World Library  
Flag as Inappropriate
Email this Article


Article Id: WHEBN0002226217
Reproduction Date:

Title: Ldif  
Author: World Heritage Encyclopedia
Language: English
Subject: Lightweight Directory Access Protocol, Base64, Windows Address Book, Microsoft Identity Integration Server
Publisher: World Heritage Encyclopedia


Filename extension .ldif
Type of format Data interchange
Standard(s) RFC 2849

The LDAP Data Interchange Format (LDIF) is a standard plain text data interchange format for representing LDAP (Lightweight Directory Access Protocol) directory content and update requests. LDIF conveys directory content as a set of records, one record for each object (or entry). It also represents update requests, such as Add, Modify, Delete, and Rename, as a set of records, one record for each update request.

LDIF was designed in the early 1990s by Tim Howes, Mark C Smith, and Gordon Good while at the University of Michigan. LDIF was updated and extended in the late 1990s for use with Version 3 of LDAP. This later version of LDIF is called version 1 and is formally specified in RFC 2849, an IETF Standard Track RFC. RFC 2849, authored by Gordon Good, was published in June 2000 and is currently a Proposed Standard.

A number of extensions to LDIF have been proposed over the years. One extension has been formally specified by the IETF and published. RFC 4525, authored by Kurt Zeilenga, extended LDIF to support the LDAP Modify-Increment extension. It is expected that additional extensions will be published by the IETF in the future.

Content Record Format

Each content record is represented as a group of attributes, with records separated from one another by blank lines. The individual attributes of a record are represented as single logical lines (represented as one or more multiple physical lines via a line-folding mechanism), comprising "name: value" pairs. Value data that do not fit within a portable subset of RFC 2425

Tools that employ LDIF

The OpenLDAP utilities include tools for exporting data from LDAP servers to LDIF content records (ldapsearch), importing data from LDIF content records to LDAP servers (ldapadd), and applying LDIF change records to LDAP servers (ldapmodify).

LDIF is one of the formats for importing and exporting address book data that the address books in Netscape Communicator and in the Mozilla Application Suite support. Yahoo! Mail does not encode certain characters properly when one exports their Yahoo! address book in LDIF format. For example, ampersand (&) is encoded as an HTML Extended Character (&) instead of the ampersand character. As a result, when the LDIF file is imported into Thunderbird, for example, a text phrase like "John & Jane Doe" comes out in one's address book as "John & Jane Doe". The only corrective means at the moment is manually editing the address book after an Import.

Microsoft Windows 2000 Server and Windows Server 2003 include an LDIF based command line tool named LDIFDE for importing and exporting information in Active Directory.

JXplorer is a cross platform open source java application that can browse and do basic editing of LDIF files.

LDIF fields

   dn: distinguished name

This refers to the name that uniquely identifies an entry in the directory.

   dc: domain component

This refers to each component of the domain. For example would be written as DC=www,DC=google,DC=com

   ou: organizational unit

This refers to the organizational unit (or sometimes the user group) that the user is part of. If the user is part of more than one group, you may specify as such, e.g., OU= Lawyer,OU= Judge.

   cn: common name

This refers to the individual object (person's name; meeting room; recipe name; job title; etc.) for whom/which you are querying.

Examples of LDIF

This is an example of a simple directory entry with several attributes, represented as a record in LDIF:

 dn: cn=The Postmaster,dc=example,dc=com
 objectClass: organizationalRole
 cn: The Postmaster

This is an example of an LDIF record that modifies multiple single-valued attributes for two different directory entries (this format is used by Microsoft's LDIFDE tool):

 dn: CN=John Smith,OU=Legal,DC=example,DC=com
 changetype: modify
 employeeID: 1234
 employeeNumber: 98722
 replace: extensionAttribute6
 extensionAttribute6: JSmith98
 dn: CN=Jane Smith,OU=Accounting,DC=example,DC=com
 changetype: modify
 employeeID: 5678
 employeeNumber: 76543
 replace: extensionAttribute6
 extensionAttribute6: JSmith14

Note: the "-" character between each attribute change is required. Also note that each directory entry ends with a "-" followed by a blank line. The final "-" is required.

This is an example of an LDIF file that adds a telephone number to an existing user:

 dn: cn=Peter Michaels, ou=Artists, l=San Francisco, c=US
 changetype: modify
 add: telephonenumber
 telephonenumber: +1 415 555 0002

An example of LDIF containing a control:

 version: 1
 dn: o=testing,dc=example,dc=com
 control: false cn
 changetype: add
 objectClass: top
 objectClass: organization
 o: testing


  • RFC 2849 — The LDAP Data Interchange Format (LDIF) - Technical Specification
  • RFC 4510 — Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map
  • RFC 4525 — LDAP Modify-Increment Extension

External links

  • MSDN : Windows 2003 : Using the LDIFDE Tool
  • MSDN : Active Directory : LDIF Scripts
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.

Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.