...

Page 349: ...the entire filter slapi_find_matching_paren Finds the matching right parentheses in a string corresponding to the left parenthesis to which the string currently points slapi_str2filter Converts a str...

Page 350: ...YPE slapi_filter_compare Determines if two filters are identical Syntax include slapi plugin h int slapi_filter_compare struct slapi_filter f1 struct slapi_filter f2 Parameters This function takes the...

Page 351: ...e the set of filters in an LDAP_FILTER_AND type filter Syntax include slapi plugin h void slapi_filter_free Slapi_Filter f int recurse Parameters This function takes the following parameters Descripti...

Page 352: ...ters This function takes the following parameters Returns This function returns the attribute type of the filter Description This function gets the attribute type for all simple filter choices LDAP_FI...

Page 353: ...f the types LDAP_FILTER_EQUALITY LDAP_FILTER_GE LDAP_FILTER_LE LDAP_FILTER_APPROX Gets the attribute type and the value from the filter Syntax include slapi plugin h int slapi_filter_get_ava Slapi_Fil...

Page 354: ...erns The strings within the parameters type and bval are direct pointers to memory inside the Slapi_Filter and therefore should not be freed after usage They will be freed when a server entity calls s...

Page 355: ...ent LDAP_FILTER_GE greater than or equal to filter For example supportedLDAPVersion 3 LDAP_FILTER_LE less than or equal to filter For example supportedLDAPVersion 2 LDAP_FILTER_PRESENT presence filter...

Page 356: ...r finds entries in which the value of the cn attribute starts with John contains Q and ends with Public Call this function to get these substring values as well as the attribute type from this filter...

Page 357: ...LTER_PRESENT generally determine if a specified attribute is assigned a value For example mail This filter finds entries that have a value assigned to the mail attribute Call this function to get the...

Page 358: ...filters Description Filters of the type LDAP_FILTER_AND LDAP_FILTER_OR and LDAP_FILTER_NOT generally consist of one or more other filters For example ou Accounting l Sunnyvale ou Accounting l Sunnyva...

Page 359: ...akes the following parameters Returns This function returns the new filter constructed from the other two filters Description Filters of the type LDAP_FILTER_AND LDAP_FILTER_OR and LDAP_FILTER_NOT gen...

Page 360: ...ecified filter Syntax include slapi plugin h Slapi_Filter slapi_filter_list_first Slapi_Filter f Parameters This function takes the following parameters Returns This function returns the first filter...

Page 361: ...rev Parameters This function takes the following parameters Returns This function returns the next filter after fprev that makes up the specified filter f Description To iterate through all filters th...

Page 362: ...pb Slapi_Entry e Slapi_Filter f int verify_access Parameters This function takes the following parameters Returns This function returns one of the following values 0 if the entry matched the filter o...

Page 363: ...the entry does not match the filter A positive value an LDAP error code if an error occurred or if the current user does not have access rights to search the specified entry Description This function...

Page 364: ...fied filter is NULL 1 if the filter type is unknown or if the entry does not match the filter A positive value an LDAP error code if an error occurred Description This function allows you to check if...

Page 365: ...This function takes the following parameters Returns This function returns one of the following values A pointer to the Slapi_Filter structure representing the search filter NULL if the string cannot...

Page 366: ...nteger greater than zero if an error occurs Description This function supports the case where the filter specifies virtual attributes Performance for a real attribute only filter is the same as that f...

Page 367: ...orted by the server Description This function replaces the deprecated slapi_get_supported_extended_ops function from earlier releases as slapi_get_supported_extended_ops was not multi thread safe This...

Page 368: ...r slapi_get_supported_saslmechanisms_copy void Returns This function returns a pointer to an array of the names of SASL mechanisms supported by the server slapi_register_supported_saslmechanism Regist...

Page 369: ...r thread safe LDAP connections slapi_ldap_init Initializes an LDAP session with another LDAP server Syntax include slapi plugin h LDAP slapi_ldap_init char ldaphost int ldapport int secure int shared...

Page 370: ...earch and the error code of the last LDAP operation performed You can specify a list of LDAP servers that you want to attempt to connect to Your client will attempt to connect to the first LDAP server...

Page 371: ...with the session As the slapi_ldap_init function returns a regular LDAP you can use the LDAP C SDK connect timeout feature for plug ins That is when connecting to an external LDAP server from a plug...

Page 372: ...ry SDK Functions for Logging This section contains reference information on logging routines slapi_log_error Writes a message to the error log for the Directory Server By default the error log file is...

Page 373: ...system_name message fmt Message that you want written This message can be in printf style format For example s n myString SLAPI_LOG_FATAL Always written to the error log This severity level indicates...

Page 374: ...the Log Level setting Access control list processing is selected SLAPI_LOG_SHELL Written to the error log if the Log Level setting Log communications with shell back ends is selected SLAPI_LOG_PARSE W...

Page 375: ...hey are equal Table 15 18 Matching Rule Routines Function Description slapi_berval_cmp Compares two berval structures to determine if they are equal slapi_matchingrule_free Frees the specified matchin...

Page 376: ...value if L is greater than R slapi_matchingrule_free Frees the specified matching rule structure and optionally its members from memory Syntax include slapi plugin h void slapi_matchingrule_free Slap...

Page 377: ...nction takes the following parameters The arg argument can have one of the following values mr Slapi_MatchingRuleEntry structure that you want to get data from arg ID specifying the type of informatio...

Page 378: ...atchingRuleEntry structure Syntax include slapi plugin h Slapi_MatchingRuleEntry slapi_matchingrule_new Returns This function returns one of the following values A new Slapi_MatchingRuleEntry structur...

Page 379: ...its values call the slapi_matchingrule_new function and the slapi_matchingrule_set function slapi_matchingrule_set Sets information about the matching rule Syntax include slapi plugin h int slapi_mat...

Page 380: ...pi_matchingrule_unregister Placeholder for future function Currently this function does nothing Syntax include slapi plugin h int slapi_matchingrule_unregister char oid slapi_mr_filter_index Calls the...

Page 381: ...values from the extensible match filter SLAPI_PLUGIN_OBJECT should contain information that you want to pass to the indexer function The indexer function should set the SLAPI_PLUGIN_MR_KEYS parameter...

Page 382: ...You can pass information to the indexer factory function by using the following parameters SLAPI_PLUGIN_MR_OID should contain the OID of the matching rule that you want used for indexing or sorting SL...

Page 383: ...ents of an LDAPMod to the server log slapi_mod_free Frees a Slapi_Mod structure slapi_mod_get_first_value Initializes a Slapi_Mod iterator and returns the first attribute value slapi_mod_get_ldapmod_b...

Page 384: ...to Slapi_Mods structure with a single attribute value provided as a string slapi_mods_done Frees internals of a Slapi_Mods structure slapi_mods_dump Dumps the contents of a Slapi_Mods structure to th...

