Planning and configuring for LDAP name resolution (IBM SecureWay Directory schema)

Edit online

The Lightweight Directory Access Protocol (LDAP) is an open industry standard that defines a method for accessing and updating information in a directory.

An LDAP schema defines the rules for ordering data. The ibm-HostTable object class, part of the IBM® SecureWay Directory schema, can be used to store the name-to-Internet-address mapping information for every host on the network.

The ibm-HostTable object class is defined as follows:

Object Class name:     ibm-HostTable
Description:           Host Table entry which has a collection of hostname to
                       IP address mappings.
OID:                   TBD
RDN:                   ipAddress
Superior object class: top
Required Attributes:   host, ipAddress
Optional Attributes:   ibm-hostAlias, ipAddressType, description

The attribute definitions follow:

Attribute Name: ipAddress
Description:    IP Address of the hostname in the Host Table
OID:            TBD
Syntax:         caseIgnoreString
Length:         256
Single Valued:  Yes
Attribute Name: ibm-hostAlias
Description:    Alias of the hostname in the Host Table
OID:            TBD
Syntax:         caseIgnoreString
Length:         256
Single Valued:  Multi-valued
Attribute Name: ipAddressType
Description:    Address Family of the IP Address (1=IPv4, 2=IPv6)
OID:            TBD
Syntax:         Integer
Length:         11
Single Valued:  Yes
Attribute Name: host
Description:    The hostname of a computer system.
OID:            1.13.18.0.2.4.486
Syntax:         caseIgnoreString
Length:         256
Single Valued:  Multi-valued
Attribute Name: description
Description:    Comments that provide a description of a directory object entry.
OID:            2.5.4.13
Syntax:         caseIgnoreString
Length:         1024
Single Valued:  Multi-valued

Use the following procedure to configure the LDAP server compliant with the IBM SecureWay Directory schema, for storing the name-to-Internet-address mapping host information.

Add a suffix on the LDAP server.
The suffix is the starting point of the hosts database. For example, "cn=hosts". This can done using the web-based IBM SecureWay Directory Server Administration tool.

Create an LDAP Data Interchange Format (LDIF) file.

This can be done manually or with the hosts2ldif command, which creates a LDIF file from the /etc/hosts file. See the hosts2ldif Command for more information. The following is a sample LDIF file:

dn: cn=hosts
objectclass: top
objectclass: container
cn: hosts
dn: ipAddress=1.1.1.1, cn=hosts
host: test
ipAddress: 1.1.1.1
objectclass: ibm-HostTable
ipAddressType: 1
ibm-hostAlias: e-test
ibm-hostAlias: test.austin.ibm.com
description: first ethernet interface
dn: ipAddress=fe80::dead, cn=hosts
host: test
ipAddress: fe80::dead
objectclass: ibm-HostTable
ipAddressType: 2
ibm-hostAlias: test-ll
ibm-hostAlias: test-ll.austin.ibm.com
description: v6 link level interface

Import the hosts directory data from the LDIF file on the LDAP server.
This can be done with the ldif2db command or through the web-based IBM SecureWay Directory Server Administration tool.

To configure the client to access the hosts database on the LDAP server, using the LDAP mechanism, follow these steps:

Create the /etc/resolv.ldap file. See the resolv.ldap File Format for TCP/IP in the Files Reference for more information and a detailed example of a resolv.ldap file.
Change the default name resolution through the NSORDER environment variable, the /etc/netsvc.conf file, or the /etc/irs.conf file. See the netsvc.conf File Format for TCP/IP or the irs.conf File Format for TCP/IP in the Files Reference for more information.

Although still supported, the use of ldap mechanism is deprecated. This existing ldap mechanism works with IBM SecureWay Directory Schema, while nis_ldap (NIS_LDAP) works with the RFC 2307 schema. Use of the nis_ldap mechanism instead of the ldap mechanism is recommended. For information on nis_ldap name resolution, see Planning and configuring NIS_LDAP name resolution (RFC 2307 schema).