OpenLDAP Files

OpenLDAP configuration files are installed into the /etc/openldap directory. If you do an ls on /etc/openldap, you'll see something like:

$ ls
ldap.conf        ldapsearchprefs.conf  slapd.oc.conf
ldapfilter.conf  ldaptemplates.conf    slapd.conf

The files you should know about are slapd.conf, and slapd.oc.conf. The slapd.conf file contains configuration information for the slapd daemon and for all of the database back-ends. You will need to make some changes to slapd.conf before you start the slapd daemon.

The file holds attribute syntax definitions for the LDAP directory. Attribute syntax definitions describe the type of information that the attribute provides. You have five choices:

For example, here are attribute syntax definitions from a typical

attribute       photo                                   bin
attribute       personalsignature                       bin
attribute       jpegphoto                               bin
attribute       audio                                   bin
attribute       labeledurl                              ces
attribute       ref                                     ces
attribute       userpassword                            ces
attribute       telephonenumber                         tel

Certain LDAP-enabled applications may require that you edit the file, usually to add particular attribute syntax definitions.

The slapd.oc.conf file includes the objectclass definitions for an LDAP directory. The objectclass definitions state which attributes are required and which attributes are optional for particular objectclasses.

The following excerpt from a typical slapd.oc.conf file contains the objectclass definitions for the top, alias, and referral objectclasses:

objectclass top

objectclass alias

objectclass referral

You may need to edit the objectclass definitions in your slapd.oc.conf, depending upon how you're going to use your LDAP directory. For example, if you're creating an LDAP directory of employees for use in your organization, you'll probably have specific required attributes for certain objectclasses that might not be used outside the organization (e.g., an employee ID number internal to your organization might be a required attribute for an objectclass of "person").