Page 385: ...APMod anywhere in a Slapi_Mods slapi_mods_insert_before Inserts an LDAPMod into a Slapi_Mods structure before the current iterator position slapi_mods_insert_smod_at Inserts an smod anywhere in a Slap...

Page 386: ...re Syntax include slapi plugin h void slapi_mod_add_value Slapi_Mod smod const struct berval val Parameters This function takes the following parameters Description Adds a copy of a given attribute to...

Page 387: ...init slapi_mod_init_byval slapi_mod_init_byref slapi_mod_init_passin slapi_mod_dump Dumps the contents of an LDAPMod to the server log Syntax include slapi plugin h void slapi_mod_dump LDAPMod mod int...

Page 388: ..._get_first_value Initializes a Slapi_Mod iterator and returns the first attribute value Syntax include slapi plugin h struct berval slapi_mod_get_first_value Slapi_Mod smod Parameters This function ta...

Page 389: ...llowing parameter Returns This function returns a pointer to a read only LDAPMod owned by the Slapi_Mod Description Use this function to get direct access to the LDAPMod contained in a Slapi_Mod Memor...

Page 390: ...PMod transfers to the caller The Slapi_Mod is left in the uninitialized state See Also slapi_mod_get_ldapmod_byref slapi_mod_get_next_value Increments the Slapi_Mod iterator and return the next attrib...

Page 391: ...tax include slapi plugin h int slapi_mod_get_num_values const Slapi_Mod smod Parameters This function takes the following parameter Returns This function returns the number of attribute values in the...

Page 392: ...ribute type of a Slapi_Mod structure Syntax include slapi plugin h const char slapi_mod_get_type const Slapi_Mod smod Parameters This function takes the following parameter Returns This function retur...

Page 393: ...lapi_Mod expands as necessary See Also slapi_mod_done slapi_mod_init_byval slapi_mod_init_byref slapi_mod_init_passin slapi_mod_init_byref Initializes a Slapi_Mod structure that is a wrapper for an ex...

Page 394: ...so slapi_mod_done slapi_mod_init slapi_mod_init_byval slapi_mod_init_passin slapi_mod_init_byval Initializes a Slapi_Mod structure with a copy of an LDAPMod Syntax include slapi plugin h void slapi_mo...

Page 395: ...to a Slapi_Mod Memory Concerns Responsibility for the LDAPMod is transferred to the Slapi_Mod The LDAPMod is destroyed when the Slapi_Mod is destroyed See Also slapi_mod_done slapi_mod_init slapi_mod_...

Page 396: ...ribute type is not NULL and there is at least one attribute value for add and replace operations slapi_mod_new Allocates a new Slapi_Mod structure Syntax include slapi plugin h Slapi_Mod slapi_mod_new...

Page 397: ...h void slapi_mod_set_operation Slapi_Mod smod int op Parameters This function takes the following parameters See Also slapi_mod_get_operation slapi_mod_set_type Sets the attribute type of a Slapi_Mod...

Page 398: ...f LDAPMod Syntax include slapi plugin h int slapi_mods2entry Slapi_Entry e const char dn LDAPMod attrs Parameters This function takes the following parameters Returns This function returns one of the...

Page 399: ...val Parameters This function takes the following parameters Description This function appends a new mod with a single attribute value to a Slapi_Mods The mod is constructed from copies of the values o...

Page 400: ...ameters Description Appends an LDAPMod to a Slapi_Mods Memory Concerns Responsibility for the LDAPMod is transferred to the Slapi_Mods This function must not be used on a Slapi_Mods initialized with s...

Page 401: ...ribute values to hand as an array of Slapi_Value Memory Concerns This function must not be used on a Slapi_Mods initialized with slapi_mods_init_byref See Also slapi_mods_add slapi_mods_add_smod slapi...

Page 402: ...i_Mods structure Memory Concerns This function must not be used on a Slapi_Mods initialized with slapi_mods_init_byref See Also slapi_mods_insert_at slapi_mods_add slapi_mods_add_mod_values slapi_mods...

Page 403: ...with slapi_mods_init_byref See Also slapi_mods_add slapi_mods_add_ldapmod slapi_mods_add_mod_values slapi_mods_add_string slapi_mods_add_string Appends a new mod to Slapi_Mods structure with a single...

Page 404: ...nitialized with slapi_mods_init_byref See Also slapi_mods_add slapi_mods_add_ldapmod slapi_mods_add_modbvps slapi_mods_add_mod_values slapi_mods_done Frees internals of a Slapi_Mods structure Syntax i...

Page 405: ...in slapi_mods_dump Dumps the contents of a Slapi_Mods structure to the server log Syntax include slapi plugin h void slapi_mods_dump const Slapi_Mods smods const char text Parameters This function tak...

Page 406: ...ated by slapi_mods_new See Also slapi_mods_new slapi_mods_get_first_mod Initializes a Slapi_Mods iterator and returns the first LDAPMod Syntax include slapi plugin h LDAPMod slapi_mods_get_first_mod S...

Page 407: ...pi_Mod wrapping the first mod NULL if no mod exist Description Use this function in conjunction with slapi_mods_get_next_smod to iterate through the mods in a Slapi_Mods using a Slapi_Mods wrapper Mem...

Page 408: ...n a Slapi_Mods Memory Concerns Responsibility for the array remains with the Slapi_Mods See Also slapi_mods_get_ldapmods_passout slapi_mods_get_ldapmods_passout Retrieves the array of LDAPMod containe...

Page 409: ...Slapi_Mods smods Parameters This function takes the following parameter Returns This function returns a pointer to the next LDAPMod or NULL if there are no more Description Use this function in conju...

Page 410: ...onjunction with slapi_mods_get_first_smod to iterate through the mods in a Slapi_Mods using a Slapi_Mods wrapper Memory Concerns Only one thread may be iterating through a particular Slapi_Mods at any...

Page 411: ..._Mods so that it is empty but initially has room for the given number of mods Memory Concerns If you are unsure of how much room you will need you may use an initCount of 0 The Slapi_Mods expands as n...

Page 412: ...t insert new mods in a Slapi_Mods that has been initialized by reference See Also slapi_mods_done slapi_mods_init_passin Initializes a Slapi_Mods structure from an array of LDAPMod Syntax include slap...

Page 413: ...api_Mods smods LDAPMod mod Parameters This function takes the following parameters Description This function inserts an LDAPMod in a Slapi_Mods immediately after the current position of the Slapi_Mods...

Page 414: ...ified position are moved up by one and the given position refers to the newly inserted mod Shifts everything down to make room to insert the new mod Memory Concerns Responsibility for the LDAPMod is t...

Page 415: ...api_mods_init_byref See Also slapi_mods_get_first_mod slapi_mods_get_next_mod slapi_mods_insert_smod_at Inserts an smod at position pos in a Slapi_Mods structure Syntax include slapi plugin h void sla...

