Friday Jul 25, 2008

Upgrading to DSEE 6.3 windows patch from 6.2

How to upgrade for Directory Server Enterprise Edition 6.2 to 6.3 on Windows system ?

Today's topic is how to upgrade on Sun Java Directory Server Enterprise Edition 6.2 to 6.3, I propose you to check out the Sun docs before you do some upgrades, here is the link Sun Java Directory Server Enterprise Edition

I have posted the steps from DSEE 6.2 to DSEE 6.3 only, to read more click on "Read more"

[Read More]

Posted on: Jul 25, 2008

Posted by: shankar

Category: Directory

Permanent link to this entry | Comments [0]

Tuesday Jul 08, 2008

LDAP Injection

What is LDAP injection ? 

    LDAP injection is a specific form of attack that can be employed to compromise Web sites that construct LDAP (Lightweight Directory Access Protocol) statements from data provided by users. This is done by changing LDAP statements so dynamic Web applications can run with invalid permissions, allowing the attacker to alter, add or delete content. LDAP is a protocol that facilitates the location of organizations, individuals and other resources in a network. It is a streamlined version of DAP (Directory Access Protocol), which is part of X.500, a standard for network directory services. Find out more for with Java Example of how to do it ...
[Read More]

Posted on: Jul 08, 2008

Posted by: shankar

Category: Directory

Permanent link to this entry | Comments [2]

Wednesday Jul 18, 2007

Next Generation LDAP RFC Updates in Directory World

Initial LDAP specs:

RFC 1487 --  X.500 Lightweight Directory Access Protocol (obsoleted by RFC 1777)
RFC 1558 -- A String Representation of LDAP Search Filters (obsoleted by RFC 1960)
RFC 1766 -- Tags for the Identification of Languages (obsoleted by RFC 3282)
RFC 1777 -- Lightweight Directory Access Protocol
RFC 1778 -- The String Representation of Standard Attribute Syntaxes
RFC 1779 -- String Representation of Distinguished Names (obsoleted by RFC 4514 and RFC 4510)
RFC 1959 -- An LDAP URL Format (obsoleted by RFC 2255)
RFC 1960 -- A String Representation of LDAP Search Filters (obsoleted by RFC 2254)
LDAP v3 specs:
RFC 2251 -- Lightweight Directory Access Protocol (v3)
RFC 2252 -- Lightweight Directory Access Protocol (v3): Attribute Syntax Definitions
RFC 2253 -- Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names
RFC 2254 -- The String Representation of LDAP Search Filters
RFC 2255 -- The LDAP URL Format
RFC 2256 -- A Summary of the X.500(96) User Schema for use with LDAPv3

 

The LDAPv3 Technical Specification


   The technical specification detailing version 3 of the Lightweight
   Directory Access Protocol (LDAP), an Internet Protocol, consists of
   this document and the following documents:

      LDAP: The Protocol [RFC4511]
      LDAP: Directory Information Models [RFC4512]
      LDAP: Authentication Methods and Security Mechanisms [RFC4513]
      LDAP: String Representation of Distinguished Names [RFC4514]
      LDAP: String Representation of Search Filters [RFC4515]
      LDAP: Uniform Resource Locator [RFC4516]
      LDAP: Syntaxes and Matching Rules [RFC4517]
      LDAP: Internationalized String Preparation [RFC4518]
      LDAP: Schema for User Applications [RFC4519]

 

Additional specs:
RFC 1823 -- The LDAP Application Program Interface
RFC 2079 -- Definition of an X.500 Attribute Type and an Object Class to Hold Uniform Resource Identifiers
RFC 2116 -- X.500 Implementations Catalog-96
RFC 2164 -- Use of an X.500/LDAP directory to support MIXER address mapping
RFC 2247 -- Using DNS Domain names in LDAP/X.500 Distinguished Names
RFC 2307 -- An Approach for Using LDAP as a Network Information Service
RFC 2377 -- Naming Plan for Internet Directory-Enabled Applications
RFC 2559 -- Internet X.509 Public Key Infrastructure Operational Protocols - LDAPv2
RFC 2596 -- Use of Language Codes in LDAP
RFC 2649 -- An LDAP Control and Schema for Holding Operation Signatures
RFC 2696 -- LDAP Control Extension for Simple Paged Results Manipulation
[Read More]

Posted on: Jul 18, 2007

Posted by: shankar

Category: Directory

Permanent link to this entry | Comments [0]

Friday Jun 29, 2007

Data is transferred between LDAP servers

Considerations include data formats, characters, mapping methods, and string case.

  • Data is transferred between LDAP servers and clients(Browsers) in UTF-8 format.
  • The Directory Server uses the UTF-8 mapping method to store data in the database.
  • The server and the client do case insensitive string comparisons. The uppercase algorithms will not be correct for all languages (locales).
  • Its always a best tip while setting the servers in production  to keep them in and UTF-8 locales.

For example, if the client requests a "description" attribute, and a
   matching entry contains

   objectclass: top
   objectclass: organization
   O: Software GmbH
   description: software
   description;lang-en: software products
   description;lang-de: Softwareprodukte
   postalAddress: Berlin 8001 Germany
   postalAddress;lang-de: Berlin 8001 Deutschland

   The server will return:

   description: software
   description;lang-en: software products
   description;lang-de: Softwareprodukte

[Read More]

Posted on: Jun 29, 2007

Posted by: shankar

Category: Directory

Permanent link to this entry | Comments [0]

Monday Jun 18, 2007

Platforms supported by Directory Server Enterprise Edition

Directory Server Enterprise Edition 6.1 is now Supporting RH AS 4.0 and RHEL 4.0[Read More]

Posted on: Jun 18, 2007

Posted by: shankar

Category: Directory

Permanent link to this entry | Comments [0]

This blog copyright 2009 by shankar