ldb.h - Man Page

struct ldb_val
Result value.
struct ldb_message_element
results are given back as arrays of ldb_message_element
struct ldb_message
a ldb_message represents all or part of a record.
struct ldb_ldif
LDIF record.
struct ldb_debug_ops
the user can optionally supply a debug function.
struct ldb_utf8_fns
The user can optionally supply a custom utf8 functions, to handle comparisons and casefolding.
struct ldb_parse_tree
struct ldb_schema_syntax
struct ldb_schema_attribute
struct ldb_dn_extended_syntax
struct ldb_sd_flags_control
struct ldb_search_options_control
struct ldb_paged_control
struct ldb_extended_dn_control
struct ldb_server_sort_control
struct ldb_sort_resp_control
struct ldb_asq_control
struct ldb_dirsync_control
struct ldb_vlv_req_control
struct ldb_vlv_resp_control
struct ldb_verify_name_control
struct ldb_control
struct ldb_extended
struct ldb_seqnum_request
struct ldb_seqnum_result
struct ldb_result
struct ldb_reply
struct ldb_search
struct ldb_add
struct ldb_modify
struct ldb_delete
struct ldb_rename
struct ldb_register_control
struct ldb_register_partition
struct ldb_request

#define LDB_FLAG_MOD_MASK   0x3
There are a number of flags that are used with ldap_modify() in ldb_message_element.flags fields.
#define LDB_FLAG_MOD_TYPE(flags)   ((flags) & LDB_FLAG_MOD_MASK)
use this to extract the mod type (enum) from the operation
#define LDB_FLAG_MOD_ADD   1
Value used in ldap_modify() to indicate that attributes are being added.
#define LDB_FLAG_MOD_REPLACE   2
Value used in ldap_modify() to indicate that attributes are being replaced.
#define LDB_FLAG_MOD_DELETE   3
Value used in ldap_modify() to indicate that attributes are being deleted.
#define LDB_FLAG_FORCE_NO_BASE64_LDIF   4
Flag value used in ldb_ldif_write_trace() to enforce binary encoded attribute values per attribute.
#define LDB_FLAG_INTERNAL_MASK   0xFFFFFFF0
flag bits on an element usable only by the internal implementation
#define LDB_OID_COMPARATOR_AND   '1.2.840.113556.1.4.803'
OID for logic AND comparison.
#define LDB_OID_COMPARATOR_OR   '1.2.840.113556.1.4.804'
OID for logic OR comparison.
#define LDB_DEBUG_ALWAYS_LOG   LDB_DEBUG_FATAL
#define LDB_FLG_RDONLY   1
Flag value for database connection mode.
#define LDB_FLG_NOSYNC   2
Flag value for database connection mode.
#define LDB_FLG_RECONNECT   4
Flag value to specify autoreconnect mode.
#define LDB_FLG_NOMMAP   8
Flag to tell backends not to use mmap.
#define LDB_FLG_SHOW_BINARY   16
Flag to tell ldif handlers not to force encoding of binary structures in base64.
#define LDB_FLG_ENABLE_TRACING   32
Flags to enable ldb tracing.
#define LDB_FLG_DONT_CREATE_DB   64
Flags to tell LDB not to create a new database file:
#define LDB_ATTR_FLAG_HIDDEN   (1<<0)
The attribute is not returned by default.
#define LDB_ATTR_FLAG_ALLOCATED   (1<<1)
#define LDB_ATTR_FLAG_FIXED   (1<<2)
The attribute is supplied by the application and should not be removed.
#define LDB_ATTR_FLAG_UNIQUE_INDEX   (1<<3)
#define LDB_ATTR_FLAG_SINGLE_VALUE   (1<<4)
#define LDB_ATTR_FLAG_FORCE_BASE64_LDIF   (1<<5)
#define LDB_ATTR_FLAG_FROM_DB   (1<<6)
#define LDB_ATTR_FLAG_INDEXED   (1<<7)
#define LDB_SYNTAX_DN   '1.3.6.1.4.1.1466.115.121.1.12'
LDAP attribute syntax for a DN.
#define LDB_SYNTAX_DIRECTORY_STRING   '1.3.6.1.4.1.1466.115.121.1.15'
LDAP attribute syntax for a Directory String.
#define LDB_SYNTAX_INTEGER   '1.3.6.1.4.1.1466.115.121.1.27'
LDAP attribute syntax for an integer.
#define LDB_SYNTAX_ORDERED_INTEGER   'LDB_SYNTAX_ORDERED_INTEGER'
Custom attribute syntax for an integer whose index is lexicographically ordered by attribute value in the database.
#define LDB_SYNTAX_BOOLEAN   '1.3.6.1.4.1.1466.115.121.1.7'
LDAP attribute syntax for a boolean.
#define LDB_SYNTAX_OCTET_STRING   '1.3.6.1.4.1.1466.115.121.1.40'
LDAP attribute syntax for an octet string.
#define LDB_SYNTAX_UTC_TIME   '1.3.6.1.4.1.1466.115.121.1.53'
LDAP attribute syntax for UTC time.
#define LDB_SYNTAX_GENERALIZED_TIME   '1.3.6.1.4.1.1466.115.121.1.24'
#define LDB_SYNTAX_OBJECTCLASS   'LDB_SYNTAX_OBJECTCLASS'
#define LDB_CONTROL_BYPASS_OPERATIONAL_OID   '1.3.6.1.4.1.7165.4.3.13'
OID for getting and manipulating attributes from the ldb without interception in the operational module.
#define LDB_CONTROL_BYPASS_OPERATIONAL_NAME   'bypassoperational'
#define LDB_CONTROL_RECALCULATE_RDN_OID   '1.3.6.1.4.1.7165.4.3.30'
OID for recalculate RDN (rdn attribute and 'name') control.
#define LDB_CONTROL_RECALCULATE_SD_OID   '1.3.6.1.4.1.7165.4.3.5'
OID for recalculate SD control.
#define LDB_CONTROL_RECALCULATE_SD_NAME   'recalculate_sd'
#define LDB_CONTROL_REVEAL_INTERNALS   '1.3.6.1.4.1.7165.4.3.6'
REVEAL_INTERNALS is used to reveal internal attributes and DN components which are not normally shown to the user.
#define LDB_CONTROL_REVEAL_INTERNALS_NAME   'reveal_internals'
#define LDB_CONTROL_AS_SYSTEM_OID   '1.3.6.1.4.1.7165.4.3.7'
LDB_CONTROL_AS_SYSTEM is used to skip access checks on operations that are performed by the system, but with a user's credentials, e.g.
#define LDB_CONTROL_PROVISION_OID   '1.3.6.1.4.1.7165.4.3.16'
LDB_CONTROL_PROVISION_OID is used to skip some constraint checks.
#define LDB_CONTROL_PROVISION_NAME   'provision'
#define LDB_CONTROL_PAGED_RESULTS_OID   '1.2.840.113556.1.4.319'
OID for the paged results control.
#define LDB_CONTROL_PAGED_RESULTS_NAME   'paged_results'
#define LDB_CONTROL_SD_FLAGS_OID   '1.2.840.113556.1.4.801'
OID for specifying the returned elements of the ntSecurityDescriptor.
#define LDB_CONTROL_SD_FLAGS_NAME   'sd_flags'
#define LDB_CONTROL_DOMAIN_SCOPE_OID   '1.2.840.113556.1.4.1339'
OID for specifying an advanced scope for the search (one partition)
#define LDB_CONTROL_DOMAIN_SCOPE_NAME   'domain_scope'
#define LDB_CONTROL_SEARCH_OPTIONS_OID   '1.2.840.113556.1.4.1340'
OID for specifying an advanced scope for a search.
#define LDB_CONTROL_SEARCH_OPTIONS_NAME   'search_options'
#define LDB_CONTROL_NOTIFICATION_OID   '1.2.840.113556.1.4.528'
OID for notification.
#define LDB_CONTROL_NOTIFICATION_NAME   'notification'
#define LDB_CONTROL_TREE_DELETE_OID   '1.2.840.113556.1.4.805'
OID for performing subtree deletes.
#define LDB_CONTROL_TREE_DELETE_NAME   'tree_delete'
#define LDB_CONTROL_SHOW_DELETED_OID   '1.2.840.113556.1.4.417'
OID for getting deleted objects.
#define LDB_CONTROL_SHOW_DELETED_NAME   'show_deleted'
#define LDB_CONTROL_SHOW_RECYCLED_OID   '1.2.840.113556.1.4.2064'
OID for getting recycled objects.
#define LDB_CONTROL_SHOW_RECYCLED_NAME   'show_recycled'
#define LDB_CONTROL_SHOW_DEACTIVATED_LINK_OID   '1.2.840.113556.1.4.2065'
OID for getting deactivated linked attributes.
#define LDB_CONTROL_SHOW_DEACTIVATED_LINK_NAME   'show_deactivated_link'
#define LDB_CONTROL_EXTENDED_DN_OID   '1.2.840.113556.1.4.529'
OID for extended DN.
#define LDB_CONTROL_EXTENDED_DN_NAME   'extended_dn'
#define LDB_CONTROL_SERVER_SORT_OID   '1.2.840.113556.1.4.473'
OID for LDAP server sort result extension.
#define LDB_CONTROL_SERVER_SORT_NAME   'server_sort'
#define LDB_CONTROL_SORT_RESP_OID   '1.2.840.113556.1.4.474'
OID for LDAP server sort result response extension.
#define LDB_CONTROL_SORT_RESP_NAME   'server_sort_resp'
#define LDB_CONTROL_ASQ_OID   '1.2.840.113556.1.4.1504'
OID for LDAP Attribute Scoped Query extension.
#define LDB_CONTROL_ASQ_NAME   'asq'
#define LDB_CONTROL_DIRSYNC_OID   '1.2.840.113556.1.4.841'
OID for LDAP Directory Sync extension.
#define LDB_CONTROL_DIRSYNC_NAME   'dirsync'
#define LDB_CONTROL_DIRSYNC_EX_OID   '1.2.840.113556.1.4.2090'
#define LDB_CONTROL_DIRSYNC_EX_NAME   'dirsync_ex'
#define LDB_CONTROL_VLV_REQ_OID   '2.16.840.1.113730.3.4.9'
OID for LDAP Virtual List View Request extension.
#define LDB_CONTROL_VLV_REQ_NAME   'vlv'
#define LDB_CONTROL_VLV_RESP_OID   '2.16.840.1.113730.3.4.10'
OID for LDAP Virtual List View Response extension.
#define LDB_CONTROL_VLV_RESP_NAME   'vlv_resp'
#define LDB_CONTROL_PERMISSIVE_MODIFY_OID   '1.2.840.113556.1.4.1413'
OID to let modifies don't give an error when adding an existing attribute with the same value or deleting an nonexisting one attribute.
#define LDB_CONTROL_PERMISSIVE_MODIFY_NAME   'permissive_modify'
#define LDB_CONTROL_SERVER_LAZY_COMMIT   '1.2.840.113556.1.4.619'
OID to allow the server to be more 'fast and loose' with the data being added.
#define LDB_CONTROL_RODC_DCPROMO_OID   '1.2.840.113556.1.4.1341'
Control for RODC join -see [MS-ADTS] section 3.1.1.3.4.1.23.
#define LDB_CONTROL_RODC_DCPROMO_NAME   'rodc_join'
#define LDB_CONTROL_RELAX_OID   '1.3.6.1.4.1.4203.666.5.12'
OID for the allowing client to request temporary relaxed enforcement of constraints of the x.500 model.
#define LDB_CONTROL_RELAX_NAME   'relax'
#define LDB_CONTROL_VERIFY_NAME_OID   '1.2.840.113556.1.4.1338'
OID for the allowing some kind of relax check for attributes with DNs.
#define LDB_CONTROL_VERIFY_NAME_NAME   'verify_name'
#define LDB_EXTENDED_SEQUENCE_NUMBER   '1.3.6.1.4.1.7165.4.4.3'
OID for LDAP Extended Operation SEQUENCE_NUMBER.
#define LDB_EXTENDED_PASSWORD_CHANGE_OID   '1.3.6.1.4.1.4203.1.11.1'
OID for LDAP Extended Operation PASSWORD_CHANGE.
#define LDB_EXTENDED_FAST_BIND_OID   '1.2.840.113556.1.4.1781'
OID for LDAP Extended Operation FAST_BIND.
#define LDB_EXTENDED_START_TLS_OID   '1.3.6.1.4.1.1466.20037'
OID for LDAP Extended Operation START_TLS.
#define LDB_EXTENDED_DYNAMIC_OID   '1.3.6.1.4.1.1466.101.119.1'
OID for LDAP Extended Operation DYNAMIC_REFRESH.
#define LDB_EXTENDED_WHOAMI_OID   '1.3.6.1.4.1.4203.1.11.3'
OID for RFC4532 'Who Am I' extended operation.
#define LDB_SEARCH_OPTION_DOMAIN_SCOPE   0x00000001
#define LDB_SEARCH_OPTION_PHANTOM_ROOT   0x00000002
#define LDB_SEQ_GLOBAL_SEQUENCE   0x01
#define LDB_SEQ_TIMESTAMP_SEQUENCE   0x02
#define ldb_attr_cmp(a,  b)   strcasecmp(a, b)
Compare two attributes.
#define discard_const(ptr)   ((void *)((uintptr_t)(ptr)))
#define LDB_TYPESAFE_QSORT(base,  numel,  opaque,  comparison)
#define TYPESAFE_QSORT(base,  numel,  comparison)
#define LDB_REQ_SET_LOCATION(req)   ldb_req_set_location(req, __location__)

