# LDAP

# Sta je LDAP?

- Protokol za cuvanje i pristup podatcima
- Uglavnom informacije o korisnicima (username,password)
- Hierarhijska struktura (grupe korisnika)
- Veliki broj servisa ima opciju za LDAP za korisnike

# Hierarhija


![ldap](slides/ldap/ldap.jpg)

# Hierarhija

- Domain component (DC)
- Organizational Unit (OU)
- Korisnici (UID)

# Klase i atributi

- Distinguished Name (dn)
- Object class
- Atributi

# Search

(&(objectClass=person)(givenName=John))

# OpenLDAP

OpenBSD-ova implementacija LDAP-a

# Python

python3-ldap3 biblioteka

# python3-ldap3 setup

CONNECTION TO LDAP SERVER

from ldap3 import Server,Connection,ALL,MODIFY_REPLACE

s=Server('192.168.122.233',use_ssl=True,get_info=ALL)
c=Connection(s,'cn=cn=admin,dc=example,dc=com','secret',auto_bind=True)

# python3-ldap3 setup

ADD DC OBJECT

objectClass = ['dcObject', 'organization']

attributes = {'o' : 'example', 'dc' : 'example'}

c.add('dc=example,dc=com',objectClass, attributes)

# python3-ldap3 setup

ADD ORGANISATIONAL UNIT

objectClass = ['top', 'organizationalUnit']

attributes = {'ou' : 'users'}

c.add('ou=users,dc=example,dc=com', objectClass, attributes)

# python3-ldap3 manage users

ADD USERS

objectClass = ['top', 'person', 'organizationalPerson', 'inetOrgPerson', 'posixAccount', 'shadowAccount']

attributes = {'cn' : 'user1', 'sn' : 'user1', 'givenName' : 'user1', 'uid' : 'user1', 'uidNumber' : 1001, 'gidNumber' : 1001, 'homeDirectory' : '/home/user1', 'loginShell' : '/bin/sh', 'gecos' : 'SystemUser', 'shadowLastChange' : 19433, 'shadowMax' : '45', 'userPassword' : 'password123'}

c.add('uid='user1,ou=users,dc=example,dc=com',objectClass, attributes)

# python3-ldap3 manage users

DELETE USERS

c.delete('user1,ou=users,dc=example,dc=com')