Page 416: ...pi_Mods See Also slapi_mods_insert_at slapi_mods_add_ldapmod adds to the end of all mods slapi_mods_insert_smod_before Inserts an smod before a Slapi_Mods structure Syntax include slapi plugin h void...

Page 417: ...ackone Slapi_Mods smods Parameters This function takes the following parameter Description This function moves the iterator back one position See Also slapi_mods_get_first_mod slapi_mods_get_next_mod...

Page 418: ...ods allocated from the heap rather than from the stack See Also slapi_mods_free slapi_mods_remove Removes the mod at the current Slapi_Mods iterator position Syntax include slapi plugin h void slapi_m...

Page 419: ...following parameters Description This function allows you to verify if the operation associated to the pblock in the parameter has been abandoned This function is useful to periodically check the oper...

Page 420: ..._Operation structure can be extracted from a pblock structure using slapi_pblock_get with the SLAPI_OPERATION parameter For example slapi_pblock_get pb SLAPI_OPERATION op Returns This function returns...

Page 421: ...e of this function with pblocks allocated on the stack for example Slapi_PBlock pb or using another memory allocator is not supported and may lead to memory errors and memory leaks For example Slapi_P...

Page 422: ...lapi_pblock_new slapi_pblock_get Gets the value of a name value pair from a parameter block Syntax include slapi plugin h int slapi_pblock_get Slapi_PBlock pb int arg void value Parameters This functi...

Page 423: ...lly be freed internally or through the call to slapi_pblock_destroy The exception is if the value is explicitly set by the caller through slapi_pblock_set In this case the caller is responsible for me...

Page 424: ...i_pblock_destroy The use of other memory deallocators for example free is not supported and may lead to crashes or memory leaks slapi_pblock_set Sets the value of a name value pair in a parameter bloc...

Page 425: ...t pb SLAPI_TARGET_DN target_dn OR slapi_pblock_set pb SLAPI_TARGET_DN NULL With some compilers you will have to cast the value argument to void If the caller allocates the memory passed in the caller...

Page 426: ...nd in vals A non zero value if the password v was not found in vals Table 15 22 Password Handling Routines Function Description slapi_pw_find_sv Determines whether or not a specified password matches...

Page 427: ...e This function determines which password scheme was used to store the password and uses the appropriate comparison function to compare a given value against the encoded values of the userpassword att...

Page 428: ...or occurs for example if no matching algorithm is found See Also slapi_pw_find_sv slapi_is_encoded Functions for Managing RDN This section contains reference information on RDN routines value The valu...

Page 429: ...pairs slapi_rdn_get_rdn Gets the RDN from a Slapi_RDN structure slapi_rdn_get_nrdn Not implemented do not use Gets the normalized RDN from a Slapi_RDN structure slapi_rdn_init Gets the next RDN from...

Page 430: ...lags which means that the RDN array within the Slapi_RDN structure is no longer current with the new RDN slapi_rdn_remove_attr Removes an RDN type value pair from a Slapi_RDN structure slapi_rdn_remov...

Page 431: ...s 0 if rdn1 and rdn2 have the same RDN components 1 if they do not have the same components Description This function compares rdn1 and rdn2 For rdn1 and rdn2 to be considered equal RDNs their compone...

Page 432: ...o slapi_rdn_get_index and verifies that the returned value is anything but 1 See Also slapi_rdn_get_index slapi_rdn_contains_attr slapi_rdn_contains_attr Checks whether a Slapi_RDN structure contains...

Page 433: ...ul it also returns the corresponding attribute value See Also slapi_rdn_get_index_attr slapi_rdn_contains slapi_rdn_done Clears an instance of a Slapi_RDN structure Syntax include slapi plugin h void...

Page 434: ...include slapi plugin h void slapi_rdn_free Slapi_RDN rdn Parameters This function takes the following parameter Description This function frees both the contents of the Slapi_RDN structure and the st...

Page 435: ...meter and Joey in value See Also slapi_rdn_get_next slapi_rdn_get_rdn slapi_rdn_get_index Gets the index of the RDN that follows the RDN with a given type and value Syntax include slapi plugin h int s...

Page 436: ...ches both type and value as given in the parameters If it succeeds the position of the matching RDN is returned See Also slapi_rdn_get_index_attr slapi_rdn_contains slapi_rdn_get_index_attr Gets the p...

Page 437: ...ll as the corresponding attribute value is returned See Also slapi_rdn_get_index slapi_rdn_get_next Gets a certain RDN type value pair from within the RDNs stored in a Slapi_RDN structure Syntax inclu...

Page 438: ...position in the array See Also slapi_rdn_get_first slapi_rdn_get_rdn slapi_rdn_get_num_components Gets the number of RDN type value pairs present in a Slapi_RDN structure Syntax include slapi plugin h...

Page 439: ..._rdn_get_rdn const Slapi_RDN rdn Parameters This function takes the following parameter Returns This function returns the RDN value slapi_rdn_get_nrdn Not implemented do not use Gets the new normalize...

Page 440: ...eters Description This function initializes a given Slapi_RDN structure with NULL values both the RDN value and the array of split RDNs are set to NULL See Also slapi_rdn_new slapi_rdn_free slapi_rdn_...

Page 441: ...h an RDN value Syntax include slapi plugin h void slapi_rdn_init_rdn Slapi_RDN rdn const Slapi_RDN fromrdn Parameters This function takes the following parameters Description This function initializes...

Page 442: ...ction initializes a given Slapi_RDN structure with the RDN value taken from the DN passed within the Slapi_DN structure of the sdn parameter See Also slapi_rdn_init_dn slapi_rdn_init_rdn slapi_rdn_ise...

Page 443: ...LL Syntax include slapi plugin h Slapi_RDN slapi_rdn_new Parameters This function takes no parameters Returns This function returns a pointer to the newly allocated and still empty Slapi_RDN structure...

Page 444: ...ates a new Slapi_RDN structure and initializes its RDN with the value taken from the DN passed in the dn parameter Memory Concerns The memory is allocated by the function itself See Also slapi_rdn_new...

Page 445: ...ucture and sets an RDN value taken from the DN contained in a given Slapi_RDN structure Syntax include slapi plugin h vSlapi_RDN slapi_rdn_new_sdn const Slapi_DN sdn Parameters This function takes the...

Page 446: ...size_t length Parameters This function takes the following parameters Returns This function returns one of the following values 1 if the RND is removed from rdn 0 if no RDN is removed Description Thi...

Page 447: ...ne of the following values 1 if the RDN is removed from rdn 0 if no RDN is removed Description This function removes the first RDN from rdn that matches the given type See Also slapi_rdn_remove slapi_...