typedef int(* ldb_attr_handler_t) (struct ldb_context *, TALLOC_CTX *mem_ctx, const struct ldb_val *, struct ldb_val *)
typedef int(* ldb_attr_comparison_t) (struct ldb_context *, TALLOC_CTX *mem_ctx, const struct ldb_val *, const struct ldb_val *)
typedef int(* ldb_attr_operator_t) (struct ldb_context *, enum ldb_parse_op operation, const struct ldb_schema_attribute *a, const struct ldb_val *, const struct ldb_val *, bool *matched)
typedef int(* ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque)
typedef int(* ldb_request_callback_t) (struct ldb_request *, struct ldb_reply *)

enum ldb_changetype { LDB_CHANGETYPE_NONE =0, LDB_CHANGETYPE_ADD, LDB_CHANGETYPE_DELETE, LDB_CHANGETYPE_MODIFY, LDB_CHANGETYPE_MODRDN }
enum ldb_scope { LDB_SCOPE_DEFAULT =-1, LDB_SCOPE_BASE =0, LDB_SCOPE_ONELEVEL =1, LDB_SCOPE_SUBTREE =2 }
enum ldb_debug_level { LDB_DEBUG_FATAL, LDB_DEBUG_ERROR, LDB_DEBUG_WARNING, LDB_DEBUG_TRACE }
enum ldb_parse_op { LDB_OP_AND =1, LDB_OP_OR =2, LDB_OP_NOT =3, LDB_OP_EQUALITY =4, LDB_OP_SUBSTRING =5, LDB_OP_GREATER =6, LDB_OP_LESS =7, LDB_OP_PRESENT =8, LDB_OP_APPROX =9, LDB_OP_EXTENDED =10 }
enum ldb_request_type { LDB_SEARCH, LDB_ADD, LDB_MODIFY, LDB_DELETE, LDB_RENAME, LDB_EXTENDED, LDB_REQ_REGISTER_CONTROL, LDB_REQ_REGISTER_PARTITION }
enum ldb_reply_type { LDB_REPLY_ENTRY, LDB_REPLY_REFERRAL, LDB_REPLY_DONE }
enum ldb_wait_type { LDB_WAIT_ALL, LDB_WAIT_NONE }
enum ldb_state { LDB_ASYNC_INIT, LDB_ASYNC_PENDING, LDB_ASYNC_DONE }
enum ldb_sequence_type { LDB_SEQ_HIGHEST_SEQ, LDB_SEQ_HIGHEST_TIMESTAMP, LDB_SEQ_NEXT }

