Using tclLdap-pkg-1.2

Loading

 either

	% load /path/to/Ldap.so

 or 

	% package require Ldap
 



Variables:
	an array ldap with the following elements ..

	ldap(dn)	             
	ldap(host)
	ldap(port)		
	ldap(binddn,search)
	ldap(binddn,modify)
	ldap(binddn,delete)
	ldap(binddn,modrdn)
	ldap(searchbase)
	ldap(version)

If ldap(dn) is non-zero then searches will return the Distinguished Name
as well as the other info.
	
port and version are initialised to the values LDAP_PORT and LDAP_VERSION
in ldap.h , the rest use the values defined in tclLdap.h .

/**************************************************************************/
Command: LdapInit
Arguments: None
Results:   None
Return codes: TCL_OK

Notes: A dummy function only needed if you're using the 'package require Ldap'
       command and want to use elements in ldap array in a call to LdapBind
       since they wont be available until one of the commands is called.

Example:
		load /path/to/Ldap.so
		LdapBind $ldap(host) $ldap(port) $ldap(binddn,search) {}
	
	will work but it'll have to be

		package require Ldap
		LdapInit
		LdapBind $ldap(host) $ldap(port) $ldap(binddn,search) {}	


/******************************************************************************/
Command:   LdapBind
Arguments: Host Port BindDN Password
Where:     Host = Hostname or IP address of the LDAP server
           Port = IP port the LDAP server is listening on (ex: 389)
         BindDN = Manager's (or whoever's) DN
       Password = Password for the BindDN
Results:
      data: Returns an integer number identifying the established connection.
    errors: Too many connections!
            Cannot connect to host
            Invalid name or password
  messages: None
Return codes:
  success: TCL_OK
  failure: TCL_ERROR
Note: Each argument to the LdapBind command can be a variable.
      Multiple connections can be established to the same or different hosts.
      Each LdapBind call will return a unique number associated with the
      connection that identifies the connection to the other Ldap commands.
Example:
set connection [LdapBind host1 389 "cn=mgr,o=org1,c=us" "mgrpwd"]
or
set connection [LdapBind $host $port $mgr $mgrpwd]
/******************************************************************************/

/******************************************************************************/
Command:   LdapUnBind
Arguments: ConnID
Where:   ConnID = Connection number returned from previous LdapBind
Results:
      data: None
    errors: Invalid connection number!
  messages: None
Return codes:
  success: TCL_OK
  failure: TCL_ERROR
Note: Each argument to the LdapUnBind command can be a variable.
      This command will close a connection made with a previous LdapBind.
Example:
LdapUnBind 0
or
LdapUnBind $connection
/******************************************************************************/

/******************************************************************************/
Command:   LdapDelete
Arguments: ConnectionID DN-to-delete
Where:   ConnID = Connection number returned from previous LdapBind
   DN-to-delete = kind of self-explanatory isn't it?
Results:
      data: None
    errors: Invalid connection number!
            Unable to delete entry
  messages: Entry deleted
Return codes:
  success: TCL_OK
  failure: TCL_ERROR
Note: Each argument to the LdapDelete command can be a variable.
Example:
LdapDelete 0 "cn=Joe Doe,ou=org2,o=org1,c=us"
or
LdapDelete $connection $dn
/******************************************************************************/

/******************************************************************************/
Command:   LdapModRDN
Arguments: ConnID DN RDN ReplaceFlag(1=replace,0=add)
Where:   ConnID = Connection number returned from previous LdapBind
             DN = FULL DN of original entry
            RDN = RELATIVE dn of new name
    ReplaceFlag = replace or add new name (1=replace, 0=add)
Results:  
      data: None
    errors: Invalid connection number!
            Unable to rename entry
  messages: Entry renamed
Return codes:
  success: TCL_OK
  failure: TCL_ERROR
Note: Each argument to the LdapModRDN command can be a variable.
Example:
LdapModRDN 0 "cn=Joe Doe,ou=org2,o=org1,c=us" "cn=Joseph Doe" 1
or
LdapModRDN $connection $dn $rdn $flag
/******************************************************************************/

/******************************************************************************/
Command:   LdapModify/LdapAdd
Arguments: ConnID DN [LIST of attr=value pairs]
Where:   ConnID = Connection number returned from previous LdapBind
             DN = FULL DN of entry to change/add
     Attributes = A tcl LIST of attr=value pairs (This MUST be a list!)
Results:  
      data: None
    errors: Invalid connection number!
            No LIST argument passed
            Problem with data
            Unable to add entry (FOR THE ADD SUB-FUNCTION)
            Unable to change entry
  messages: None
Return codes:
  success: TCL_OK
  failure: TCL_ERROR
Note: Each argument to the LdapModify/LdapAdd command can be a variable.
Example:
LdapModify 0 "cn=Joe Doe,ou=org2,o=org1,c=us" [list "sn=Jones" "telephoneNumber=+1 999 555 1212"]
or
set attrs [list "sn=Jones" "telephoneNumber=+1 999 555 1212"]
LdapModify $connection $dn $attrs
----
LdapAdd 0 "cn=Joe Doe,ou=org2,o=org1,c=us" [list "sn=Jones" "telephoneNumber=+1 999 555 1212"]
or
set attrs [list "sn=Jones" "telephoneNumber=+1 999 555 1212"]
LdapAdd $connection $dn $attrs

P.S. For the LdapModify command, if you place a minus "-" sign in front of an
attr=value pair, the LdapModify command will delete that attr=value.
(i.e. [list "-telephoneNumber=+1 999 555 1212"] will delete the phone number).
/******************************************************************************/

/******************************************************************************/
Command:   LdapSearch
Arguments: ConnID Scope Deref BaseDN Maxresults Filter [LIST of Attrs to return (optional)]
Where:   ConnID = Connection number returned from previous LdapBind
          Scope = One of "base, one, or sub" (default is subtree)
          Deref = One of "never, search, find, or always" (default is never)
         BaseDN = DN of the starting point for the search
     Maxresults = Maximum matches to return. 0 == as many as you like.
         Filter = Standard LDAP-style search filter
     Attributes = A tcl LIST of attribute NAMES (This MUST be a list! If this
                  option is left off, ALL attributes will be returned.)
Results:
      data: A tcl LIST of attr=value pairs.
            (If more than one ENTRY is returned, then the sets of attr=value
            pairs are still returned as ONE list with a NULL list element
            separating the entries.)
    errors: Invalid connection number!
            No LIST argument passed!
            Search failed
            Search failed to find anything
  messages: None
Return codes:
  success: TCL_OK
  failure: TCL_ERROR
Note: Each argument to the LdapSearch command can be a variable.
Example:
LdapSearch 0 sub never "o=org1,c=us" "cn=Joseph Doe" [list "sn" "telephoneNumber"]
or
set attrs [list "sn" "telephoneNumber"]
LdapSearch $connection $scope $deref $base $filter $attrs
(The above search would do a subtree search starting in the o=org1,c=us
 directory using the filter cn=Joseph Doe and return the
 attributes "sn" and "telephoneNumber")
(The same search without the "$attrs" would automatically return everything.)
/******************************************************************************/