Page 448: ...This function removes the RDN from rdn with atindex index placed in the atindex 1 position See Also slapi_rdn_remove slapi_rdn_remove_attr slapi_rdn_set_dn Sets an RDN value in a Slapi_RDN structure S...

Page 449: ...ructure Syntax include slapi plugin h void slapi_rdn_set_rdn Slapi_RDN rdn const Slapi_RDN fromrdn Parameters This function takes the following parameters Description This function sets an RDN value i...

Page 450: ...slapi_rdn_set_rdn Functions for Managing Roles This section contains reference information on routines that help you deal with roles slapi_role_check Checks if the entry pointed to by entry_to_check c...

Page 451: ..._register_role_check Allows registering of another function other than the default to use in slapi_role_check It is strongly recommended that the default should be used Syntax include slapi plugin h v...

Page 452: ...of a given Slapi_DN structure slapi_sdn_get_rdn Gets the RDN from an NDN slapi_sdn_is_rdn_component Not implemented do not use Checks if there is a RDN value that is a component of the DN structure s...

Page 453: ...l be the value in newsuperiordn if different from NULL and will otherwise be taken from dn_olddn by removing the old RDN the parent of the entry will still be the same as the new DN slapi_sdn_set_dn_p...

Page 454: ...ction returns the Slapi_DN structure with the new DN formed by adding the RDN value in rdn to the DN value in dn See Also slapi_sdn_set_rdn slapi_sdn_compare Compares two DNs Syntax include slapi plug...

Page 455: ...api_sdn_copy Makes a copy of a DN Syntax include slapi plugin h void slapi_sdn_copy const Slapi_DN from Slapi_DN to Parameters This function takes the following parameters Description This function co...

Page 456: ...tructure It frees both the DN and the normalized DN if any and sets those pointers to NULL See Also slapi_sdn_free slapi_sdn_dup Duplicates a Slapi_DN structure Syntax include slapi plugin h Slapi_DN...

Page 457: ...sdn See Also slapi_sdn_done slapi_sdn_new slapi_sdn_get_backend_parent Gets the DN of the parent of an entry within a specific backend Syntax include slapi plugin h void slapi_sdn_get_backend_parent...

Page 458: ...lling this function See Also slapi_sdn_get_parent slapi_sdn_get_dn Gets the DN from a Slapi_DN structure Syntax include slapi plugin h const char slapi_sdn_get_dn const Slapi_DN sdn Parameters This fu...

Page 459: ...escription This function retrieves the normalized DN in a canonical format and lower case from a Slapi_DN structure and normalizes sdn if it has not already been normalized See Also slapi_sdn_get_dn s...

Page 460: ...in h void slapi_sdn_get_parent const Slapi_DN sdn Slapi_DN sdn_parent Parameters This function takes the following parameters Description This function returns a Slapi_DN structure containing the pare...

Page 461: ...ted do not use Checks if there is a RDN value that is a component of the DN structure Syntax include slapi plugin h int slapi_sdn_is_rdn_component const Slapi_DN rdn const Slapi_Attr a const Slapi_Val...

Page 462: ...t_rdn slapi_sdn_isempty Checks whether there is a DN value stored in a Slapi_DN structure Syntax include slapi plugin h int slapi_sdn_isempty const Slapi_DN sdn Parameters This function takes the foll...

Page 463: ...randparent of the DN in child 0 if the DN in parent does not match the DN of the grandparent of the DN in child See Also slapi_sdn_isparent slapi_sdn_issuffix slapi_sdn_get_parent slapi_sdn_isparent C...

Page 464: ...a Slapi_DN structure contains a suffix of another Slapi_DN structure Syntax include slapi plugin h int slapi_sdn_issuffix const Slapi_DN sdn const Slapi_DN suffixsdn Parameters This function takes th...

Page 465: ...on takes no parameters Returns This function returns a pointer to the newly allocated and still empty Slapi_DN structure Description This function creates a new Slapi_DN structure by allocating the ne...

Page 466: ...by reference However the FLAG_DN flag is not set and no counter is incremented Memory Concerns The memory is allocated by the function itself See Also slapi_sdn_new_dn_byval slapi_sdn_new_dn_passin s...

Page 467: ...sin slapi_sdn_new_dn_passin Creates a new Slapi_DN structure and sets a DN value Syntax include slapi plugin h Slapi_DN slapi_sdn_new_dn_passin const char dn Parameters This function takes the followi...

Page 468: ...e with a normalized DN value set to the content of ndn Descriptions This function creates a new Slapi_DN structure and initializes its normalized DN with the value of ndn The normalized DN of the new...

Page 469: ...e normalized DN of the new structure will point to a copy of the string pointed to by ndn the normalized DN value is passed into the parameter by value The FLAG_DND flag is set and the internal counte...

Page 470: ...parent slapi_sdn_issuffix slapi_sdn_set_dn_byref Sets a DN value in a Slapi_DN structure Syntax include slapi plugin h Slapi_DN slapi_sdn_set_dn_byref Slapi_DN sdn const char dn Parameters This functi...

Page 471: ...e FLAG_DN flag is not set and no internal counter is incremented See Also slapi_sdn_set_dn_byval slapi_sdn_set_dn_passin slapi_sdn_set_dn_byval Sets a DN value in a Slapi_DN structure Syntax include s...

Page 472: ...i_sdn_set_dn_passin Sets a DN value in Slapi_DN structure Syntax include slapi plugin h Slapi_DN slapi_sdn_set_dn_passin Slapi_DN sdn const char dn Parameters This function takes the following paramet...

Page 473: ...alized DN value in a Slapi_DN structure The normalized DN of the new structure will point to the same string pointed to by ndn the normalized DN value is passed into the parameter by reference However...

Page 474: ...The FLAG_DN flag is set and the internal counters are incremented See Also slapi_sdn_set_ndn_byref slapi_sdn_set_dn_passin slapi_sdn_set_parent Sets a new parent for a given entry Syntax include slap...

Page 475: ...lude slapi plugin h Slapi_DN slapi_sdn_set_rdn Slapi_DN sdn const Slapi_RDN rdn Parameters This function takes the following parameters Returns This function returns a pointer to the Slapi_DN structur...

Page 476: ...e Syntax include slapi plugin h int slapi_send_ldap_referral Slapi_PBlock pb Slapi_Entry e struct berval refs struct berval urls Parameters This function takes the following parameters Table 15 26 Rou...

Page 477: ...o the client as search result references The urls argument is not used in this case In the LDAP v2 protocol servers can send the LDAP result code LDAP_PARTIAL_RESULTS to refer the client to other LDAP...

Page 478: ...nd in the database For example if the client was attempting to find the DN cn Babs Jensen ou Product Division o Example c US pb Parameter block err LDAP result code that you want sent back to the clie...

Page 479: ...v2 clients You can pass the array of collected referrals to the urls argument of slapi_send_ldap_results For example struct berval urls slapi_send_ldap_referral ld e refs urls slapi_send_ldap_result l...