struct ldb_parse_tree * ldb_parse_tree (TALLOC_CTX *mem_ctx, const char *s)
char * ldb_filter_from_tree (TALLOC_CTX *mem_ctx, const struct ldb_parse_tree *tree)
char * ldb_binary_encode (TALLOC_CTX *mem_ctx, struct ldb_val val)
Encode a binary blob.
char * ldb_binary_encode_string (TALLOC_CTX *mem_ctx, const char *string)
Encode a string.
const struct ldb_schema_attribute * ldb_schema_attribute_by_name (struct ldb_context *ldb, const char *name)
const struct ldb_dn_extended_syntax * ldb_dn_extended_syntax_by_name (struct ldb_context *ldb, const char *name)
int ldb_request (struct ldb_context *ldb, struct ldb_request *request)
int ldb_request_done (struct ldb_request *req, int status)
bool ldb_request_is_done (struct ldb_request *req)
int ldb_modules_wait (struct ldb_handle *handle)
int ldb_wait (struct ldb_handle *handle, enum ldb_wait_type type)
int ldb_set_timeout (struct ldb_context *ldb, struct ldb_request *req, int timeout)
int ldb_set_timeout_from_prev_req (struct ldb_context *ldb, struct ldb_request *oldreq, struct ldb_request *newreq)
void ldb_set_create_perms (struct ldb_context *ldb, unsigned int perms)
void ldb_set_modules_dir (struct ldb_context *ldb, const char *path)
void ldb_set_event_context (struct ldb_context *ldb, struct tevent_context *ev)
struct tevent_context * ldb_get_event_context (struct ldb_context *ldb)
int ldb_global_init (void)
Initialise ldbs' global information.
struct ldb_context * ldb_init (TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx)
Initialise an ldb context.
int ldb_connect (struct ldb_context *ldb, const char *url, unsigned int flags, const char *options[])
Connect to a database.
struct ldb_dn * ldb_get_root_basedn (struct ldb_context *ldb)
struct ldb_dn * ldb_get_config_basedn (struct ldb_context *ldb)
struct ldb_dn * ldb_get_schema_basedn (struct ldb_context *ldb)
struct ldb_dn * ldb_get_default_basedn (struct ldb_context *ldb)
int ldb_search_default_callback (struct ldb_request *req, struct ldb_reply *ares)
The default async search callback function.
int ldb_op_default_callback (struct ldb_request *req, struct ldb_reply *ares)
The default async extended operation callback function.
int ldb_modify_default_callback (struct ldb_request *req, struct ldb_reply *ares)
int ldb_build_search_req (struct ldb_request **ret_req, struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_dn *base, enum ldb_scope scope, const char *expression, const char *const *attrs, struct ldb_control **controls, void *context, ldb_request_callback_t callback, struct ldb_request *parent)
Helper function to build a search request.
int ldb_build_search_req_ex (struct ldb_request **ret_req, struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_dn *base, enum ldb_scope scope, struct ldb_parse_tree *tree, const char *const *attrs, struct ldb_control **controls, void *context, ldb_request_callback_t callback, struct ldb_request *parent)
int ldb_build_add_req (struct ldb_request **ret_req, struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const struct ldb_message *message, struct ldb_control **controls, void *context, ldb_request_callback_t callback, struct ldb_request *parent)
Helper function to build an add request.
int ldb_build_mod_req (struct ldb_request **ret_req, struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const struct ldb_message *message, struct ldb_control **controls, void *context, ldb_request_callback_t callback, struct ldb_request *parent)
Helper function to build a modify request.
int ldb_build_del_req (struct ldb_request **ret_req, struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_dn *dn, struct ldb_control **controls, void *context, ldb_request_callback_t callback, struct ldb_request *parent)
Helper function to build a delete request.
int ldb_build_rename_req (struct ldb_request **ret_req, struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_dn *olddn, struct ldb_dn *newdn, struct ldb_control **controls, void *context, ldb_request_callback_t callback, struct ldb_request *parent)
Helper function to build a rename request.
int ldb_request_add_control (struct ldb_request *req, const char *oid, bool critical, void *data)
Add a ldb_control to a ldb_request.
int ldb_request_replace_control (struct ldb_request *req, const char *oid, bool critical, void *data)
replace a ldb_control in a ldb_request
struct ldb_control * ldb_request_get_control (struct ldb_request *req, const char *oid)
check if a control with the specified 'oid' exist and return it
struct ldb_control * ldb_reply_get_control (struct ldb_reply *rep, const char *oid)
check if a control with the specified 'oid' exist and return it
int ldb_search (struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_result **result, struct ldb_dn *base, enum ldb_scope scope, const char *const *attrs, const char *exp_fmt,...) PRINTF_ATTRIBUTE(7
Search the database.
int int ldb_add (struct ldb_context *ldb, const struct ldb_message *message)
Add a record to the database.
int ldb_modify (struct ldb_context *ldb, const struct ldb_message *message)
Modify the specified attributes of a record.
int ldb_rename (struct ldb_context *ldb, struct ldb_dn *olddn, struct ldb_dn *newdn)
Rename a record in the database.
int ldb_delete (struct ldb_context *ldb, struct ldb_dn *dn)
Delete a record from the database.
int ldb_extended_default_callback (struct ldb_request *req, struct ldb_reply *ares)
The default async extended operation callback function.
int ldb_build_extended_req (struct ldb_request **ret_req, struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *oid, void *data, struct ldb_control **controls, void *context, ldb_request_callback_t callback, struct ldb_request *parent)
Helper function to build a extended request.
int ldb_extended (struct ldb_context *ldb, const char *oid, void *data, struct ldb_result **res)
call an extended operation
int ldb_sequence_number (struct ldb_context *ldb, enum ldb_sequence_type type, uint64_t *seq_num)
Obtain current/next database sequence number.
int ldb_transaction_start (struct ldb_context *ldb)
start a transaction
int ldb_transaction_prepare_commit (struct ldb_context *ldb)
first phase of two phase commit
int ldb_transaction_commit (struct ldb_context *ldb)
commit a transaction
int ldb_transaction_cancel (struct ldb_context *ldb)
cancel a transaction
int ldb_transaction_cancel_noerr (struct ldb_context *ldb)
const char * ldb_errstring (struct ldb_context *ldb)
return extended error information from the last call
const char * ldb_strerror (int ldb_err)
return a string explaining what a ldb error constant means
void ldb_set_utf8_default (struct ldb_context *ldb)
setup the default utf8 functions FIXME: these functions do not yet handle utf8
char * ldb_casefold (struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *s, size_t n)
Casefold a string.
int ldb_valid_attr_name (const char *s)
Check the attribute name is valid according to rfc2251.
int ldb_ldif_write (struct ldb_context *ldb, int(*fprintf_fn)(void *, const char *,...) PRINTF_ATTRIBUTE(2, 3), void *private_data, const struct ldb_ldif *ldif)
Write an LDIF message.
void ldb_ldif_read_free (struct ldb_context *ldb, struct ldb_ldif *msg)
Clean up an LDIF message.
struct ldb_ldif * ldb_ldif_read (struct ldb_context *ldb, int(*fgetc_fn)(void *), void *private_data)
Read an LDIF message.
struct ldb_ldif * ldb_ldif_read_file (struct ldb_context *ldb, FILE *f)
Read an LDIF message from a file.
struct ldb_ldif * ldb_ldif_read_string (struct ldb_context *ldb, const char **s)
Read an LDIF message from a string.
int ldb_ldif_parse_modrdn (struct ldb_context *ldb, const struct ldb_ldif *ldif, TALLOC_CTX *mem_ctx, struct ldb_dn **olddn, struct ldb_dn **newrdn, bool *deleteoldrdn, struct ldb_dn **newsuperior, struct ldb_dn **newdn)
Parse a modrdn LDIF message from a struct ldb_message.
int ldb_ldif_write_file (struct ldb_context *ldb, FILE *f, const struct ldb_ldif *msg)
Write an LDIF message to a file.
char * ldb_ldif_write_string (struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const struct ldb_ldif *msg)
Write an LDIF message to a string.
char * ldb_ldif_message_string (struct ldb_context *ldb, TALLOC_CTX *mem_ctx, enum ldb_changetype changetype, const struct ldb_message *msg)
Write an LDB message to a string.
char * ldb_ldif_message_redacted_string (struct ldb_context *ldb, TALLOC_CTX *mem_ctx, enum ldb_changetype changetype, const struct ldb_message *msg)
Write an LDB message to a string.
char * ldb_base64_encode (TALLOC_CTX *mem_ctx, const char *buf, int len)
Base64 encode a buffer.
int ldb_base64_decode (char *s)
Base64 decode a buffer.
const char * ldb_dn_get_linearized (struct ldb_dn *dn)
Get the linear form of a DN (without any extended components)
char * ldb_dn_alloc_linearized (TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
Allocate a copy of the linear form of a DN (without any extended components) onto the supplied memory context.
char * ldb_dn_get_extended_linearized (TALLOC_CTX *mem_ctx, struct ldb_dn *dn, int mode)
Get the linear form of a DN (with any extended components)
const struct ldb_val * ldb_dn_get_extended_component (struct ldb_dn *dn, const char *name)
int ldb_dn_set_extended_component (struct ldb_dn *dn, const char *name, const struct ldb_val *val)
void ldb_dn_extended_filter (struct ldb_dn *dn, const char *const *accept_list)
void ldb_dn_remove_extended_components (struct ldb_dn *dn)
bool ldb_dn_has_extended (struct ldb_dn *dn)
int ldb_dn_extended_add_syntax (struct ldb_context *ldb, unsigned flags, const struct ldb_dn_extended_syntax *syntax)
struct ldb_dn * ldb_dn_new (TALLOC_CTX *mem_ctx, struct ldb_context *ldb, const char *dn)
Allocate a new DN from a string.
struct ldb_dn * ldb_dn_new_fmt (TALLOC_CTX *mem_ctx, struct ldb_context *ldb, const char *new_fmt,...) PRINTF_ATTRIBUTE(3
Allocate a new DN from a printf style format string and arguments.
struct ldb_dn struct ldb_dn * ldb_dn_from_ldb_val (TALLOC_CTX *mem_ctx, struct ldb_context *ldb, const struct ldb_val *strdn)
Allocate a new DN from a struct ldb_val (useful to avoid buffer overrun)
bool ldb_dn_validate (struct ldb_dn *dn)
Determine if this DN is syntactically valid.
