Each collection of information about an object is called an entry.An entry can include, for example, information about an employee, a conference room, or a shared network resource such as a printer.
Distinguished Name (DN):
Each entry in an online directory is uniquely identified by a distinguished name. The distinguished name tells you exactly where the entry resides in the directory hierarchy.
Directory Information Tree (DIT):
The directory hierarchy is represented by a Directory Information Tree (DIT). To locate a particular entry within the overall DIT, a client uniquely identifies that entry by using the full DN.
Attributes:
In an online directory, each information item about an entry is called an attribute. Attributes in a typical employee entry can include, for example, a job title, an e-mail address, or a phone number.
Some of the commonly used LDAP Attributes are cn,sn,ou,telephoneNumber,etc
Object Classes:
An object class is a group of entries that define the structure of an entry.When you define a directory entry, you assign one or more object classes to it. Some of the attributes in these object classes are mandatory and others are optional and can be empty.
There are three types of object classes:
- Structural Object Classes
Structural object classes describe the basic aspects of an object. Most of the object classes that you use are structural object classes, and every entry should belong to at least one structural object class. Examples of structural object classes are
person and groupOfNames.Structural object classes use structure rules to place restrictions on the kinds of objects you can create under any given object class.
- Abstract Object Classes
An abstract object class is a virtual object class. For example, the object class
top is an abstract object class.he top object class includes the mandatory attribute objectClass as well as several optional attributes such as creatorsName.- Auxiliary Object Classes
Auxiliary object classes are groupings of optional attributes that expand the existing list of attributes in an entry
Naming Contexts
A directory naming context is a subtree that resides entirely on one server. It must be a complete subtree, that is, it must begin at an entry that serves as the top of the subtree, and extend downward to either leaf entries or references to subordinate naming contexts. It can range in size from a single entry to the entire directory information tree (DIT).
No comments:
Post a Comment