Page 480: ...ies whether you want to send only the attribute types or the attribute types and their values Pass 0 for this parameter if you want to send both the attribute types and values to the client Pass 1 for...

Page 481: ...es a specified number of UTF 8 characters slapi_utf8isLower Verifies if a UTF 8 character is a lower case letter slapi_UTF8ISLOWER Verifies if a UTF 8 character is a lower case letter slapi_utf8isUppe...

Page 482: ...the following values 1 if the string contains an 8 bit character 0 if it does not slapi_utf8casecmp Makes case insensitive string comparison of two UTF 8 strings Syntax include slapi plugin h int slap...

Page 483: ...is used The strings are compared after converted to lower case UTF 8 Each character is compared from the beginning Evaluation occurs in this order If the length of one character is shorter then the ot...

Page 484: ...ength the NULL zero length string is smaller If one or both of the strings are not UTF 8 system provided strcasecmp is used If one of the two strings contains no 8 bit characters strcasecmp is used Th...

Page 485: ...escription This function takes two UTF 8 strings s0 s1 of unsigned char to be compared for a specified number of characters The rules are the same as in slapi_utf8casecmp except the n characters limit...

Page 486: ...ings are not UTF 8 system provided strcasecmp is used If one of the two strings contains no 8 bit characters strcasecmp is used The strings are compared after they are converted to lower case UTF 8 Ea...

Page 487: ...is a lowercase letter 0 if the character is not a lowercase letter slapi_UTF8ISLOWER Verifies if a UTF 8 character is a lower case letter Syntax include slapi plugin h int slapi_UTF8ISLOWER char s Pa...

Page 488: ...owing values 1 if the character is an upper case letter 0 if the character is not an upper case letter slapi_UTF8ISUPPER Verifies if a UTF 8 character is an upper case letter Syntax include slapi plug...

Page 489: ...are converted to lower case characters which are not upper case are copied as is Null if the string is not found to be a UTF 8 string Description This function converts a string of multiple UTF 8 char...

Page 490: ...UTF 8 string Description This function converts a string of multiple UTF 8 characters and not a single character as in slapi_UTF8TOLOWER Memory Concerns The output string is allocated and needs to be...

Page 491: ...is function and needs to be released when it is no longer used slapi_UTF8STRTOUPPER Converts lower case characters in a UTF 8 string to upper case characters Syntax include slapi plugin h unsigned cha...

Page 492: ...lapi_UTF8TOLOWER Converts an upper case UTF 8 character to a lower case character Syntax include slapi plugin h void slapi_UTF8TOLOWER char s char d int ssz int dsz Parameters This function takes the...

Page 493: ...ce s and d are overlapped slapi_UTF8TOUPPER Converts a lower case UTF 8 character to an upper case character Syntax include slapi plugin h void slapi_UTF8TOUPPER char s char d int ssz int dsz Paramete...

Page 494: ...e slapi_value_get_long Converts a value into a long integer slapi_value_get_string Returns the value as a string slapi_value_get_uint Converts the value into an unsigned integer slapi_value_get_ulong...

Page 495: ...set Sets the value slapi_value_set_berval Copies the value from a berval structure into a Slapi_Value structure slapi_value_set_int Sets the integer value of a Slapi_Value structure slapi_value_set_st...

Page 496: ...es slapi_value_dup Duplicates a value Syntax include slapi plugin h slapi_value_dup const Slapi_Value v Parameters This function takes the following parameter Returns This function returns a pointer t...

Page 497: ...x include slapi plugin h slapi_value_get_berval const Slapi_Value value Parameters This function takes the following parameter Returns This function returns a pointer to the berval structure contained...

Page 498: ...es An integer that corresponds to the value stored in the Slapi_Value structure 0 if there is no value Description Converts the value in the Slapi_Value to an integer See Also slapi_value_get_long sla...

Page 499: ...integer Syntax include slapi plugin h slapi_value_get_long const Slapi_Value value Parameters This function takes the following parameter Returns This function returns one of the following values A lo...

Page 500: ...he function returns a pointer to the actual string value in Slapi_Value not a copy of it NULL if there is no value Memory Concerns You should not free the string unless to plan to replace it by callin...

Page 501: ...g slapi_value_get_ulong slapi_value_get_ulong Converts the value into an unsigned long Syntax include slapi plugin h slapi_value_get_ulong const Slapi_Value value Parameters This function takes the fo...

Page 502: ...takes the following parameter Returns This function returns a pointer to the initialized Slapi_Value structure itself Description This function initializes the Slapi_Value structure resetting all of...

Page 503: ...from a string Syntax include slapi plugin h slapi_value_init_string Slapi_Value v const char s Parameters This function takes the following parameters Returns This function returns a pointer to the i...

Page 504: ...zed Slapi_Value structure itself Description This function initializes a Slapi_Value structure with the value contained in the string The string is not duplicated and must be freed Memory Concerns The...

Page 505: ...u are no longer using the value free it from memory by calling slapi_value_free See Also slapi_value_dup slapi_value_free slapi_value_new_berval slapi_value_new_berval Allocates a new Slapi_Value stru...

Page 506: ...value_new_string slapi_value_new_string Allocates a new Slapi_Value structure and initializes it from a string Syntax include slapi plugin h slapi_value_new_string const char s Parameters This functio...

Page 507: ...lue_new_string_passin char s Parameters This function takes the following parameter Returns This function returns a pointer to a newly allocated Slapi_Value structure If space cannot be allocated for...

Page 508: ...s a pointer to the newly allocated Slapi_Value If space cannot be allocated for example if no more virtual memory exists the slapd program will terminate Description This function returns a Slapi_Valu...

Page 509: ...is a duplicate of the data pointed to by val and of length len Memory Concerns If the pointer to the Slapi_Value structure is NULL then nothing is done and the function returns NULL If the Slapi_Value...

Page 510: ...e value is duplicated from the berval structure bval Memory Concerns If the pointer to the Slapi_Value structure is NULL nothing is done and the function returns NULL If the Slapi_Value already contai...

Page 511: ...f the Slapi_Value already contains a value it is freed from memory before the new one is set When you are no longer using the Slapi_Value structure you should free it from memory by calling slapi_valu...

Page 512: ...pi_Value already contains a value it is freed from memory before the new one is set When you are no longer using the Slapi_Value structure you should free it from memory by calling slapi_value_free Se...

Page 513: ...with the structure to free it from memory slapi_value_set_value Copies the value of a Slapi_Value structure into a Slapi_Value structure Syntax include slapi plugin h slapi_value_set_value Slapi_Valu...

Page 514: ...n the Slapi_ValueSet structure without having to duplicate and free the target value slapi_valueset_count Returns the number of values contained in a Slapi_ValueSet structure slapi_valueset_done Frees...