char * ldb_dn_escape_value (TALLOC_CTX *mem_ctx, struct ldb_val value)
const char * ldb_dn_get_casefold (struct ldb_dn *dn)
char * ldb_dn_alloc_casefold (TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
int ldb_dn_compare_base (struct ldb_dn *base, struct ldb_dn *dn)
int ldb_dn_compare (struct ldb_dn *edn0, struct ldb_dn *edn1)
bool ldb_dn_add_base (struct ldb_dn *dn, struct ldb_dn *base)
bool ldb_dn_add_base_fmt (struct ldb_dn *dn, const char *base_fmt,...) PRINTF_ATTRIBUTE(2
bool bool ldb_dn_add_child (struct ldb_dn *dn, struct ldb_dn *child)
bool ldb_dn_add_child_fmt (struct ldb_dn *dn, const char *child_fmt,...) PRINTF_ATTRIBUTE(2
bool bool ldb_dn_remove_base_components (struct ldb_dn *dn, unsigned int num)
bool ldb_dn_remove_child_components (struct ldb_dn *dn, unsigned int num)
bool ldb_dn_add_child_val (struct ldb_dn *dn, const char *rdn, struct ldb_val value)
struct ldb_dn * ldb_dn_copy (TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
struct ldb_dn * ldb_dn_get_parent (TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
char * ldb_dn_canonical_string (TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
char * ldb_dn_canonical_ex_string (TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
int ldb_dn_get_comp_num (struct ldb_dn *dn)
int ldb_dn_get_extended_comp_num (struct ldb_dn *dn)
const char * ldb_dn_get_component_name (struct ldb_dn *dn, unsigned int num)
const struct ldb_val * ldb_dn_get_component_val (struct ldb_dn *dn, unsigned int num)
const char * ldb_dn_get_rdn_name (struct ldb_dn *dn)
const struct ldb_val * ldb_dn_get_rdn_val (struct ldb_dn *dn)
int ldb_dn_set_component (struct ldb_dn *dn, int num, const char *name, const struct ldb_val val)
bool ldb_dn_is_valid (struct ldb_dn *dn)
bool ldb_dn_is_special (struct ldb_dn *dn)
bool ldb_dn_check_special (struct ldb_dn *dn, const char *check)
bool ldb_dn_is_null (struct ldb_dn *dn)
int ldb_dn_update_components (struct ldb_dn *dn, const struct ldb_dn *ref_dn)
char * ldb_attr_casefold (TALLOC_CTX *mem_ctx, const char *s)
int ldb_attr_dn (const char *attr)
struct ldb_message * ldb_msg_new (TALLOC_CTX *mem_ctx)
Create an empty message.
struct ldb_message_element * ldb_msg_find_element (const struct ldb_message *msg, const char *attr_name)
Find an element within an message.
int ldb_val_equal_exact (const struct ldb_val *v1, const struct ldb_val *v2)
Compare two ldb_val values.
struct ldb_val * ldb_msg_find_val (const struct ldb_message_element *el, struct ldb_val *val)
find a value within an ldb_message_element
int ldb_msg_add_empty (struct ldb_message *msg, const char *attr_name, int flags, struct ldb_message_element **return_el)
add a new empty element to a ldb_message
int ldb_msg_element_add_value (TALLOC_CTX *mem_ctx, struct ldb_message_element *el, const struct ldb_val *val)
add a value to a message element
int ldb_msg_add (struct ldb_message *msg, const struct ldb_message_element *el, int flags)
add a element to a ldb_message
int ldb_msg_add_value (struct ldb_message *msg, const char *attr_name, const struct ldb_val *val, struct ldb_message_element **return_el)
int ldb_msg_add_steal_value (struct ldb_message *msg, const char *attr_name, struct ldb_val *val)
int ldb_msg_add_steal_string (struct ldb_message *msg, const char *attr_name, char *str)
int ldb_msg_add_string_flags (struct ldb_message *msg, const char *attr_name, const char *str, int flags)
int ldb_msg_add_string (struct ldb_message *msg, const char *attr_name, const char *str)
int ldb_msg_add_linearized_dn (struct ldb_message *msg, const char *attr_name, struct ldb_dn *dn)
int ldb_msg_add_fmt (struct ldb_message *msg, const char *attr_name, const char *fmt,...) PRINTF_ATTRIBUTE(3
int int ldb_msg_append_value (struct ldb_message *msg, const char *attr_name, const struct ldb_val *val, int flags)
append a element to a ldb_message
int ldb_msg_append_steal_value (struct ldb_message *msg, const char *attr_name, struct ldb_val *val, int flags)
int ldb_msg_append_steal_string (struct ldb_message *msg, const char *attr_name, char *str, int flags)
int ldb_msg_append_string (struct ldb_message *msg, const char *attr_name, const char *str, int flags)
int ldb_msg_append_linearized_dn (struct ldb_message *msg, const char *attr_name, struct ldb_dn *dn, int flags)
int ldb_msg_append_fmt (struct ldb_message *msg, int flags, const char *attr_name, const char *fmt,...) PRINTF_ATTRIBUTE(4
int int ldb_msg_element_compare (struct ldb_message_element *el1, struct ldb_message_element *el2)
compare two message elements - return 0 on match
int ldb_msg_element_compare_name (struct ldb_message_element *el1, struct ldb_message_element *el2)
const struct ldb_val * ldb_msg_find_ldb_val (const struct ldb_message *msg, const char *attr_name)
Find elements in a message.
int ldb_msg_find_attr_as_int (const struct ldb_message *msg, const char *attr_name, int default_value)
unsigned int ldb_msg_find_attr_as_uint (const struct ldb_message *msg, const char *attr_name, unsigned int default_value)
int64_t ldb_msg_find_attr_as_int64 (const struct ldb_message *msg, const char *attr_name, int64_t default_value)
uint64_t ldb_msg_find_attr_as_uint64 (const struct ldb_message *msg, const char *attr_name, uint64_t default_value)
double ldb_msg_find_attr_as_double (const struct ldb_message *msg, const char *attr_name, double default_value)
int ldb_msg_find_attr_as_bool (const struct ldb_message *msg, const char *attr_name, int default_value)
const char * ldb_msg_find_attr_as_string (const struct ldb_message *msg, const char *attr_name, const char *default_value)
struct ldb_dn * ldb_msg_find_attr_as_dn (struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const struct ldb_message *msg, const char *attr_name)
void ldb_msg_sort_elements (struct ldb_message *msg)
struct ldb_message * ldb_msg_copy_shallow (TALLOC_CTX *mem_ctx, const struct ldb_message *msg)
struct ldb_message * ldb_msg_copy (TALLOC_CTX *mem_ctx, const struct ldb_message *msg)
struct ldb_message * ldb_msg_canonicalize (struct ldb_context *ldb, const struct ldb_message *msg) _DEPRECATED_
int ldb_msg_normalize (struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const struct ldb_message *msg, struct ldb_message **_msg_out)
struct ldb_message * ldb_msg_diff (struct ldb_context *ldb, struct ldb_message *msg1, struct ldb_message *msg2) _DEPRECATED_
int ldb_msg_difference (struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_message *msg1, struct ldb_message *msg2, struct ldb_message **_msg_out)
return a ldb_message representing the differences between msg1 and msg2.
int ldb_msg_check_string_attribute (const struct ldb_message *msg, const char *name, const char *value)
Tries to find a certain string attribute in a message.
int ldb_msg_sanity_check (struct ldb_context *ldb, const struct ldb_message *msg)
Integrity check an ldb_message.
struct ldb_val ldb_val_dup (TALLOC_CTX *mem_ctx, const struct ldb_val *v)
Duplicate an ldb_val structure.
int ldb_set_debug (struct ldb_context *ldb, void(*debug)(void *context, enum ldb_debug_level level, const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3, 0), void *context)
this allows the user to set a debug function for error reporting
void ldb_set_utf8_fns (struct ldb_context *ldb, void *context, char *(*casefold)(void *, void *, const char *, size_t n))
this allows the user to set custom utf8 function for error reporting.
int ldb_set_debug_stderr (struct ldb_context *ldb)
this sets up debug to print messages on stderr
int ldb_set_opaque (struct ldb_context *ldb, const char *name, void *value)
void * ldb_get_opaque (struct ldb_context *ldb, const char *name)
const char ** ldb_attr_list_copy (TALLOC_CTX *mem_ctx, const char *const *attrs)
const char ** ldb_attr_list_copy_add (TALLOC_CTX *mem_ctx, const char *const *attrs, const char *new_attr)
int ldb_attr_in_list (const char *const *attrs, const char *attr)
int ldb_msg_rename_attr (struct ldb_message *msg, const char *attr, const char *replace)
int ldb_msg_copy_attr (struct ldb_message *msg, const char *attr, const char *replace)
void ldb_msg_remove_attr (struct ldb_message *msg, const char *attr)
void ldb_msg_remove_element (struct ldb_message *msg, struct ldb_message_element *el)
void ldb_parse_tree_attr_replace (struct ldb_parse_tree *tree, const char *attr, const char *replace)
struct ldb_parse_tree * ldb_parse_tree_copy_shallow (TALLOC_CTX *mem_ctx, const struct ldb_parse_tree *ot)
char * ldb_timestring (TALLOC_CTX *mem_ctx, time_t t)
Convert a time structure to a string.
time_t ldb_string_to_time (const char *s)
Convert a string to a time structure.
int ldb_val_to_time (const struct ldb_val *v, time_t *t)
convert a LDAP GeneralizedTime string in ldb_val format to a time_t.
char * ldb_timestring_utc (TALLOC_CTX *mem_ctx, time_t t)
Convert a time structure to a string.
time_t ldb_string_utc_to_time (const char *s)
Convert a string to a time structure.
void ldb_qsort (void *const pbase, size_t total_elems, size_t size, void *opaque, ldb_qsort_cmp_fn_t cmp)
char * ldb_control_to_string (TALLOC_CTX *mem_ctx, const struct ldb_control *control)
Convert a control into its string representation.
struct ldb_control * ldb_parse_control_from_string (struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *control_strings)
Convert a string representing a control into a ldb_control structure.
struct ldb_control ** ldb_parse_control_strings (struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char **control_strings)
Convert an array of string representation of a control into an array of ldb_control structures.
unsigned int ldb_get_flags (struct ldb_context *ldb)
return the ldb flags
void ldb_set_flags (struct ldb_context *ldb, unsigned flags)
struct ldb_dn * ldb_dn_binary_from_ldb_val (TALLOC_CTX *mem_ctx, struct ldb_context *ldb, const struct ldb_val *strdn)
int ldb_dn_get_binary (struct ldb_dn *dn, struct ldb_val *val)
int ldb_dn_set_binary (struct ldb_dn *dn, struct ldb_val *val)
void ldb_req_set_location (struct ldb_request *req, const char *location)
const char * ldb_req_location (struct ldb_request *req)
bool ldb_dn_minimise (struct ldb_dn *dn)
int ldb_val_string_cmp (const struct ldb_val *v, const char *str)

