A/I Orange Book (1.0): An how-to for the realization of a resilient network of self-managed servers
PrevChapter 4. The users databaseNext

4.4. LDIF

LDIF (LDAP Data Interchange Format) is a conventional format to describe the entries of an LDAP database. An LDIF file is simply a text file with a series of matching pair of attribute/value with the following syntax: 

dn: <distinguished name>
objectclass: <object class>
...
...
<attribute type>: <attribute value>
<attribute type>: <attribute value>
...
LDIF files are used to import, modify and export the database entries (they are clearly very useful considering they are plain and simple ascii). Here follows the logical structure and underneath it some examples of ldif commented accordingly: 
           dc=infra, dc=org, o=Anarchy, ou=People
                 |            
                 |_ uid=phasa@domain.org
                       |
                       |_ alias=phasa
                       |
                       |__mail=phasa@domain.org

Here comes the corresponding LDIF (directly from the migration script we used to move all of our users to the new system) 

dn: uid=phasa@domain.org, ou=People, dc=infra, dc=org, o=Anarchy
shadowMax: 99999
uid: phasa@domain.org
cn: phasa@domain.org
homeDirectory: /var/empty
uidNumber: 13468
objectClass: top
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
objectClass: organizationalPerson
objectClass: inetOrgPerson
shadowWarning: 7
gidNumber: 2000
gecos: phasa@domain.org
shadowLastChange: 12345
sn: Private
userPassword: {crypt}x
givenName: Private
loginShell: /bin/false

dn: mail=phasa@domain.org, uid=phasa@domain.org, ou=People,
  dc=infra, dc=org, o=Anarchy
mailAlternateAddress: phasa@public.org
mailAlternateAddress: phasa@public2.org
mailAlternateAddress: phasa@public3.org
status: active
uidNumber: 13468
objectClass: top
objectClass: virtualMailUser
host: server1
gidNumber: 2000
creationDate: 2002-05-07
originalHost: server1
mail: phasa@domain.org
userPassword: {crypt}$1$fa0c5a13$VVqsukrQmdr79LZg2xvnM.
mailMessageStore: domain.org/phasa/

dn: alias=phasa, uid=phasa@domain.org, ou=People, dc=infra, 
  dc=org, o=Anarchy
parentSite: public.org
status: active
objectClass: top
objectClass: subSite
documentRoot: /home/users/phasa/html
host: server1
originalHost: server1
alias: phasa
PrevHomeNext
The LDAP schemeUpLDAP Database Replication