Page 515: ...from the Slapi_Value structure which can be freed from memory after using it without altering the Slapi_ValueSet structure This function does not verify if the value is already present in the Slapi_Va...

Page 516: ...ting flags If SLAPI_VALUE_FLAG_PASSIN bit is set in the flags the function would simply take over the ownership of the new value to be added without duplicating it See Also slapi_valueset_add_value sl...

Page 517: ...ory Concerns Use this function when you are no longer using the values but you want to re use the Slapi_ValueSet structure for a new set of values slapi_valueset_find Finds the value in a valueset usi...

Page 518: ...include slapi plugin h int slapi_valueset_first_value Slapi_ValueSet vs Slapi_Value v Parameters This function takes the following parameters Returns This function returns one of the following values...

Page 519: ...value Memory Concerns This function gives a pointer to the actual value within the Slapi_ValueSet You should not free it from memory See Also slapi_valueset_next_value slapi_valueset_free Frees the sp...

Page 520: ...ed in the Slapi_ValueSet structure sets them to 0 This does not free the values contained in the structure To free the values use slapi_valueset_done Memory Concerns When you are no longer using the S...

Page 521: ...longer using the value you should free it from memory by calling slapi_valueset_free See Also slapi_valueset_free slapi_valueset_next_value Gets the next value from a Slapi_ValueSet structure Syntax...

Page 522: ...ns This function gives a pointer to the actual value within the Slapi_ValueSet and you should not free it from memory See Also slapi_valueset_first_value slapi_valueset_set_from_smod Copies the values...

Page 523: ...i_valueset_set_valueset Slapi_ValueSet vs1 const Slapi_ValueSet vs2 Parameters This function takes the following parameters Description This function initializes a Slapi_ValueSet structure by copying...

Page 524: ...ng parameters Table 15 30 Virtual Attribute Service Routines Function Description slapi_vattr_list_attrs Returns all the attribute types both real and virtual from an entry slapi_vattr_attrs_free Free...

Page 525: ...bute list returned by slapi_vattr_list_attrs Syntax include slapi plugin h void slapi_vattr_attrs_free vattr_type_thang types int flags Parameters This function takes the following parameters flags Bi...

Page 526: ...a schema check on the attribute types in the entry Syntax include slapi plugin h int slapi_vattr_schema_check_type Slapi_Entry e char type Parameters This function takes the following parameters Retu...

Page 527: ...EM memory error Description There is no need to call slapi_vattr_values_free after calling this function slapi_vattr_values_free Frees the valueset and type names Syntax include slapi plugin h void sl...

Page 528: ...pi_ValueSet results int type_name_disposition char actual_type_name int flags int buffer_flags Parameters This function takes the following parameters flags The buffer flags returned from slapi_vattr_...

Page 529: ...slapi_vattr_values_get_ex slapi_vattr_values_get_ex Returns the values for an attribute type from an entry Syntax include slapi plugin h int slapi_vattr_values_get_ex Slapi_Entry e char type Slapi_Va...

Page 530: ...wing SLAPI_VIRTUALATTRS_LOOP_DETECTED failed to evaluate a vattr SLAPI_VIRTUAL_NOT_FOUND type not recognized by any vattr and not a real attr in entry ENOMEM memory error Description This function ret...

Page 531: ...t results int type_name_disposition char actual_type_name int flags int buffer_flags Parameters This function takes the following parameters e Entry to be compared type Attribute type name results Poi...

Page 532: ...on contains reference information on locks and synchronization routines slapi_destroy_condvar Frees a Slapi_CondVar structure from memory Table 15 31 Locks and Synchronization Routines Function Descri...

Page 533: ...mutex Frees a Slapi_Mutex structure from memory Syntax include slapi plugin h void slapi_destroy_mutex Slapi_Mutex mutex Parameters This function takes the following parameters Description This functi...

Page 534: ...the lock is not an interruptible operation nor is there any time out mechanism slapi_new_condvar Creates a new condition variable and returns a pointer to the corresponding Slapi_CondVar structure Syn...

Page 535: ...eturns a pointer to the corresponding Slapi_Mutex structure Syntax include slapi plugin h Slapi_Mutex slapi_new_mutex Returns This function returns one of the following values A pointer to the new Sla...

Page 536: ...g on the condition variable see the slapi_wait_condvar function Before calling this function the calling thread must lock the mutex associated with this condition variable slapi_unlock_mutex Unlocks t...

Page 537: ...0 if an error occurs for example if the condition variable is NULL or if the mutex associated with the condition variable is not locked Description This function waits on the condition variable until...

Page 538: ..._add_evaluator function registers a function of the slapi_compute_callback_t type as an evaluator of computed attributes Before the server sends an entry as a search result back to the client the serv...

Page 539: ...search_rewriter Register callbacks for rewriting search filters Syntax include slapi plugin h int slapi_compute_add_search_rewriter slapi_search_rewrite_callback_t function Parameters This function ta...

Page 540: ...a match 0 indicates the rewrite is successful 1 indicates the function refuses to perform the search 2 indicates the function encounters and error Description This function calls evaluator functions t...

Page 541: ...See Also slapi_setbit_int slapi_unsetbit_int Table 15 33 Bit Manipulator Routines Function Description slapi_isbitset_int Checks whether a particular bit is set in an integer slapi_isbitset_uchar Che...

Page 542: ...the following values 1 if the specified bit is set 0 if the specified bit is not set See Also slapi_setbit_uchar slapi_unsetbit_uchar slapi_setbit_int Sets the specified bit in an integer Syntax inclu...

Page 543: ..._setbit_uchar unsigned char f unsigned char bitnum Parameters This function takes the following parameters Returns This function returns the character with the specified bit set See Also slapi_isbitse...

Page 544: ...ed bit in a character Syntax include slapi plugin h unsigned char slapi_unsetbit_uchar unsigned char f unsigned char bitnum Parameters This function takes the following parameters Returns This functio...

Page 545: ...slapi_get_object_extension Retrieves a pointer to the plug in extension Syntax include slapi plugin h void slapi_get_object_extension int objecttype void object int extensionhandle Parameters This fun...

Page 546: ...egister_object_extension slapi_set_object_extension slapi_register_object_extension Registers a plug in s object extension Syntax include slapi plugin h int slapi_register_object_extension const char...

Page 547: ...slapi_get_object_extension function Returns This function returns 0 if successful error code otherwise See Also slapi_get_object_extension slapi_set_object_extension slapi_set_object_extension Changes...

Page 548: ...t of functions allow a custom plug in to preserve the default behavior of the Directory Server and bypass access control checking objecttype Handle to find the offset into the object where the extensi...

Page 549: ...erved Description This function allows you to implement a custom DIOP plug in that does not affect the default behavior of the server The code snippet below is a sample for a plug in that handles the...

