Home
Querying the Lightweight Directory Access Protocol server
The Lightweight Directory Access Protocol (LDAP) accesses the X.500 directory using text strings called filters. When these query strings pass to the LDAP server, the server returns the requested portions of the specified entity.
LDAP filters use attributes to simplify queries to the LDAP server. For example, you can use a filter such as "objectclass=person" to limit your query to entities that represent people as opposed to groups or equipment.
- To authorize a user as a member of a group, add the following directive to the configuration file:
LDAPRequire group "group_name"For example:LDAPRequire group "Administrative Users"- To authorize a user by filter, add the following directive to the configuration file:
LDAPRequire filter "ldap_search_filter"For example, to enable access to the resource by a programmer in your department:LDAPRequire filter"(&(objectclass=person)(cn=*)(ou=programmer)(o=department))"Or, to enable access for John Doe only:LDAPRequire filter "(&(objectclass=person)(cn=John Doe))"
Related concepts
Lightweight Directory Access Protocol
Related tasks
Authenticate with LDAP on IHS using mod_ibm_ldap (Distributed systems)