Accessing the LDAP Server

How the CSRC_DBTOOL Works

Command Description

Using CRSC_DBTOOL

Searching for Information

Creating an Object

Interfacing with the Billing System

Accessing the LDAP Server

CSRC uses the LDAPv3 directory server as the default datastore for subscriber account provisioning information. This chapter explains how you can use the csrc_dbtool command to search the LDAP server for data, and add or update customer data. This chapter also includes suggestions about how you can transfer information from your billing system to the CSRC datastore.

How the CSRC_DBTOOL Works

The csrc_dbtool command is a command-line utility that you can use for the storage and retrieval of CSRC data. It does the following:

Uses the configuration file (/opt/conf/csrc.cfg) to initialize the CSRC object layer to connect to the LDAP server. If there is an error in the configuration file, the csrc_dbtool command exits with a non-zero return code.
Searches for objects based on the unique key. It exits if the class name is not a valid application schema class name or if the attribute is not a valid unique attribute name.
Searches for objects based on normal attribute and value. It exits if the class name is not a valid application schema class name or if the attribute name is not a valid attribute name.
Searches for objects using an LDAP-compatible filter. It exits if the filter is not LDAP compatible or it is an incorrect format, the class name is not a valid application schema class name, or the sort key is not a valid application schema attribute name.

Note The class name and attribute name are case sensitive. The data in the file for add or update must contain all the required fields except the ObjectID.

The exit status is 0 for success and non-zero for failure. The csrc_dbtool command displays error information on standard out.

Command Description

The csrc_dbtool command allows you to search, import, and update the LDAP server.

The syntax is:

csrc_dbtool find -[Kk] Class Attribute Value

 
csrc_dbtool find -[Mm] Class Attribute Value

 
csrc_dbtool find -[Qq] Class (Filter) SortKey

 
csrc_dbtool [file] filename

Table 8-1 lists and describes the csrc_dbtool command properties.

Table 8-1: The csrc_dbtool Properties

Property Description

find

Specifies a search of the LDAP directory.

-[Kk]

Searches the LDAP directory based on a unique key attribute of an application schema class in the LDAP server.

-[Mm]

Searches the LDAP directory based on a normal attribute of application schema class in the LDAP server. Expects a set of data. Mm refers to non-keyed multiple object.

-[Qq]

Searches the LDAP directory based on LDAP-compatible filter in the LDAP server.

[file]

Uses an input file to add or update LDAP server.

Class

Specifies an application schema class name. It is case sensitive. For a list of the class names that you can use with csrc_dbtool, see Table B-1.

Attribute

Specifies the attribute for which to search. You cannot use wild card matching to search for attributes. For more information about schema attributes, see the column AS Attribute Name in Table B-2 through Table B-32.

Value

Specifies the value of the attribute for which to search.

When you use a value with the -k option, this value must be unique.

When you use a value with the -m option, this value may a unique, a wildcard, or a partial wildcard.

When using wildcards on UNIX, enclose the value in quotes.

(Filter)

Specifies the LDAP-compatible filter. The filter supports wild card searching and requires that all expressions are enclosed in parenthesis ().

SortKey

Specifies the sort key for which you want the results sorted and displayed. The sort key must belong to the attribute set of the class you have specified.

filename

Specifies the filename of the text file that contains the attributes and values you want stored in the new object.

Property	Description
find	Specifies a search of the LDAP directory.
-[Kk]	Searches the LDAP directory based on a unique key attribute of an application schema class in the LDAP server.
-[Mm]	Searches the LDAP directory based on a normal attribute of application schema class in the LDAP server. Expects a set of data. Mm refers to non-keyed multiple object.
-[Qq]	Searches the LDAP directory based on LDAP-compatible filter in the LDAP server.
[file]	Uses an input file to add or update LDAP server.
Class	Specifies an application schema class name. It is case sensitive. For a list of the class names that you can use with csrc_dbtool, see Table B-1.
Attribute	Specifies the attribute for which to search. You cannot use wild card matching to search for attributes. For more information about schema attributes, see the column AS Attribute Name in Table B-2 through Table B-32.
Value	Specifies the value of the attribute for which to search. When you use a value with the -k option, this value must be unique. When you use a value with the -m option, this value may a unique, a wildcard, or a partial wildcard. When using wildcards on UNIX, enclose the value in quotes.
(Filter)	Specifies the LDAP-compatible filter. The filter supports wild card searching and requires that all expressions are enclosed in parenthesis ().
SortKey	Specifies the sort key for which you want the results sorted and displayed. The sort key must belong to the attribute set of the class you have specified.
filename	Specifies the filename of the text file that contains the attributes and values you want stored in the new object.