Page 550: ...rameter This function takes the following parameters Description The code sample demonstrates how the flag for the operation is to be set Slapi_Operation op if slapi_pblock_get pb SLAPI_OPERATION op 0...

Page 551: ...y Concerns None See Also slapi_operation_set_flag slapi_is_flag_set slapi_is_flag_set Determines whether the specified flag is set in the operation Syntax include slapi plugin h int slapi_is_flag_set...

Page 552: ...return LDAP_SUCCESS Success indicates that access is allowed See Also slapi_operation_set_flag slapi_operation_clear_flag Functions for Registering Additional Plug Ins This section contains reference...

Page 553: ...on allows a plug in to register a plugin This was added so that an object plug in can register all the plug in interfaces that it supports including legacy plug ins plugintype Handle to find the offse...

Page 554: ...Functions for Registering Additional Plug Ins 554 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 555: ...ters you can get and set the following information Parameters for Registering Plug In Functions Parameters Accessible to All Plug Ins Parameters for the Bind Function Parameters for the Search Functio...

Page 556: ...nized in the following sections Pre Operation Data Validation Plug Ins Post Operation Data Notification Plug Ins Matching Rule Plug Ins Entry Plug Ins Pre Operation Data Validation Plug Ins The parame...

Page 557: ...PI_PLUGIN_PRE_DELETE_FN This function is called before an LDAP delete operation is completed SLAPI_PLUGIN_PRE_ENTRY_FN This function is called before an entry is sent back to the client SLAPI_PLUGIN_P...

Page 558: ...lled after an LDAP search operation is completed SLAPI_PLUGIN_POST_COMPARE_FN This function is called after an LDAP compare operation is completed SLAPI_PLUGIN_POST_MODIFY_FN This function is called a...

Page 559: ...L_POST_MODRDN_FN This function is called after an internal LDAP modify RDN operation is completed Parameter ID Description SLAPI_PLUGIN_MR_FILTER_CREATE_FN This is a factory function for creating filt...

Page 560: ...are organized in the following sections Information About the Database Information About the Connection Information About the Operation Information About Extended Operations Information About the Tra...

Page 561: ...x releases only DN used to monitor the back end database Note that this is no longer supported in the Directory Server 6 1 or higher release SLAPI_BE_TYPE char Type of back end database this is the t...

Page 562: ...maximum number of nesting levels allowed within groups for access control evaluation SLAPI_CLIENT_DNS struct berval Contains a list of client IP addresses that are registered in DNS Used to determine...

Page 563: ...s The client certificate associated with the connection may be absent SLAPI_CONN_IS_REPLICATION_ SESSION char Indicates the current connection is a replication session SLAPI_CONN_IS_SSL_ CONNECTION ch...

Page 564: ...e the current user SLAPD_AUTH_SASL specifies that a SASL simple authentication and security layer mechanism was used to authenticate the current user SLAPI_CONN_AUTHTYPE char This parameter has been d...

Page 565: ...arameter ID Data Type Description SLAPI_OPERATION Slapi_Operation Information about the operation currently in progress SLAPI_OPINITIATED_TIME time_t Time when the server began processing the operatio...

Page 566: ...e DN to which the operation applies for example the DN of the entry being added or removed SLAPI_REQCONTROLS LDAPControl Array of the controls specified in the request SLAPI_CONTROLS_ARG LDAPControl A...

Page 567: ...at allows the use of ACL plugin access functions SLAPI_PLUGIN_ACL_MODS_ALLOWED int Flag that indicates if the modifications that were made are allowed SLAPI_PLUGIN_ACL_MODS_UPDATE int Flag that indica...

Page 568: ...e type of plug in function see Types of Plug Ins on page 568 SLAPI_PLUGIN_ARGV char NULL terminated array of command line arguments specified for the plugin directive in the server configuration file...

Page 569: ..._PLUGIN_PWD_STORAGE_SCHEME Password storage scheme plug in SLAPI_PLUGIN_REVER_PWD_STORAGE_ SCHEME Reverse password storage scheme plug in SLAPI_PLUGIN_VATTR_SP Virtual attribute service provider plug...

Page 570: ...e not pblock parameters but macros that define strings for example SLAPI_ATTR_OBJECTCLASS is objectclass SLAPI_PLUGIN_VERSION_03 Version 3 of the plug in interface which is supported by the Directory...

Page 571: ...te value Parameter ID Description SLAPI_ATTR_FLAG_COLLECTIVE Flag that indicates the optional collective marker has been set not supported SLAPI_ATTR_FLAG_NOUSERMOD Flag that indicates this attribute...

Page 572: ...SE Ignores the options on both names and compares the base names only SLAPI_TYPE_CMP_EXACT Compares the base name plus options as specified SLAPI_TYPE_CMP_SUBTYPE Ignores the options on the second nam...

Page 573: ...ck passed to the database search function If you are writing a pre operation database or post operation search function you can get these values by calling the slapi_pblock_get function SLAPI_BIND_RET...

Page 574: ...I_SEARCH_SIZELIMIT int Maximum number of entries to return in the search results SLAPI_SEARCH_TIMELIMIT int Maximum amount of time in seconds allowed for the search operation SLAPI_SEARCH_FILTER Slapi...

Page 575: ...rough the results set SLAPI_SEARCH_RESULT_ENTRY_EXT void Reserved for future use SLAPI_NENTRIES int Number of search results found SLAPI_SEARCH_REFERRALS struct berval Array of the URLs to other LDAP...

Page 576: ...SLAPI_STR2ENTRY_BIGENTRY Provides a hint that the entry is large this enables some optimizations related to large entries SLAPI_STR2ENTRY_EXPAND_OBJECT CLASSES Adds any missing ancestor values based o...

Page 577: ...the opaque Slapi_Entry datatype SLAPI_ADD_EXISTING_DN_ENTRY Slapi_Entry Internal only used by the multimaster replication update resolution procedure code If adding an entry that already exists this...

Page 578: ...the parameters in the parameter block passed to the database delete function If you are writing a pre operation database or post operation delete function you can get these values by calling the slapi...

Page 579: ...f you are writing a pre operation database or post operation modify RDN function you can get these values by calling the slapi_pblock_get function Parameter ID Data Type Description SLAPI_MODIFY_TARGE...

Page 580: ...Y Slapi_Entry Internal only used by the multimaster replication update resolution code If the destination RDN of the modrdn already exists this is that entry SLAPI_MODRDN_PARENT_ENTRY Slapi_Entry Inte...

Page 581: ...in the extensible match filter SLAPI_PLUGIN_MR_VALUE struct berval Value specified in the extensible match filter SLAPI_PLUGIN_MR_VALUES struct berval values Pointer to an array of berval structures c...

Page 582: ...ermine which operator is specified The following parameters are defined values for the SLAPI_PLUGIN_MR_QUERY_OPERATOR SLAPI_PLUGIN_MR_USAGE unsigned int Specifies the intended use of the indexer objec...