Compare two attributes. This function compares to attribute names. Note that this is a case-insensitive comparison.

Parameters

a the first attribute name to compare
b the second attribute name to compare

Returns

attribute names are restricted by rfc2251 so using strcasecmp and toupper here is ok. return 0 for match

The attribute is supplied by the application and should not be removed.

The attribute is not returned by default.

LDB_CONTROL_AS_SYSTEM is used to skip access checks on operations that are performed by the system, but with a user's credentials, e.g. updating prefix map

OID for LDAP Attribute Scoped Query extension. This control is included in SearchRequest or SearchResponse messages as part of the controls field of the LDAPMessage.

OID for getting and manipulating attributes from the ldb without interception in the operational module. It can be used to access attribute that used to be stored in the sam and that are now calculated.

OID for LDAP Directory Sync extension. This control is included in SearchRequest or SearchResponse messages as part of the controls field of the LDAPMessage.

OID for specifying an advanced scope for the search (one partition)

See also

Microsoft documentation of this OID

OID for extended DN.

See also

Microsoft documentation of this OID

OID for notification.

See also

Microsoft documentation of this OID

OID for the paged results control. This control is included in the searchRequest and searchResultDone messages as part of the controls field of the LDAPMessage, as defined in Section 4.1.12 of LDAP v3.

See also

RFC 2696.

OID to let modifies don't give an error when adding an existing attribute with the same value or deleting an nonexisting one attribute.

See also

Microsoft documentation of this OID

LDB_CONTROL_PROVISION_OID is used to skip some constraint checks. It's is mainly thought to be used for the provisioning.

OID for recalculate RDN (rdn attribute and 'name') control. This control forces the rdn_name module to the recalculate the rdn and name attributes as if the object was just created.

OID for recalculate SD control. This control force the dsdb code to recalculate the SD of the object as if the object was just created.

OID for the allowing client to request temporary relaxed enforcement of constraints of the x.500 model. Mainly used for the OpenLDAP backend.

See also

draft managedit.

REVEAL_INTERNALS is used to reveal internal attributes and DN components which are not normally shown to the user.

Control for RODC join -see [MS-ADTS] section 3.1.1.3.4.1.23.

See also

Microsoft documentation of this OID

OID for specifying the returned elements of the ntSecurityDescriptor.

See also

Microsoft documentation of this OID

OID for specifying an advanced scope for a search.

See also

Microsoft documentation of this OID

OID to allow the server to be more 'fast and loose' with the data being added.

See also

Microsoft documentation of this OID

OID for LDAP server sort result extension. This control is included in the searchRequest message as part of the controls field of the LDAPMessage, as defined in Section 4.1.12 of LDAP v3. The controlType is set to '1.2.840.113556.1.4.473'. The criticality MAY be either TRUE or FALSE (where absent is also equivalent to FALSE) at the client's option.

