Adding Network Address Values to eDirectory via LDIF

Novell Cool Solutions: Tip
By Bhavani S T

Digg This - Slashdot This Posted: 25 May 2005

Problem

When you add any Network Address attribute to eDirectory, the value is first encoded in Base64 and then added to the eDirectory. Because of this, an LDAP search will return an encrypted value for Network Address attributes.

Solution

You can solve this problem by adding Network Address attributes to eDirectory using a customized LDIF approach. Here are the steps you need to follow:

1. Store the IP address into a string beginning with "1#". For example:

$ipadd = sprintf("1#%c%c%c%c*, $d_addr, $d_addr1, $d_addr2, $d_addr3); 

where d_addr, d_addr1 and so on are the values of Network and node addresses.

2. Encode that string into another Network IP address parameter in the LDIF file. For example:

$dstaddr=encode_base64($ipaddr);

where $ipaddr is the string format of IP address.

3. Add the resultant value in the LDIF file to the attribute name with *::* , as this value will not be a printable character. For example, in the LDIF file the value destination IP address attribute can be written as:

Dstaddr::$dstaddr

where Dstaddr is the attribute name.

4. Use this LDIF file to add the attribute with Network IP address into eDirectory.

Example

Here are a few lines of a sample Perl script to illustrate the process. In this example, the LDAP attribute is *Dstaddr* (which stands for destination IP address), and its value is 90.1.1.1.

$ipadd = sprintf("1#%c%c%c%c*, 90,1,1,1);
$dstaddr=encode_base64($ipaddr);

Since $dstaddr is used as the attribute value for Dstaddr, it needs to be mapped in the LDIF as:

Dstaddr::$dstaddr

where the value of dstaddr will be mapped to Dstaddr.

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com