Page 583: ...ug Ins The parameters listed in this section are used with pre operation database plug in functions SLAPI_OP_LESS_OR_EQUAL Less than or equal to operator SLAPI_OP_EQUAL Equal to operator SLAPI_OP_GREA...

Page 584: ...The following parameters can be used as the second argument to the slapi_pblock_get and slapi_pblock_set functions to get and set information about the database SLAPI_PLUGIN_BE_PRE_MODRDN_FN This func...

Page 585: ...t accepting updates if the value is not zero SLAPI_BE_TYPE char The database type name for example ldbm database SLAPI_REQUESTOR_ISROOT int Indicates the requestor is root Parameter ID Data Type Descr...

Page 586: ...ou can call to perform LDAP operations from a plug in these internal operations do not return any data to a client Parameters for LDAP Operations Parameters for LDAP Control Parameters for Generating...

Page 587: ...Slapi_Entry Array of entries found by an internal LDAP search operation see slapi_search_internal_ pb for details SLAPI_PLUGIN_INTOP_SEARCH_REFERRALS char Array of referrals in the form of LDAP URLs...

Page 588: ...e LDAP modify operation SLAPI_OPERATION_MODRDN LDAPControl This control applies to the LDAPv3 modify RDN operation SLAPI_OPERATION_NONE LDAPControl This control applies to none of the LDAP operations...

Page 589: ...ti master replication SLAPI_DUMP_UNIQUEID This flag is used when creating an LDIF file that will be used to initialize a replica Each entry will contain the nsUniqueID operational attribute Parameter...

Page 590: ...the error log if the log level setting Log communications with shell back ends is selected SLAPI_LOG_PARSE This message is written to the error log if the log level setting Log entry parsing is select...

Page 591: ...DED Extensible filter For example o dn Example LDAP_FILTER_GE Greater than or equal to filter For example supportedLDAPVersion 3 LDAP_FILTER_LE Less than or equal to filter For example supportedLDAPVe...

Page 592: ...escription SLAPI_PLUGIN_PWD_STORAGE_SCHEME_CMP_FN This function accesses a password storage scheme to compare passwords SLAPI_PLUGIN_PWD_STORAGE_SCHEME_DEC_FN This function accesses a password storage...

Page 593: ...structure by a connection object extension This means that if the attributes that corresponds to the binder entry is changed the resource limit is not effected until the next bind occurs as that entry...

Page 594: ...tributes should be listed SLAPI_VIRTUALATTRS_REQUEST_P OINTERS int Flag that indicates you wish to receive pointers into the entry if possible Parameter Data Type Description SLAPI_VIRTUALATTRS_REALAT...

Page 595: ...ck Reference 595 SLAPI_VIRTUALATTRS_TYPE_NAME _MATCHED_EXACTLY_OR_ALIAS int Flag that indicates the attribute name disposition value indicates a matching result SLAPI_VIRTUALATTRS_TYPE_NAME _MATCHED_S...

Page 596: ...Parameters for the Virtual Attribute Service 596 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 597: ...ovides the means to specify additional information for an operation Clients and servers can send controls as part of the requests and responses for an operation DIT The hierarchical organization of en...

Page 598: ...tree referral hop limit The maximum number of referrals that your client should follow in a row For example suppose your client receives a referral from LDAP server A to LDAP server B After your clien...

Page 599: ...Glossary 599 subschema entry Entry containing all the schema definitions definitions of object classes attributes matching rules and so on used by entries in part of a directory tree...

Page 600: ...600 Netscape Directory Server Plug In Programmer s Guide December 2003...

Page 601: ...i_operation_set_flag 550 data structures and types berval 173 computed_attr_context 174 LDAP_Mod 176 LDAPControl 174 LDAPMod 176 mrFilterMatchFn 179 plugin_referral_entry_callback 180 plugin_result_ca...

Page 602: ...lapi_matchingrule_unregister 380 slapi_new_condvar 534 slapi_new_mutex 535 slapi_notify_condvar 535 slapi_unlock_mutex 536 slapi_wait_condvar 537 H header file location 28 I internal operation flag ro...

Page 603: ...r_basetype 186 slapi_attr_dup 186 slapi_attr_first_value 186 slapi_attr_flag_is_set 186 slapi_attr_free 186 slapi_attr_get_bervals_copy 186 slapi_attr_get_flags 186 slapi_attr_get_numvalues 186 slapi_...

Page 604: ...e 265 slapi_be_get_readonly 266 slapi_be_getentrypoint 266 slapi_be_getsuffix 267 slapi_be_gettype 268 slapi_be_is_flag_set 268 slapi_be_issuffix 269 slapi_be_logchanges 270 slapi_be_new 270 slapi_be_...

Page 605: ...ttr_set_long 196 slapi_entry_attr_set_uint 196 slapi_entry_attr_set_ulong 196 slapi_entry_delete_string 196 slapi_entry_delete_values_sv 196 slapi_entry_dup 196 slapi_entry_first_attr 197 slapi_entry_...

Page 606: ...api_str2filter 198 slapi_filter_compare 350 slapi_filter_dup 350 slapi_filter_free 351 slapi_filter_get_attribute_type 352 slapi_filter_get_ava 353 slapi_filter_get_choice 354 slapi_filter_get_subfilt...

Page 607: ...t_passin 394 slapi_mod_isvalid 395 slapi_mod_new 396 slapi_mod_remove_value 396 slapi_mod_set_operation 397 slapi_mod_set_type 397 slapi_moddn_get_newdn 453 slapi_modify_internal_pb 227 slapi_modify_i...

Page 608: ...t_pb 206 slapi_modrdn_internal_pb 206 slapi_pblock_destroy 206 slapi_pblock_get 206 slapi_pblock_new 206 slapi_pblock_set 206 slapi_rename_internal_set_pb 206 slapi_search_internal_callback_pb 206 sla...

Page 609: ...pi_sdn_compare 454 slapi_sdn_copy 455 slapi_sdn_done 455 slapi_sdn_dup 456 slapi_sdn_free 457 slapi_sdn_get_backend_parent 457 slapi_sdn_get_dn 458 slapi_sdn_get_ndn 459 slapi_sdn_get_ndn_len 459 slap...

Page 610: ...ue_set_int 212 slapi_value_set_string 211 212 slapi_value_set_string_passin 212 slapi_value_set_value 212 slapi_valueset_count 212 slapi_valueset_done 213 slapi_valueset_find 213 slapi_value_compare 4...

Page 611: ...ttr_schema_check_type 526 slapi_vattr_value_compare 526 slapi_vattr_values_free 527 slapi_vattr_values_get 528 slapi_vattr_values_get_ex 529 slapi_vattr_values_type_thang_get 531 slapi_wait_condvar 53...

Page 612: ...612 Netscape Directory Server Plug In Programmer s Guide December 2003...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands