LDIF import/export, search completed

Sda2/sda2.xml

@@ -110,8 +110,8 @@
           <qandaentry>
             <question>
               <para>Add two departments <code>billing</code> and
-              <code>research</code>. Then supply some corresponding users by
-              using the <link
+              <code>research</code>. Then supply corresponding user entries to
+              both departments by using the <link
               xlink:href="http://directory.apache.org/studio/users-guide/ldap_browser/gettingstarted_browse.html">LDAP
               browser view</link>. (As being mentioned previously hardcore
               hackers take <link
@@ -127,7 +127,7 @@
 
               <glosslist>
                 <glossentry>
-                  <glossterm><code>billing</code> and
+                  <glossterm>Departments <code>billing</code> and
                   <code>research</code>:</glossterm>
 
                   <glossdef>
@@ -142,7 +142,8 @@
                 </glossentry>
 
                 <glossentry>
-                  <glossterm>Users:</glossterm>
+                  <glossterm>Child user entries below <code>billing</code> and
+                  <code>research</code>:</glossterm>
 
                   <glossdef>
                     <itemizedlist>
@@ -163,10 +164,10 @@
               definitions like <code>top</code> and <code
               xlink:href="http://www.zytrax.com/books/ldap/ape/#person">person</code>
               are being omitted here. <xi:include href="acronyms.xml"
-              xpointer="link_ApacheDirectoryStudio"/> will gracefully add them
-              on behalf of you automatically. The subsequent <xi:include
-              href="acronyms.xml" xpointer="acronym_LDIF"/> dump may serve as
-              a hint:</para>
+              xpointer="link_ApacheDirectoryStudio"/> will gracefully add
+              missing objectClasses on behalf of you automatically. The
+              subsequent <xi:include href="acronyms.xml"
+              xpointer="acronym_LDIF"/> dump may serve as a hint:</para>
 
               <programlisting language="none">...
 <emphasis role="bold">dn: ou=billing,dc=hdm-stuttgart,dc=de</emphasis>
@@ -191,6 +192,11 @@ sn: Lapinski
 uid: lapinski
 uidNumber: 1023
 ...</programlisting>
+
+              <para>Question: What is the ratio behind adding the
+              <code>objectClass</code> value <code>posixAccount</code>? Hint:
+              Try to create a corresponding dataset having two persons with
+              identical names within the same department.</para>
             </question>
 
             <answer>
@@ -208,6 +214,79 @@ uidNumber: 1023
                   </mediaobject>
                 </screenshot>
               </figure>
+
+              <para>Without having the <code>objectClass</code> value
+              <code>posixAccount</code> the attribute <code>uid</code> would
+              be disallowed and could thus not be part of our <xi:include
+              href="acronyms.xml" xpointer="acronym_DN"/> values. This would
+              leave us with solutions like:</para>
+
+              <programlisting language="none"><emphasis role="bold">dn: cn=Mee Lapinski,ou=billing,dc=hdm-stuttgart,dc=de</emphasis></programlisting>
+
+              <para>This in turn disallows identical common names (e.g. a
+              second <personname>Mee Lapinski</personname>) within the same
+              department. Thus the auxiliary objectClass posixAccount enables
+              us to introduce additional mandatory <code>uid</code> attribute
+              being the unique identifier within a given parent scope.</para>
+            </answer>
+          </qandaentry>
+        </qandadiv>
+      </qandaset>
+    </section>
+
+    <section xml:id="ldifImportExport">
+      <title><xi:include href="acronyms.xml" xpointer="acronym_LDIF"/> export
+      and import</title>
+
+      <para>This section is intended to get acquainted with <xi:include
+      href="acronyms.xml" xpointer="acronym_LDIF"/> representation of
+      <xi:include href="acronyms.xml" xpointer="acronym_LDAP"/> data and
+      requires successful completion of <xref linkend="qandaPopulateLdap"/> as
+      a prerequisite. You may want to read <uri
+      xlink:href="http://www.zytrax.com/books/ldap/ch8">http://www.zytrax.com/books/ldap/ch8</uri>.</para>
+
+      <qandaset defaultlabel="qanda" xml:id="qanda_ldifExportImport">
+        <title>Exporting, modifying and importing <xi:include
+        href="acronyms.xml" xpointer="acronym_LDAP"/> data using the
+        <xi:include href="acronyms.xml" xpointer="acronym_LDIF"/> interchange
+        representation.</title>
+
+        <qandadiv>
+          <qandaentry>
+            <question>
+              <para>Export your current database state being left from <xref
+              linkend="qandaPopulateLdap"/> to an <xi:include
+              href="acronyms.xml" xpointer="acronym_LDIF"/> text file.</para>
+
+              <para>Subsequently use this database dump file as a starting
+              point to create a <xi:include href="acronyms.xml"
+              xpointer="acronym_LDIF"/> import file adding a department
+              <quote>pr</quote> (public relations) containing a user
+              <quote>Paul Simon</quote> with suitable attribute values to the
+              dataset.</para>
+            </question>
+
+            <answer>
+              <para>Adding the new entries in question requires:</para>
+
+              <programlisting language="none">version: 1
+
+dn: ou=pr,dc=hdm-stuttgart,dc=de
+objectClass: top
+objectClass: organizationalUnit
+ou: pr
+
+dn: uid=simon,ou=pr,dc=hdm-stuttgart,dc=de
+objectClass: posixAccount
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+cn: Paul Simon
+gidNumber: 130
+homeDirectory: /home/tauras
+sn: Svetlana
+uid: tauras
+uidNumber: 1028</programlisting>
             </answer>
           </qandaentry>
         </qandadiv>
@@ -219,8 +298,133 @@ uidNumber: 1023
       xpointer="acronym_DIT"/></title>
 
