LDAP Client

The Lightweight Directory Access Protocol (LDAP) is an open industry standard that has evolved to meet these needs. LDAP defines a standard method for accessing and updating information in a directory. LDAP has gained wide acceptance as the directory access method of the Internet and is therefore also becoming strategic within corporate intranets.

A directory is a listing of information about objects arranged in some order that gives details about each object. Common examples are a city telephone directory and a library card catalog. For a telephone directory, the objects listed are people; the names are arranged alphabetically, and the details given about each person are address and telephone number. Books in a library card catalog are ordered by author or by title, and information such as the ISBN number of the book and other publication information are given. Directories allow users or applications to find resources that have the characteristics needed for a particular task. For example, a directory of users can be used to look up a person's e-mail address or fax number. A directory could be searched to find a nearby PostScript color printer. Or a directory of application servers could be searched to find a server that can access customer billing information.

The Ud interface is between the Front-Ends (FEs) and the User Data Repository (UDR) in the User Data Convergence (UDC architecture). The User Data Convergence Stage 2 description (architecture and information flows) is specified in 3GPP TS 23.335.

Parameters:

Authentication Simple Authentication Method Name Password	Search Search Base Search Scope Search Filter Name Search Filter Equals Search Filter Value Search Number of Attributes Search request Period (s)
Add Entry Key Number of Attributes Name Value	Modify Entry Key Operation Choice Number of Attributes Name Value
Delete Entry Key	Message Period (s)

LDAP Parameter Reference:

LDAP Limitation NOTEs:

Landslide LDAPV3 APP currently only supports filter choice Filter_equalityMatch(3), other filter choices (0~2, 4~9) are not supported (Filter_and(0), Filter_or(1), Filter_not(2), Filter_equalityMatch(3),
Filter_substrings(4), Filter_greaterOrEqual(5), Filter_lessOrEqual(6), Filter_present(7), Filter_approxMatch(8)
Filter_extensibleMatch(9)).
In Filter_equalityMatch, the filter attributeDesc must be the first column in DIT Database definition.
Other columns in DIT database definition as filter search attribute conditions are not supported.
The RDN levels are counted by comma’,’ numbers in LDAP search request baseObject.
For LDAP Filter_equalityMatch BaseObject search, the Search BaseObject can support at most 3 RDN levels (Root RDN, Second Root RDN, Third Level RDN).
For LDAP Filter_equalityMatch SingleLevel search, the Search BaseObject must greater than 1 RDN level, should be 2 Root RND levels.
For LDAP Filter_equalityMatch WholeSubtree search, the Search BaseObject can support 0 (empty), 1 or 2 levels Root Entry RDN.
All test cases require that the client be stopped first to ensure no traffic is sent to the server, then the server should be stopped. If this sequence is not followed, the Abort button can be used to stop the test case.

Simple Authentication Method

LDAP Client sessions use the selected authentication to authenticate with LDAP server.

There are three choices - Anonymous, Unauthenticated, and Name + Password.

If Anonymous Authentication is selected - Name and Password are Disabled.

If Unauthenticated Authentication is selected - Name is enabled and Password are Disabled.

If Name/Password Authentication is selected - Name and Password are both enabled.

Default: Anonymous (Tcl value = 0)

Unauthenticated Authentication (Tcl value = 1)

Name/Password Authentication (Tcl value = 2)

LdapClnUdAuthMethod

Name

Name - USER ID of the LDAP Manager that has administrative access rights to the LDAP Directory.

Range: Up to 128 Characters.

Default: NONE

LdapClnMgrDn

Password

Password for USER ID of the LDAP Manager that has administrative access rights to the LDAP Directory.

Range: Up to 128 Characters.

Default: NONE

LdapClnMgrPassword

Search Base

Enter the location where all LDAP users exist.

Click to use the Auto-Increment Format Wizard.

Example : acwmobilenumber=12345000000,ou=landslide,o=spirent

Range: Up to 256 Characters

Default: Null, when null, it means the root entry.

LdapClnSearchBase

Search Scope

Specifies the scope of Search to be performed.

Range: Base Object, (Tcl Value is 0)

Single Level, (Tcl value is 1)

Whole Subtree (Tcl value is 2)

Default: Base Object

LdapClnSearchScope

Search Filter Name

Configure the filter rule for Search Request. Only Equality Match is currently supported.

Example : Search Filter = acwmobilenumber Equals Value = 12345000000

Range: Up to 128 Characters.

Default: NONE

LdapClnSearchFilterName

Search Filter Rule

Value is Equals

Default: Equals

LdapClnSearchFilterRule

Search Filter Value

Configure the filter rule for Search Request.

Click to use the Auto-Increment Format Wizard.

Range: Up to 128 Characters.

Default: NONE

LdapClnSearchFilterValue

Search Number of Attributes

Name

Configure the required Attributes user wants to Search - From 0 up to 10.

Examples for

Range: 0 to 10

Default: Zero

Enter Name for search attribute.

Examples : email, address, acwbdpolicy, acwaccountstatus

LdapClnSearchNumAttrs

LdapClnSearchAttr1

LdapClnSearchAttr2

LdapClnSearchAttr3

LdapClnSearchAttr4

LdapClnSearchAttr5

LdapClnSearchAttr6

LdapClnSearchAttr7

LdapClnSearchAttr8

LdapClnSearchAttr9

LdapClnSearchAttr10

LdapClnSearchAttrVal1

LdapClnSearchAttrVal2

LdapClnSearchAttrVal3

LdapClnSearchAttrVal4

LdapClnSearchAttrVal5

LdapClnSearchAttrVal6

LdapClnSearchAttrVal7

LdapClnSearchAttrVal8

LdapClnSearchAttrVal9

LdapClnSearchAttrVal10

Add

Support for Add (ldapadd). Enter the Entry Key and up to 10 Number of Attributes.

Example : Entry Key = acwmobilenumber Equals Value = 12345000000

Click to use the Auto-Increment Format Wizard.

Range : 0 to 10.

Enter Name. Range : 1 to 128 characters. Example : acwbdpolicy, acwaccountstatus, email address

Enter Value. Range : 1 to 128 characters. Example : Private, Active, [email protected]

LdapClnAddEn
LdapClnAddBase	LdapClnAddNumAttrs
LdapClnAddAttr1	LdapClnAddAttrVal1

Modify

Support for Modify (ldapmodify). Enter the Entry Key and up to 10 Number of Attributes.

Example : Entry Key = acwmobilenumber Equals Value = 12345000000

Click to use the Auto-Increment Format Wizard.

Range : 0 to 10.

Select Operation Choice. Options : Add, Delete, Replace (default)

Enter Name. Range : 1 to 128 characters. Example : acwbdpolicy, acwaccountstatus, email address

Enter Value. Range : 1 to 128 characters. Example : Private, Active, [email protected]

LdapClnModEn	LdapClnModOption
LdapClnModBase	LdapClnModNumAttrs
LdapClnModAttr1	LdapClnModAttrVal1

Delete

Selete Delete to enter the Entry Key to delete.

Click to use the Auto-Increment Format Wizard.

Example : Entry Key = "[email protected], ou=landslide,o=spirent"

LdapClnDelEn

LdapClnDelBase

Message Period (s)

After binding, each LDAP client session uses this time period to send out search request to LDAP server.

Range: 0 – 65535

Default: 1000

LdapClnSearchPeriod