See also

RFC 2891.

OID for getting deactivated linked attributes.

See also

Microsoft documentation of this OID

OID for getting deleted objects.

See also

Microsoft documentation of this OID

OID for getting recycled objects.

See also

Microsoft documentation of this OID

OID for LDAP server sort result response extension. This control is included in the searchResultDone message as part of the controls field of the LDAPMessage, as defined in Section 4.1.12 of LDAP v3.

See also

RFC 2891.

OID for performing subtree deletes.

See also

Microsoft documentation of this OID

OID for the allowing some kind of relax check for attributes with DNs.

See also

OID for LDAP Virtual List View Request extension. This control is included in SearchRequest messages as part of the controls field of the LDAPMessage.

OID for LDAP Virtual List View Response extension. This control is included in SearchResponse messages as part of the controls field of the LDAPMessage.

OID for LDAP Extended Operation DYNAMIC_REFRESH. This Extended operation is used to create and maintain objects which exist only a specific time, e.g. when a certain client or a certain person is logged in. Data refreshes have to be periodically sent in a specific interval. Otherwise the entry is going to be removed.

OID for LDAP Extended Operation FAST_BIND. This Extended operations is used to perform a fast bind.

OID for LDAP Extended Operation PASSWORD_CHANGE. This Extended operation is used to allow user password changes by the user itself.

OID for LDAP Extended Operation SEQUENCE_NUMBER. This extended operation is used to retrieve the extended sequence number.

OID for LDAP Extended Operation START_TLS. This Extended operation is used to start a new TLS channel on top of a clear text channel.

OID for RFC4532 'Who Am I' extended operation.

Flag value used in ldb_ldif_write_trace() to enforce binary encoded attribute values per attribute. This is a genuine flag, being outside LDB_FLAG_MOD_MASK and also outside LDB_FLAG_INTERNAL_MASK

flag bits on an element usable only by the internal implementation

Value used in ldap_modify() to indicate that attributes are being added.

See also

LDB_FLAG_MOD_MASK

Value used in ldap_modify() to indicate that attributes are being deleted.

See also

LDB_FLAG_MOD_MASK

There are a number of flags that are used with ldap_modify() in ldb_message_element.flags fields. The LDB_FLAG_MOD_ADD, LDB_FLAG_MOD_DELETE and LDB_FLAG_MOD_REPLACE are better thought of as an enumeration, not flags, and are used in ldap_modify() calls to specify whether attributes are being added, deleted or modified respectively.

Value used in ldap_modify() to indicate that attributes are being replaced.

See also

LDB_FLAG_MOD_MASK

use this to extract the mod type (enum) from the operation

Flags to tell LDB not to create a new database file: Without this flag ldb_tdb (for example) will create a blank file during an invocation of ldb_connect(), even when the caller only wanted read operations, for example in ldbsearch.

Flags to enable ldb tracing.

Flag to tell backends not to use mmap.

Flag value for database connection mode. If LDB_FLG_NOSYNC is used in ldb_connect, then the database will be opened without synchronous operations, if possible.

Flag value for database connection mode. If LDB_FLG_RDONLY is used in ldb_connect, then the database will be opened read-only, if possible.

Examples ldbreader.c.

Flag value to specify autoreconnect mode. If LDB_FLG_RECONNECT is used in ldb_connect, then the backend will be opened in a way that makes it try to auto reconnect if the connection is dropped (actually make sense only with ldap).

Flag to tell ldif handlers not to force encoding of binary structures in base64.

OID for logic AND comparison. This is the well known object ID for a logical AND comparator.

OID for logic OR comparison. This is the well known object ID for a logical OR comparator.

LDAP attribute syntax for a boolean. This is the well-known LDAP attribute syntax for a boolean.

See RFC 2252, Section 4.3.2

LDAP attribute syntax for a Directory String. This is the well-known LDAP attribute syntax for a Directory String.

See also

RFC 2252, Section 4.3.2

LDAP attribute syntax for a DN. This is the well-known LDAP attribute syntax for a DN.

See RFC 2252, Section 4.3.2

LDAP attribute syntax for an integer. This is the well-known LDAP attribute syntax for an integer.

See RFC 2252, Section 4.3.2

LDAP attribute syntax for an octet string. This is the well-known LDAP attribute syntax for an octet string.

See RFC 2252, Section 4.3.2

Custom attribute syntax for an integer whose index is lexicographically ordered by attribute value in the database.

LDAP attribute syntax for UTC time. This is the well-known LDAP attribute syntax for a UTC time.

See RFC 2252, Section 4.3.2

Value:.PP

do { \
    if (numel > 1) { \
        ldb_qsort(base, numel, sizeof((base)[0]), discard_const(opaque), (ldb_qsort_cmp_fn_t)comparison); \
        if (0) { \
            comparison(&((base)[0]), &((base)[1]), opaque); \
        } \
    } \
} while (0)

Value:.PP

do { \
    if (numel > 1) { \
        qsort(base, numel, sizeof((base)[0]), (int (*)(const void *, const void *))comparison); \
        if (0) { \
            comparison(&((base)[0]), &((base)[1])); \
        } \
    } \
} while (0)

Add a record to the database. This function adds a record to the database. This function will fail if a record with the specified class and key already exists in the database.

Parameters

ldb the context associated with the database (from ldb_init())
message the message containing the record to add.

Returns

result code (LDB_SUCCESS if the record was added, otherwise a failure code)

Base64 decode a buffer. This function decodes a base64 encoded string in place.

Parameters

s the string to decode.

Returns

the length of the returned (decoded) string.

Note

the string is null terminated, but the null terminator is not included in the length.

Base64 encode a buffer.

Parameters

mem_ctx the memory context that the result is allocated from.
buf pointer to the array that is to be encoded
len the number of elements in the array to be encoded

Returns

pointer to an array containing the encoded data

Note

The caller is responsible for freeing the result

Encode a binary blob. This function encodes a binary blob using the encoding rules in RFC 2254 (Section 4). This function also escapes any non-printable characters.

Parameters

mem_ctx the memory context to allocate the return string in.
val the (potentially) binary data to be encoded

Returns

the encoded data as a null terminated string

See also

RFC 2252.

Encode a string. This function encodes a string using the encoding rules in RFC 2254 (Section 4). This function also escapes any non-printable characters.

Parameters

mem_ctx the memory context to allocate the return string in.
string the string to be encoded

Returns

the encoded data as a null terminated string

See also

RFC 2252.

Helper function to build an add request.

Parameters

ret_req the request structure is returned here (talloced on mem_ctx)
ldb the context associated with the database (from ldb_init())
mem_ctx a talloc memory context (used as parent of ret_req)
message contains the entry to be added
controls an array of controls
context the callback function context
callback the callback function to handle the async replies
parent the parent request if any

Returns

result code (LDB_SUCCESS on success, or a failure code)

Helper function to build a delete request.

Parameters

ret_req the request structure is returned here (talloced on mem_ctx)
ldb the context associated with the database (from ldb_init())
mem_ctx a talloc memory context (used as parent of ret_req)
dn the DN to be deleted
controls an array of controls
context the callback function context
callback the callback function to handle the async replies
parent the parent request if any

Returns

result code (LDB_SUCCESS on success, or a failure code)

Helper function to build a extended request.

Parameters

ret_req the request structure is returned here (talloced on mem_ctx)
ldb the context associated with the database (from ldb_init())
mem_ctx a talloc memory context (used as parent of ret_req)
oid the OID of the extended operation.
data a void pointer to the extended operation specific parameters, it needs to be NULL or a valid talloc pointer! talloc_get_type() will be used on it
controls an array of controls
context the callback function context
callback the callback function to handle the async replies
parent the parent request if any

Returns

result code (LDB_SUCCESS on success, or a failure code)

Helper function to build a modify request.

Parameters

ret_req the request structure is returned here (talloced on mem_ctx)
ldb the context associated with the database (from ldb_init())
mem_ctx a talloc memory context (used as parent of ret_req)
message contains the entry to be modified
controls an array of controls
context the callback function context
callback the callback function to handle the async replies
parent the parent request if any

Returns

result code (LDB_SUCCESS on success, or a failure code)

Helper function to build a rename request.