       <para>Like relational and other database types <xi:include
-      href="acronyms.xml" xpointer="acronym_LDAP"/> provides a query language
-      suitable to filter result entries .</para>
+      href="acronyms.xml" xpointer="acronym_LDAP"/> provides a <link
+      xlink:href="http://www.zytrax.com/books/ldap/apa/search.html">query
+      language</link> to filter result entries.</para>
+
+      <qandaset defaultlabel="qanda" xml:id="qanda_firstLdapQuery">
+        <title>Filtering child elements</title>
+
+        <qandadiv>
+          <qandaentry>
+            <question>
+              <para>Create <xi:include href="acronyms.xml"
+              xpointer="acronym_LDAP"/> queries corresponding to the following
+              descriptions:</para>
+
+              <orderedlist>
+                <listitem>
+                  <para>All users entries within the whole <xi:include
+                  href="acronyms.xml" xpointer="acronym_DIT"/> having a
+                  gidNumber value of 100.</para>
+                </listitem>
+
+                <listitem>
+                  <para>All user entries belonging to the billing department
+                  having a <code>uid</code> value greater than 1023.</para>
+                </listitem>
+
+                <listitem>
+                  <para>All user entries within the whole <xi:include
+                  href="acronyms.xml" xpointer="acronym_DIT"/> having a common
+                  name containing the substring <quote>ei</quote>.</para>
+                </listitem>
+
+                <listitem>
+                  <para>All user entries within the whole <xi:include
+                  href="acronyms.xml" xpointer="acronym_DIT"/> belonging to
+                  gidNumber == 100 or having a <code>uid</code> value starting
+                  with letter <quote>t</quote>.</para>
+                </listitem>
+              </orderedlist>
+
+              <para>Hint: <xi:include href="acronyms.xml"
+              xpointer="link_ApacheDirectoryStudio"/> allows both for <link
+              xlink:href="http://directory.apache.org/studio/users-guide/ldap_browser/tools_filter_editor_dialog.html">filtering</link>
+              and <link
+              xlink:href="http://directory.apache.org/studio/users-guide/ldap_browser/gettingstarted_search.html">searching</link>
+              providing nifty features like attribute name completion and
+              syntax highlighting. For regular searches you may define:</para>
+
+              <itemizedlist>
+                <listitem>
+                  <para>The <xi:include href="acronyms.xml"
+                  xpointer="acronym_DIT"/> entry to start from being
+                  identified by its <xi:include href="acronyms.xml"
+                  xpointer="acronym_DN"/>.</para>
+                </listitem>
+
+                <listitem>
+                  <para>The search scope being either of object, one level or
+                  subtree.</para>
+                </listitem>
+
+                <listitem>
+                  <para>Boolean expressions based on attribute values.</para>
+                </listitem>
+              </itemizedlist>
+
+              <para>But yes, I forgot to mention <link
+              xlink:href="http://tldp.org/HOWTO/LDAP-HOWTO/utilities.html">something</link>.</para>
+            </question>
+
+            <answer>
+              <orderedlist>
+                <listitem>
+                  <para><emphasis role="bold">All users entries within the
+                  whole </emphasis><xi:include href="acronyms.xml"
+                  xpointer="acronym_DIT"/><emphasis role="bold"> having a
+                  gidNumber value of 100.</emphasis></para>
+
+                  <para>Solution: <code>(gidNumber=100)</code>, starting from
+                  top of <xi:include href="acronyms.xml"
+                  xpointer="acronym_DIT"/> having subtree scope.</para>
+                </listitem>
+
+                <listitem>
+                  <para><emphasis role="bold">All user entries belonging to
+                  the billing department having a <code>uid</code> value
+                  greater than 1023.</emphasis></para>
+
+                  <para>Solution: <code>(uidNumber&gt;=1024)</code> starting
+                  from <xi:include href="acronyms.xml" xpointer="acronym_DN"/>
+                  <code>ou=billing,dc=hdm-stuttgart,dc=de</code> and scope
+                  <code>one level</code>.</para>
+
+                  <para>Notice the expression
+                  <code>(uidNumber&gt;=1024)</code> in favour of the seemingly
+                  equivalent but syntactically illegal counterpart
+                  <code>(uidNumber&gt;1023)</code>.</para>
+                </listitem>
+
+                <listitem>
+                  <para><emphasis role="bold">All user entries within the
+                  whole </emphasis><xi:include href="acronyms.xml"
+                  xpointer="acronym_DIT"/><emphasis role="bold"> having a
+                  common name containing the substring
+                  <quote>ei</quote>.</emphasis></para>
+
+                  <para>Solution: <code>(cn=*ei*)</code>, starting from top of
+                  <xi:include href="acronyms.xml" xpointer="acronym_DIT"/>
+                  having subtree scope.</para>
+                </listitem>
+
+                <listitem>
+                  <para><emphasis role="bold">All user entries within the
+                  whole </emphasis><xi:include href="acronyms.xml"
+                  xpointer="acronym_DIT"/><emphasis role="bold"> belonging to
+                  gidNumber == 100 or having a <code>uid</code> value starting
+                  with letter <quote>t</quote>.</emphasis></para>
+
+                  <para>Solution: <code>(|(gidNumber=100)(uid=t*))</code>,
+                  starting from top of <xi:include href="acronyms.xml"
+                  xpointer="acronym_DIT"/> having subtree scope.</para>
+                </listitem>
+              </orderedlist>
+            </answer>
+          </qandaentry>
+        </qandadiv>
+      </qandaset>
     </section>
   </chapter>
 </part>