The csrc_dbtool command requires the following files:

On Solaris, place libcCSRCMWDevLite.so in your LD_LIBRARY_PATH environment variable.
On NT, place CSRCMWDevLite.dll in your library search path.

Using CRSC_DBTOOL

To test whether the configuration file is correct, type the command without any arguments. The csrc_dbtool attempts to connect to the directory through the CSRC object layer. If it is successful, it displays the csrc_dbtool help screen.

csrc_dbtool

Usage: csrc_dbtool<args> where <args> are:
 
-[Vv]
[file] [filename]
find -[Kk] [class] [attribute] [value]
find -[Mm] [class] [attribute] [value]
find -[Qq] [class] [filter] [sortkey]
         
where [Vv] refers to version number
where [Kk] refers to Unique key
where [Mm] refers to non-keyed multiple object
where [Qq] refers to non-keyed multiple object query
where [filter] should be LDAP compatible and surrounded with ()'s
where [class] should be an Application Schema class name
where [attribute] should be an Application Schema attribute name
where [sortkey] should be an Application Schema attribute

To show the csrc_dbtool version number, type the command with the -v argument.

csrc_dbtool -v

Copyright (C) 1994-1999 by Cisco Systems, Inc.
CSRC: version 1
CSRC_DBTool: version 1; built 07/12/99@10:56 by cgu@cgu-nt

To display the csrc_dbtool help, type:

csrc_dbtool -h

Usage: csrc_dbtool<args> where <args> are:
 
-[Vv]
[file] [filename]
find -[Kk] [class] [attribute] [value]
find -[Mm] [class] [attribute] [value]
find -[Qq] [class] [filter] [sortkey]
 
where [Vv] refers to version number
where [Kk] refers to Unique key
where [Mm] refers to non-keyed multiple object
where [Qq] refers to non-keyed multiple object query
where [filter] should be LDAP compatible and surrounded with ()'s
where [class] should be an Application Schema class name
where [attribute] should be an Application Schema attribute name
where [sortkey] should be an Application Schema attribute

Searching for Information

To search for a specific entry based on a unique attribute value use the -k option. This option allows you to search for an entry in the directory using a unique key.

If you use the -k option to search for a non-unique entry, the csrc_dbtool displays the message, "It is not a unique key." You can only use the -k option to search for directory entries whose "As Unique" attributes values are true or dn. For more information about these attributes, see the "CSRC Schema" section.

To search for the account with the account number 4, type:

csrc_dbtool find -k Account AccountName 4

To search for a specific lease based on IP address, type:

csrc_dbtool find --k Lease IPAddress 192.68.2.2

To search for an entry based on attribute value use the -m option. This option allows you to search for an entry in the directory using a unique key, a wildcard, or a partial wildcard.

To search all the accounts with user's last name is "Smith," type:

csrc_dbtoolfind -m Account LastName Smith

To search for all accounts, type:

csrc_dbtoolfind -m Account AccountNumber  "*"

To search for all accounts whose account number begins with 4:

csrc_dbtoolfind -m Account AccountNumber  "4*"

To search for a specific lease based on IP address:

csrc_dbtoolfind -m Lease IPAddress 192.68.2.2

To search for all lease entries:

csrc_dbtoolfind -m Lease MACAddress "*"

To search for an entry using an LDAP compatible filter, use the -q option. This option allows you to search for an entry in the directory using a unique key, wildcards, partial wildcards, or Boolean operators. You must enclose the LDAP search filter argument quotation marks, and then parenthesis, as illustrated in the examples below.

