Please enable JavaScript to view this site.

The ldap_pgpkeys() command retrieves OpenPGP public keys from an LDAP directory service.

 

This command obtains OpenPGP public keys from an LDAP directory service for each recipient of an email.

The search filter for this is (pgpUserID=) and is not configurable.

 

Structure of the command

 

ldap_getpgpkeys('ldap', ['filter'], ['optional']);

 

 

Return value

positive

always

 

Parameters

Variables available!

 

ldap

The parameter is structured as follows:

'URI;BindDN;Password;SearchBase'

The meaning of the individual part strings is described in the following table:

 

Parameters

Description

URI

Specifies the LDAP(s) server to be queried. The hostname or IP address is accepted as input. Several, comma-separated values can also be specified. In this case, the system automatically accesses the next server if the previous one cannot be reached.

 

empty

anchor link Note:

If more than one LDAP server is entered, a connection is established for each individual server. The connections are stored temporarily. The actual query is then executed in the server order entered until the query is successful. If a query was unsuccessful, the connection is removed from the cache. If there is no remaining connection in the cache, the connections are re-established.

BindDN

Input of the full distinguished name (DN) of the (read-only) account that is authorised to search the "SearchBase" in the LDAP directory.

Password

The password of the user specified under BindDN

 

empty

anchor link Note:

Semicolons ";" and backslashes "\" in the password must each be marked with a backslash as special character, i.e. "\;" and/or "\\".

For instance, the password

p4ss\w0rd;

would have to be entered as follows:

p4ss\\w0rd\;

SearchBase

Search path: Specifies the branch of the LDAP directory in which the attribute from the parameter 'attr' is to be searched.

 

filter (optional)

If a search filter which deviates from the default filter (pgpUserID=<E-Mail Adresse des Empfängers>) is required, this can be entered optionally.

 

optional (optional)

Determines the behaviour if the LDAP directory service cannot be reached

Possible values

true, yes or 1

prevents termination

false, no or 0

immediate termination

The default setting is 0

 

Example 1

Line

Code

01

ldap_getpgpkeys('ldaps://directory.domain.tld;;;ou=pki-participant,dc=pki,dc=domain,dc=tld');

 

Explanation

The LDAP server accessible under the Fully Qualified Domain Name (FQDN) "ldap-directory.domain.tld" (on the port 389) is queried. A user (BindDN) with password to authorise the query is not necessary because the example makes use of a public LDAP directory service. The LDAP path in which the public OpenPGP keys are stored is ou=pki-participant,dc=pki,dc=domain,dc=tld
  

Keyboard Navigation

F7 for caret browsing
Hold ALT and press letter

This Info: ALT+q
Topic Header: ALT+t
Topic Body: ALT+b
Contents: ALT+c
Search: ALT+s
Exit Menu/Up: ESC