PingDirectory

Specifying LDAP URLs

Referrals use LDAP URLs to redirect a client application’s request to another server.

LDAP URLs have a specific format, described in RFC 4516 and require that all special characters be properly escaped and any spaces indicated as "%20". LDAP URLs have the following syntax.

ldap[s]://hostname:port/base-dn?attributes?scope?filter
ldap[s]

Indicates the type of LDAP connection to the PingDirectory server. If the server connects over a standard, non-encrypted connection, then LDAP is used. If it connects over SSL, then LDAPS is used.

Any search request initiated by means of an LDAP URL is anonymous by default unless an LDAP client provides authentication.

hostname

Specifies the host name or IP address of the PingDirectory server.

port

Specifies the port number of the PingDirectory server. If no port number is provided, the default LDAP port (389) or LDAPS port (636) is used.

base-dn

Specifies the distinguished name (DN) of an entry in the directory information tree (DIT). The PingDirectory server uses the base DN as the starting point entry for its searches. If no base DN is provided, the search begins at the root of the DIT.

attributes

Specifies those attributes for which the PingDirectory server should search and return. You can indicate more than one attribute by providing a comma-separated list of attributes. If no attributes are provided, the search returns all attributes.

scope

Specifies the scope of the search, which could be one of the following:

base

Only searches the specified base DN entry.

one

Only search one level below the specified base DN.

sub

Searches the base entry and all entries below the specified base DN.If no scope is provided, the server performs a base search.

filter

Specifies the search filter to apply to entries within the scope of the search. If no filter is provided, the server uses +.