»ç¿ëÀÚ »ý¼ºÀ» Ȱ¼º½Ã۱â À§ÇØ RFC 2307 ¸ÅÇÎ ÆíÁýÇϱâ


RFC 2307 (UNIX) ¸ÅÇÎÀ» »ç¿ëÇÏ´Â ºñ-Apple LDAP µð·ºÅ丮 ¼­¹ö¿¡ »ç¿ëÀÚ¸¦ »ý¼ºÇÏ´Â µ¥ Workgroup Manager¸¦ »ç¿ëÇϱâ Àü¿¡, Users ·¹ÄÚµå À¯ÇüÀÇ ¸ÅÇÎÀ» ÆíÁýÇØ¾ß ÇÕ´Ï´Ù. µð·ºÅ丮 Á¢±Ù ÀÀ¿ë ÇÁ·Î±×·¥À» »ç¿ëÇÕ´Ï´Ù.

  1. µð·ºÅ丮 Á¢±Ù¿¡¼­ ¼­ºñ½º¸¦ Ŭ¸¯ÇϽʽÿÀ.
  2. ÀÚ¹°¼è ¾ÆÀÌÄÜÀÌ Àá°Ü ÀÖÀ¸¸é, ±× ¾ÆÀÌÄÜÀ» Ŭ¸¯ÇÏ°í °ü¸®ÀÚÀÇ À̸§°ú ¾ÏÈ£¸¦ ÀÔ·ÂÇϽʽÿÀ.
  3. ¼­ºñ½º ¸ñ·Ï¿¡¼­ LDAPv3¸¦ ¼±ÅÃÇÑ ´ÙÀ½, ±¸¼ºÀ» Ŭ¸¯ÇϽʽÿÀ.
  4. ¼­¹ö ±¸¼º ¸ñ·ÏÀÌ °¡·ÁÁ® ÀÖ´Ù¸é, ¼±ÅûçÇ× º¸±â¸¦ Ŭ¸¯ÇϽʽÿÀ.
  5. RFC 2307 ¸ÅÇÎÀÇ µð·ºÅ丮 ±¸¼ºÀ» ¼±ÅÃÇϰí, ÆíÁýÀ» Ŭ¸¯ÇϽʽÿÀ.
  6. °Ë»ö°ú ¸ÅÇθ¦ Ŭ¸¯ÇϽʽÿÀ.
  7. ¿ÞÂÊ ¸ñ·Ï¿¡¼­ Users¸¦ ¼±ÅÃÇϽʽÿÀ.

    "¸ñ·Ï¿¡ ÀÖ´Â __ Ç׸ñ ¸ÅÇÎ"Àº ±âº»ÀûÀ¸·Î ÀϺηΠ¼³Á¤µÇ¾î ÀÖÀ¸¸ç, ¿À¸¥ÂÊ¿¡ ÀÖ´Â ¸ñ·Ï¿¡´Â posixAccount, inetOrgPerson°ú shadowAccount°¡ Æ÷ÇԵǾî ÀÖ½À´Ï´Ù.

  8. "¸ñ·Ï¿¡ ÀÖ´Â __ Ç׸ñ ¸ÅÇÎ"À» ¸ðµçÀ¸·Î º¯°æÇϰí, ¿À¸¥ÂÊ ¸ñ·ÏÀ» Users ·¹ÄÚµå À¯ÇüÀ» ¸ÅÇÎÇÏ·Á´Â LDAP °´Ã¼ Ŭ·¡½º ¼¼Æ®·Î º¯°æÇϽʽÿÀ.

    ¿¹¸¦ µé¾î, ¸ñ·Ï¿¡¼­ shadowAccount¸¦ Á¦°ÅÇÏ¿© Users°¡ posixAccount¿Í inetOrgPersonÀ¸·Î¸¸ ¸ÅÇεǵµ·Ï ÇÒ ¼ö ÀÖ½À´Ï´Ù. Users¸¦ account, posixAccount¿Í shadowAccount·Î ¸ÅÇÎÇÒ ¼öµµ ÀÖ½À´Ï´Ù.

    ¸ñ·ÏÀÇ Ç׸ñÀ» º¯°æÇÏ·Á¸é ÇØ´ç Ç׸ñÀ» ÀÌÁß Å¬¸¯ÇϽʽÿÀ.

    ¸ñ·Ï¿¡ Ç׸ñÀ» Ãß°¡ÇÏ·Á¸é, Ãß°¡¸¦ Ŭ¸¯ÇϽʽÿÀ.

    ¸ñ·Ï¿¡¼­ ¼±ÅÃÇÑ Ç׸ñÀ» Á¦°ÅÇÏ·Á¸é Á¦°Å¸¦ Ŭ¸¯ÇϽʽÿÀ.

    ¸ñ·Ï¿¡ ÀÖ´Â Ç׸ñÀÇ ¼ø¼­¸¦ º¯°æÇÏ·Á¸é, ¸ñ·Ï¿¡¼­ Ç׸ñÀ» À§ ¶Ç´Â ¾Æ·¡·Î µå·¡±×ÇϽʽÿÀ.

    Å͹̳ΠÀ©µµ¿ì¿¡¼­ UNIX µµ±¸ÀÎ ldapsearch¸¦ »ç¿ëÇÏ¿© LDAP µð·ºÅ丮¿¡ ÀÖ´Â »ç¿ëÀÚ ·¹ÄÚµåÀÇ °´Ã¼ Ŭ·¡½º¸¦ ãÀ» ¼ö ÀÖ½À´Ï´Ù. ´ÙÀ½Àº cn ¼Ó¼ºÀÌ "Leonardo da Vinci"ÀÎ »ç¿ëÀÚ ·¹ÄÚµåÀÇ °´Ã¼ Ŭ·¡½º¸¦ º¸¿©ÁÖ´Â ¿¹Á¦ÀÔ´Ï´Ù:

    ldapsearch -x -h ldapserver.example.com -b "dc=example, dc=com" 'cn=Leonardo da Vinci' objectClass

    ÀÌ ¸í·ÉÀÇ Ãâ·ÂÀº ´ÙÀ½°ú À¯»çÇÒ °ÍÀÔ´Ï´Ù:

    # Leonardo da Vinci, example.com
    dn: cn=Leonardo da Vinci, dc=example, dc=com
    objectClass: inetOrgPerson
    objectClass: posixAccount