Parameters

ret_req the request structure is returned here (talloced on mem_ctx)
ldb the context associated with the database (from ldb_init())
mem_ctx a talloc memory context (used as parent of ret_req)
olddn the old DN
newdn the new DN
controls an array of controls
context the callback function context
callback the callback function to handle the async replies
parent the parent request if any

Returns

result code (LDB_SUCCESS on success, or a failure code)

Helper function to build a search request.

Parameters

ret_req the request structure is returned here (talloced on mem_ctx)
ldb the context associated with the database (from ldb_init())
mem_ctx a talloc memory context (used as parent of ret_req)
base the Base Distinguished Name for the query (use ldb_dn_new() for an empty one)
scope the search scope for the query
expression the search expression to use for this query
attrs the search attributes for the query (pass NULL if none required)
controls an array of controls
context the callback function context
callback the callback function to handle the async replies
parent the parent request if any

Returns

result code (LDB_SUCCESS on success, or a failure code)

Casefold a string. Note that the callback needs to be ASCII compatible. So first ASCII needs to be handle before any UTF-8. This is needed to avoid issues with dotted languages.

Parameters

ldb the ldb context
mem_ctx the memory context to allocate the result string memory from.
s the string that is to be folded

Returns

a copy of the string, converted to upper case

Note

The default function is not yet UTF8 aware. Provide your own set of functions through ldb_set_utf8_fns()

Connect to a database. This is typically called soon after ldb_init(), and is required prior to any search or database modification operations.

The URL can be one of the following forms:

• tdb://path
• ldapi://path
• ldap://host
• sqlite://path

Parameters

ldb the context associated with the database (from ldb_init())
url the URL of the database to connect to, as noted above
flags a combination of LDB_FLG_* to modify the connection behaviour
options backend specific options - passed uninterpreted to the backend

Returns

result code (LDB_SUCCESS on success, or a failure code)

Note

It is an error to connect to a database that does not exist in readonly mode (that is, with LDB_FLG_RDONLY). However in read-write mode, the database will be created if it does not exist.

Examples ldbreader.c.

Convert a control into its string representation.

Parameters

mem_ctx TALLOC context to return result on, and to allocate error_string on
control A struct ldb_control to convert

Returns

string representation of the control

Delete a record from the database. This function deletes a record from the database.

Parameters

ldb the context associated with the database (from ldb_init())
dn the DN for the record to be deleted.

Returns

result code (LDB_SUCCESS if the record was deleted, otherwise a failure code)

Allocate a copy of the linear form of a DN (without any extended components) onto the supplied memory context.

Parameters

dn The DN to linearize
mem_ctx TALLOC context to return result on

Allocate a new DN from a struct ldb_val (useful to avoid buffer overrun)

Parameters

mem_ctx TALLOC context to return resulting ldb_dn structure on
dn The new DN

Note

The DN will not be parsed at this time. Use ldb_dn_validate to tell if the DN is syntactically correct

Get the linear form of a DN (with any extended components)

Parameters

mem_ctx TALLOC context to return result on
dn The DN to linearize
mode Style of extended DN to return (0 is HEX representation of binary form, 1 is a string form)

Get the linear form of a DN (without any extended components)

Parameters

dn The DN to linearize

Allocate a new DN from a string.

Parameters

mem_ctx TALLOC context to return resulting ldb_dn structure on
dn The new DN

Note

The DN will not be parsed at this time. Use ldb_dn_validate to tell if the DN is syntactically correct

Allocate a new DN from a printf style format string and arguments.

Parameters

mem_ctx TALLOC context to return resulting ldb_dn structure on
new_fmt The new DN as a format string (plus arguments)

Note

The DN will not be parsed at this time. Use ldb_dn_validate to tell if the DN is syntactically correct

Determine if this DN is syntactically valid.

Parameters

dn The DN to validate

return extended error information from the last call

call an extended operation

Parameters

ldb the context associated with the database (from ldb_init())
oid the OID of the extended operation.
data a void pointer to the extended operation specific parameters, it needs to be NULL or a valid talloc pointer! talloc_get_type() will be used on it
res the result of the extended operation

Returns

result code (LDB_SUCCESS if the extended operation returned fine, otherwise a failure code)

The default async extended operation callback function.

Parameters

req the request we are callback of
ares a single reply from the async core

Returns

result code (LDB_SUCCESS on success, or a failure code)

Note

this function expects req->context to always be an struct ldb_result pointer AND a talloc context, this function will steal on the context each message from the ares reply passed on by the async core so that in the end all the messages will be in the context (ldb_result) memory tree. Freeing the passed context (ldb_result tree) will free all the resources (the request need to be freed separately and the result doe not depend on the request that can be freed as sson as the search request is finished)

return the ldb flags

Initialise ldbs' global information. This is required before any other LDB call

Returns

Initialise an ldb context. This is required before any other LDB call.

Parameters

mem_ctx pointer to a talloc memory context. Pass NULL if there is no suitable context available.

Note

The LDB modules will be loaded from directory specified by the environment variable LDB_MODULES_PATH. If the variable is not specified, the compiled-in default is used.

Returns

pointer to ldb_context that should be free'd (using talloc_free()) at the end of the program.

Examples ldbreader.c, and ldifreader.c.

Write an LDB message to a string.

Parameters

ldb the ldb context (from ldb_init())
mem_ctx the talloc context on which to attach the string)
changetype LDB_CHANGETYPE_ADD or LDB_CHANGETYPE_MODIFY
msg the message to write out

Returns

the string containing the LDIF, or NULL on error, but with secret attributes redacted

Note

The secret attributes are specified in a 'const char * const *' within the LDB_SECRET_ATTRIBUTE_LIST opaque set on the ldb

See also

ldb_ldif_message_string for an exact representation of the message as LDIF

Write an LDB message to a string.

Parameters

ldb the ldb context (from ldb_init())
mem_ctx the talloc context on which to attach the string)
changetype LDB_CHANGETYPE_ADD or LDB_CHANGETYPE_MODIFY
msg the message to write out

Returns

the string containing the LDIF, or NULL on error

See also

ldb_ldif_message_redacted_string for a safer version of this function

Parse a modrdn LDIF message from a struct ldb_message.

Parameters

ldb the ldb context (from ldb_init())
ldif the preparsed LDIF chunk (from ldb_ldif_read())
mem_ctx the memory context that's used for return values
olddn the old dn as struct ldb_dn, if not needed pass NULL
newrdn the new rdn as struct ldb_dn, if not needed pass NULL
deleteoldrdn the deleteoldrdn value as bool, if not needed pass NULL
newsuperior the newsuperior dn as struct ldb_dn, if not needed pass NULL newsuperior can be NULL as it is optional in the LDIF
newdn the full constructed new dn as struct ldb_dn, if not needed pass NULL

Read an LDIF message. This function creates an LDIF message using a caller supplied read function.

Parameters

ldb the ldb context (from ldb_init())
fgetc_fn a function pointer for the read function. This must take a private data pointer, and must return a pointer to an integer corresponding to the next byte read (or EOF if there is no more data to be read).
private_data pointer that will be provided back to the read function. This is udeful for maintaining state or context.

Returns

the LDIF message that has been read in

Note

You must free the LDIF message when no longer required, using ldb_ldif_read_free().

See also

ldb_ldif_read_file for a more convenient way to read from a file stream.

ldb_ldif_read_string for a more convenient way to read from a string (char array).

ldb_ldif_write for the writer equivalent to this function.

Read an LDIF message from a file. This function reads the next LDIF message from the contents of a file stream. If you want to get all of the LDIF messages, you will need to repeatedly call this function, until it returns NULL.

Parameters

ldb the ldb context (from ldb_init())
f the file stream to read from (typically from fdopen())

See also

ldb_ldif_read_string for an equivalent function that will read from a string (char array).

ldb_ldif_write_file for the writer equivalent to this function.

Examples ldifreader.c.