To search all the accounts in which the user's first name is Peter, and sort the display results based on AccountNumber, type:

csrc_dbtoolfind -q Account "(FirstName=Peter)" AccountNumber

To search all the accounts in which the user's last name starts with S, and sort the display results based on AccountNumber, type:

csrc_dbtoolfind -q Account "(LastName=S*)" AccountNumber

To search for all leases where the lease renewal time was renewed on Thursday September 30, and sort the display results based on ClassName, type:

csrc_dbtoolfind -q Lease "(LeaseRenewalTime=Thu Sep 30 *)" ClassName

To search for all leases where the last name is Smith and the account number is 4, and sort the display results based on AccountNumber, type:

csrc_dbtoolfind -q Account "&(LastName=Smith)(AccountNumber=4)" 
AccountNumber

To search for all leases where the first name is Peter or the account number is 4, and sort the display results based on AccountNumber, type:

csrc_dbtoolfind -q Account "|(FirstName=Peter)(AccountNumber=4)" 
AccountNumber

Creating an Object

Example 8-1 displays creating an "Account" object with the minimum required information:

Example 8-1: Account Object

[Class]

Add Account
[Data]

AccountNumber <Insert Account Number Here>
PIN <Insert PIN Here>
FirstName <Insert First Name Here>
LastName <Insert Last Name Here>
Telephone <Insert Telephone Number Here>
Address <Insert Address Here>
City <Insert City Name Here>
State <Insert State Name Here>
ZipCode <Insert Zip Code Here>
[Flush]

[Class]

Update Account
[Data]

AccountNumber <Insert Secured Account Number Here>
Remove PIN <Insert Secured PIN Here>
FirstName <Insert First Name Here>
LastName <Insert Last Name Here>
Telephone <Insert Telephone Number Here>
Address <Insert Address Here>
City <Insert City Name Here>
State <Insert State Name Here>
ZipCode <Insert Zip Code Here>
[Flush]

[Class] [Data] [Flush] Add Update are keywords.

The text file you create must have the following required parts, and they must be listed in this order:

[Class]—Each object data must start with [Class] and have one class name.Within the property there must be the word Add or Update before the actual class name. If you omit the [Class] keyword, the csrc_dbtool command will exit.
[Data] leads all the attributes and values for this particular object. The Add operation must list all attributes required by the schema. The Update operation uses the first attribute in the search and the remainder as remove or updates depending on the attributes' keyword.
[Flush] indicates the end of the object.

The following are keywords:

Class—Add, Update
Attributes—Add, Remove
- Precede an attribute with Add to add it to the object. Before adding an attribute, make sure that the attribute already exists in the schema.
- Precede the attribute with Remove to delete it from the object. Before deleting an attribute, make sure that the schema does not require the attribute.
Command lines—{[Kk] | [Mm] | [Qq] | [file]}

The csrc_dbtool command treats all other attributes without keywords as update operations.

Interfacing with the Billing System

To transfer the data in your company's billing system into the CSRC LDAP server, you must:

Extract account information from the billing system
Restructure the information into LDIF format
Import the information into the LDAP directory

This process conveys a snap-shot of billing system accounts into the LDAP directory; you must perform this process for all future accounts.

Most billing systems are built on top of relational database systems. Using SQL commands, you can export an ASCII table of accounts, with space-separated fields. The actual commands depend on the structure of the billing database (which may require JOINS).

You need to change this tabular format (for example, using Perl) into a format that can be imported into the directory server. Many directory servers understand a data format called LDIF ( LDAP Data Interchange Format). In the LDIF format, each field value of a record is placed on its own line, and records are separated by an empty line.

For example:

dn:cn=Janco Tanis,mail=janco.tanis@coas.com
cn:Janco Tanis
sn:Tanis
givenname:Janco
objectclass:top
objectclass:person
description:
locality:
st:
mail:janco.tanis@coas.com
title:
postOfficeBox:
streetaddress:
postalcode:
countryname:
telephonenumber:800-614617
facsimiletelephonenumber:
homephone:010-6916321
o:COAS
xmozillanickname:
xmozillausehtmlmail:FALSE
xmozillauseconferenceserver:0
 
dn:cn=John Zulman,mail=johnz@acme.com
cn:John Zulman
sn:Zulman
...

The Netscape Directory Server includes a tool called "ldif2d," which imports an LDIF file into its internal database for access by LDAP clients. You can find more information about Netscape Directory Server database management at:

http://developer.netscape.com:80/docs/manuals/directory/admin30/dbmnage.htm

Table of Contents