ldap 2.4.2 · OCaml Package

a functional ldap client interface

type msgid

type conn

type modattr = Ldap_types.modify_optype * string * string list

type result = Ldap_types.search_result_entry list

type entry = Ldap_types.search_result_entry

type authmethod = [

| `SIMPLE
| `SASL

]

type search_result = [

| `Entry of entry
| `Referral of string list
| `Success of Ldap_types.ldap_controls option

]

type page_control = [

| `Noctrl
| `Initctrl of int
| `Subctrl of int * string

]

val init : ?connect_timeout:int -> ?version:int -> string list -> conn

Initializes the conn data structure, and opens a connection to the server. init ["ldap://rrhost.example.com/";"ldap://backup.example.com:1389"]. init is round robin dns aware, if dns returns multiple mappings it will try each one before finially failing. It also takes a list of hostnames, so you can specify backup servers to try. SSL and TLS are supported if selected at compile time.

parameter version
the protocol version to use to connect, default is version 3. And actually, version 2 will probably not work correctly without some tweaking.

raises LDAP_Failure
any failure to connect to the server will result in LDAP_Failure with the result_code set to `LOCAL_ERROR.

raises Failure
May raise Failure "int_of_string" if you pass it a malformed url. May also raise various lexer errors under the same conditions.

val unbind : conn -> unit

close the connection to the server. You may not use the conn after you have unbound, if you do you will get an exception.

val bind_s : 
  ?who:string ->
  ?cred:string ->
  ?auth_method:[> `SIMPLE ] ->
  conn ->
  unit

authenticatite to the server. In this version only simple binds are supported, however the ldap_protocol.ml module DOES implement sasl binds. It would be fairly easy to support them here. We eventually will.

parameter who
the dn to bind as

parameter cred
the credentials to authenticate with. For `SIMPLE binds this is a password, but for `SASL binds it can be nearly anything. Perhaps a hash of the thumb print of your first born is sufficent.

parameter auth_method
either `SIMPLE (the default) or `SASL

raises LDAP_Failure
for bind errors such as `INVALID_CREDENTIALS

raises Decoding_error
for decoder errors (unlikely, probably a bug)

raises Encoding_error
for encoder errors (unlikely, probably a bug)

val search : 
  ?base:string ->
  ?scope:Ldap_types.search_scope ->
  ?aliasderef:Ldap_types.alias_deref ->
  ?sizelimit:int32 ->
  ?timelimit:int32 ->
  ?attrs:string list ->
  ?attrsonly:bool ->
  ?page_control:page_control ->
  conn ->
  string ->
  msgid

Search for the given entry with the specified base node and search scope, optionally limiting the returned attributes to those listed in 'attrs'. aliasderef sets the server's alias dereferencing policy, sizelimit is the number of entries to return, timelimit is the number of seconds to allow the search to run for, attrsonly tells the server not to return the values. This is the asyncronus version of search (it does not block) you will need to call the get_search_entry function below to actually get any data back. This function will return a msgid which you must use when you call get_search_entry.

parameter base
The dn of the object in the tree to use as the base object, the search will only cover children of this object, and will be further governed by scope.

parameter scope
The depth in the tree to look for the requested object. There are three possible values, `BASE, `ONELEVEL, and `SUBTREE. `BASE means to only search the base object, the search will return exactly 1 or 0 objects. `ONELEVEL means to search one level under the base, only immediate children of the base object will be considered. `SUBTREE means to search the entire tree under the base object.

parameter aliasderef
Controls when aliases are dereferenced.

parameter sizelimit
The maximum number of objects to return

parameter timelimit
The maximum time, in seconds, that the search will be allowed to run before terminateing.

parameter attrs
The list of attribute types (names) to include [] (the default) means all.

parameter attrsonly
return only attribute types (names), not any of the values

raises LDAP_Failure
for immediate errors (bad filter, etc)

raises Decoding_error
for decoder errors (unlikely, probably a bug)

raises Encoding_error
for encoder errors (unlikely, probably a bug)

val get_search_entry : 
  conn ->
  msgid ->
  [> `Entry of Ldap_types.search_result_entry | `Referral of string list ]

fetch a search entry from the wire using the given msgid. The entry could be a search entry, OR it could be a referral structure.

raises LDAP_Failure
for all results other than `SUCCESS (except referrals)

raises Decoding_error
for decoder errors (unlikely, probably a bug)

raises Encoding_error
for encoder errors (unlikely, probably a bug)

val get_search_entry_with_controls : 
  conn ->
  msgid ->
  [> `Entry of Ldap_types.search_result_entry
  | `Referral of string list
  | `Success of Ldap_types.ldap_controls option ]

fetch a search entry from the wire using the given msgid. The entry could be a search entry, OR it could be a referral structure.

The version supports passing ldap_controls (like page control) through on success. Returning an entry of type `SUCCESS was thus needed.

raises LDAP_Failure
for all results other than `SUCCESS (except referrals)

raises Decoding_error
for decoder errors (unlikely, probably a bug)

raises Encoding_error
for encoder errors (unlikely, probably a bug)

val abandon : conn -> msgid -> unit

abandon the async request attached to msgid.

raises Encoding_error
for encoder errors (unlikely, probably a bug)

val search_s : 
  ?base:string ->
  ?scope:Ldap_types.search_scope ->
  ?aliasderef:Ldap_types.alias_deref ->
  ?sizelimit:int32 ->
  ?timelimit:int32 ->
  ?attrs:string list ->
  ?attrsonly:bool ->
  conn ->
  string ->
  [> `Entry of Ldap_types.search_result_entry | `Referral of string list ] list

This is the syncronus version of search. It blocks until the search is complete, and returns a list of objects. It is exactly the same in all other ways.

val add_s : conn -> entry -> unit

add entry to the directory

raises LDAP_Failure
for all results other than `SUCCESS

raises Decoding_error
for decoder errors (unlikely, probably a bug)

raises Encoding_error
for encoder errors (unlikely, probably a bug)

val delete_s : conn -> dn:string -> unit

delete the entry named by dn from the directory

raises LDAP_Failure
for all results other than `SUCCESS

raises Decoding_error
for decoder errors (unlikely, probably a bug)

raises Encoding_error
for encoder errors (unlikely, probably a bug)

val modify_s : 
  conn ->
  dn:string ->
  mods:(Ldap_types.modify_optype * string * string list) list ->
  unit

apply the list of modifications to the named entry

parameter dn
The dn of the object to modify

parameter mods
The list of modifications to apply

raises LDAP_Failure
for all results other than `SUCCESS

raises Decoding_error
for decoder errors (unlikely, probably a bug)

raises Encoding_error
for encoder errors (unlikely, probably a bug)

val modrdn_s : 
  ?deleteoldrdn:bool ->
  ?newsup:'a option ->
  conn ->
  dn:string ->
  newdn:string ->
  unit

change the rdn, and optionally the superior entry of dn

parameter deleteoldrdn
Delete the old rdn value, (default true)

parameter newsup
The new superior dn of the object (default None)

parameter dn
The dn of the object to modify

parameter newrdn
The new rdn value (eg. cn=bob)

raises LDAP_Failure
for all results other than `SUCCESS

raises Decoding_error
for decoder errors (unlikely, probably a bug)

raises Encoding_error
for encoder errors (unlikely, probably a bug)