Clean up an LDIF message. This function cleans up a LDIF message read using ldb_ldif_read() or related functions (such as ldb_ldif_read_string() and ldb_ldif_read_file().

Parameters

ldb the ldb context (from ldb_init())
msg the message to clean up and free

Examples ldifreader.c.

Read an LDIF message from a string. This function reads the next LDIF message from the contents of a char array. If you want to get all of the LDIF messages, you will need to repeatedly call this function, until it returns NULL.

Parameters

ldb the ldb context (from ldb_init())
s pointer to the char array to read from

See also

ldb_ldif_read_file for an equivalent function that will read from a file stream.

ldb_ldif_write for a more general (arbitrary read function) version of this function.

Write an LDIF message. This function writes an LDIF message using a caller supplied write function.

Parameters

ldb the ldb context (from ldb_init())
fprintf_fn a function pointer for the write function. This must take a private data pointer, followed by a format string, and then a variable argument list.
private_data pointer that will be provided back to the write function. This is useful for maintaining state or context.
ldif the message to write out

Returns

the total number of bytes written, or an error code as returned from the write function.

See also

ldb_ldif_write_file for a more convenient way to write to a file stream.

ldb_ldif_read for the reader equivalent to this function.

Examples ldbreader.c, and ldifreader.c.

Write an LDIF message to a file.

Parameters

ldb the ldb context (from ldb_init())
f the file stream to write to (typically from fdopen())
msg the message to write out

Returns

the total number of bytes written, or a negative error code

See also

ldb_ldif_read_file for the reader equivalent to this function.

Write an LDIF message to a string.

Parameters

ldb the ldb context (from ldb_init())
mem_ctx the talloc context on which to attach the string)
msg the message to write out

Returns

the string containing the LDIF, or NULL on error

See also

ldb_ldif_read_string for the reader equivalent to this function.

Modify the specified attributes of a record. This function modifies a record that is in the database.

Parameters

ldb the context associated with the database (from ldb_init())
message the message containing the changes required.

Returns

result code (LDB_SUCCESS if the record was modified as requested, otherwise a failure code)

add a element to a ldb_message

add a new empty element to a ldb_message

append a element to a ldb_message

Tries to find a certain string attribute in a message.

Parameters

msg the message to check
name attribute name
value attribute value

Returns

return a ldb_message representing the differences between msg1 and msg2. If you then use this in a ldb_modify() call, it can be used to save edits to a message

Result message is constructed as follows:

• LDB_FLAG_MOD_ADD - elements found only in msg2
• LDB_FLAG_MOD_REPLACE - elements in msg2 that have different value in msg1 Value for msg2 element is used
• LDB_FLAG_MOD_DELETE - elements found only in msg2

Returns

LDB_SUCCESS or LDB_ERR_OPERATIONS_ERROR

add a value to a message element

compare two message elements - return 0 on match

Find an element within an message.

Find elements in a message. This function finds elements and converts to a specific type, with a given default value if not found. Assumes that elements are single valued.

find a value within an ldb_message_element

Parameters

el the element to search
val the value to search for

Note

This search is case sensitive

Create an empty message.

Parameters

mem_ctx the memory context to create in. You can pass NULL to get the top level context, however the ldb context (from ldb_init()) may be a better choice

Integrity check an ldb_message. This function performs basic sanity / integrity checks on an ldb_message.

Parameters

ldb context in which to perform the checks
msg the message to check

Returns

LDB_SUCCESS if the message is OK, or a non-zero error code (one of LDB_ERR_INVALID_DN_SYNTAX, LDB_ERR_ENTRY_ALREADY_EXISTS or LDB_ERR_INVALID_ATTRIBUTE_SYNTAX) if there is a problem with a message.

The default async extended operation callback function.

Parameters

req the request we are callback of
ares a single reply from the async core

Returns

result code (LDB_SUCCESS on success, or a failure code)

Convert a string representing a control into a ldb_control structure.

Parameters

ldb LDB context
mem_ctx TALLOC context to return result on, and to allocate error_string on
control_strings A string-formatted control

Returns

a ldb_control element

Convert an array of string representation of a control into an array of ldb_control structures.

Parameters

ldb LDB context
mem_ctx TALLOC context to return result on, and to allocate error_string on
control_strings Array of string-formatted controls

Returns

array of ldb_control elements

Rename a record in the database. This function renames a record in the database.

Parameters

ldb the context associated with the database (from ldb_init())
olddn the DN for the record to be renamed.
newdn the new DN

Returns

result code (LDB_SUCCESS if the record was renamed as requested, otherwise a failure code)

check if a control with the specified 'oid' exist and return it

Parameters

rep the reply struct where to add the control
oid the object identifier of the control as string

Returns

the control, NULL if not found

Add a ldb_control to a ldb_request.

Parameters

req the request struct where to add the control
oid the object identifier of the control as string
critical whether the control should be critical or not
data a talloc pointer to the control specific data

Returns

result code (LDB_SUCCESS on success, or a failure code)

check if a control with the specified 'oid' exist and return it

Parameters

req the request struct where to add the control
oid the object identifier of the control as string

Returns

the control, NULL if not found

replace a ldb_control in a ldb_request

Parameters

req the request struct where to add the control
oid the object identifier of the control as string
critical whether the control should be critical or not
data a talloc pointer to the control specific data

Returns

result code (LDB_SUCCESS on success, or a failure code)

Search the database. This function searches the database, and returns records that match an LDAP-like search expression

Parameters

ldb the context associated with the database (from ldb_init())
mem_ctx the memory context to use for the request and the results
result the return result
base the Base Distinguished Name for the query (use ldb_dn_new() for an empty one)
scope the search scope for the query
attrs the search attributes for the query (pass NULL if none required)
exp_fmt the search expression to use for this query (printf like)

Returns

result code (LDB_SUCCESS on success, or a failure code)

Note

use talloc_free() to free the ldb_result returned

Examples ldbreader.c.

The default async search callback function.

Parameters

req the request we are callback of
ares a single reply from the async core

Returns

result code (LDB_SUCCESS on success, or a failure code)

Note

this function expects req->context to always be an struct ldb_result pointer AND a talloc context, this function will steal on the context each message from the ares reply passed on by the async core so that in the end all the messages will be in the context (ldb_result) memory tree. Freeing the passed context (ldb_result tree) will free all the resources (the request need to be freed separately and the result doe not depend on the request that can be freed as sson as the search request is finished)

Obtain current/next database sequence number.

this allows the user to set a debug function for error reporting

this sets up debug to print messages on stderr

setup the default utf8 functions FIXME: these functions do not yet handle utf8

this allows the user to set custom utf8 function for error reporting. make sure it is able to handle ASCII first, so it prevents issues with dotted languages.

return a string explaining what a ldb error constant means

Convert a string to a time structure. This function converts an LDAP formatted GeneralizedTime string to a time_t structure.

Parameters

s the string to convert

Returns

the time structure, or 0 if the string cannot be converted

Convert a string to a time structure. This function converts an LDAP formatted UTCTime string to a time_t structure.

Parameters

s the string to convert

Returns

the time structure, or 0 if the string cannot be converted

Convert a time structure to a string. This function converts a time_t structure to an LDAP formatted GeneralizedTime string.

Parameters

mem_ctx the memory context to allocate the return string in
t the time structure to convert

Returns

the formatted string, or NULL if the time structure could not be converted

Convert a time structure to a string. This function converts a time_t structure to an LDAP formatted UTCTime string.

Parameters

mem_ctx the memory context to allocate the return string in
t the time structure to convert

Returns

the formatted string, or NULL if the time structure could not be converted

cancel a transaction

commit a transaction

first phase of two phase commit

start a transaction

Duplicate an ldb_val structure. This function copies an ldb value structure.

Parameters

mem_ctx the memory context that the duplicated value will be allocated from
v the ldb_val to be duplicated.

Returns

the duplicated ldb_val structure.

Compare two ldb_val values.

Parameters

v1 first ldb_val structure to be tested
v2 second ldb_val structure to be tested

Returns

convert a LDAP GeneralizedTime string in ldb_val format to a time_t.

Check the attribute name is valid according to rfc2251.

Parameters

s the string to check

Returns