-
Notifications
You must be signed in to change notification settings - Fork 5
/
example.lisp
131 lines (96 loc) · 3.45 KB
/
example.lisp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
(require 'trivial-ldap)
; see http://www.openldap.org/doc/admin23/quickstart.html for some
; openldap quickstart documentation.
;; create a new ldap object. the port number is the default 389 here.
(defparameter l
(ldap:new-ldap :host "redbaron.local"
:user "cn=directory manager, dc=example, dc=com"
:sslflag t
:debug t
:pass "secret"
:base "dc=example,dc=com"
:reuse-connection 'ldap:rebind))
;; create some entry objects.
(defparameter entry-one
(ldap:new-entry "dc=example,dc=com"
:attrs '((objectclass . (dcobject organization))
(o . "example organization"))))
(defparameter entry-two
(ldap:new-entry "cn=manager,dc=example,dc=com"
:attrs '((objectclass . organizationalrole))))
(defparameter entry-three
(ldap:new-entry "cn=test user,dc=example,dc=com"
:attrs '((objectclass . organizationalrole))))
(defparameter entry-four
(ldap:new-entry "cn=quuxor,dc=example,dc=com"
:attrs '((objectclass . (organizationalrole))
(description . "another test entry")
(l . ("Boston" "Cambridge" "Jamaica Plain"))
(st . "Massachusetts")
(postalcode . "02115")
(street . "Commonwealth Avenue"))))
; a printed representation:
(format t "~A" (ldap:ldif entry-four))
; turn on debugging.
(setf (ldap:debugflag l) t)
; bind to the server.
(when (ldap:bind l)
(write-line "bound to ldap."))
; turn off debugging.
(setf (ldap:debugflag l) nil)
; add a couple entries.
(ldap:add entry-one l)
; or use the lower-level add specified on ldap first:
(multiple-value-bind (res code msg) (ldap:add l entry-two)
(format t "res: ~A~%code: ~A~%msg: ~A" res code msg))
; search (and print results in ldif)
(ldap:ldif-search l "(cn=*)")
; add another entry.
(ldap:add entry-three l)
; search for that.
(if (ldap:search l (ldap:rdn entry-three))
(describe (ldap:next-search-result l))
(format t "Search Failed."))
; delete an entry.
(ldap:delete entry-three l)
; ldap:search will return nil.
(ldap:search l (ldap:rdn entry-three))
; a fourth entry.
(ldap:add entry-four l)
; this should be true.
(ldap:compare entry-four l 'st "Massachusetts")
; as should this, because the st attribute
; compares case insensitively.
(ldap:compare entry-four l 'st 'massachusetts)
; this is false, so it returns nil.
(ldap:compare entry-four l 'st 'foobarbaz)
; compare (and delete) take strings as well as entry objects.
(ldap:compare (ldap:dn entry-four) l 'l 'boston)
(ldap:delete (ldap:dn entry-four) l)
; put entry four back:
(ldap:add entry-four l)
(ldap:attr-value entry-four 'st)
(ldap:attr-list entry-four)
(ldap:attrs entry-four)
(ldap:modify entry-four l '((ldap:delete l "Boston")
(ldap:replace st "Vermont")
(ldap:add st "New Hampshire")
(ldap:add street ("Massachusetts Avenue"
"Newbury Street"
"Boylston Street"))))
(format t "~A~%" (ldap:ldif entry-four))
(ldap:moddn entry-four l "cn=buzzer")
; simple ldap filters work more or less as expected. extended filters
; however have not been implemented yet.
(ldap:search l "(cn=buzz*)")
(ldap:search l "(| (cn=baz*) (cn=*ager))")
; the outside parens are optional:
(ldap:search l "| (cn=baz*) (cn=*ager)")
; clean up. with one ldap object fetching the results of the search,
; a second LDAP object is required for the delete.
(defparameter j (ldap:new-ldap :host "great-pumpkin.local"
:base "dc=example,dc=com"))
; (ldap:dosearch (ent (ldap:search j "cn=*"))
; (ldap:delete ent l))
;
; (ldap:delete entry-one l)