Question : What is a Directory?
Answer : When we think of a directory, we conjure images of telephone directories or address books. We use such directories to find information about individuals or organizations. For instance, I might thumb through my address book to find the phone number of my friend Jack, or skim through the telephone directory looking for the address of Acme Services.
A directory server is used this way, too. It maintains information about some set of
entities (entities like people or organizations), and it provides services for accessing that information.
Of course, a directory server must also have means for adding, modifying, and deleting information, as well. But, even as a telephone directory is assumed to be primarily a resource for reading, a directory server's information is assumed to be read more often than written. This assumption about the use of a directory server is codified, or summarized, in the phrase "high-read, low-write". Consequently, many applications of LDAP technology are geared toward reading and searching for information.
Question : What is a Unique Name or Unique Identifier in LDAP system?
Answer : One way of distinguishing between two very similar records is to create a unique name for each record in the directory. This is the strategy adopted by LDAP; each record in the directory has a distinguished name. The distinguished name is an important LDAP term; usually it is abbreviated as DN.
A DN then, is composed of a combination of directory information, and looks something like this:
dn: o=Acme Services, l=Chicago, st=Illinois, c=US
Give an Example LDAP Entry?
Answer : An entry is composed of a DN and one or more attributes. The DN serves as a unique identifier within an LDAP directory information tree. Attributes provide information about that entry. Let's convert our previous telephone directory entry into an LDAP record:
dn: o=Acme Services, l=Chicago, st=Illinois, c=US
o: Acme Services
postalAddress: 123 West First Street
l: Chicago
st: Illinois
postalCode: 60616-1234
c: US
telephoneNumber: +1 773 555 8943
telephoneNumber: +1 800 555 9834
objectclass: organization
The first line is the DN. All other lines in this record represent attributes.
An attribute describes a specific type of information. There are eight attributes here
in our example, representing the following:
1. Organization Name (o)
2. Mailing address (postalAddress)
3. Locality (l), which may be the name of a city, town, village, and so forth
4. State or Province (st)
5. Postal Code or ZIP Code (postalCode)
6. Country (c)
7. Telephone Number (telephoneNumber)
8. Object Class (objectclass), which specifies what type (or types) of record this entry is.
Question : In LDAP, does attribute name are case sensitive?
Answer : No they are not.
Question : What is Operational Attributes?
Answer : In addition to regular attributes, the directory server may also attach special operational attributes to an entry. Operational attributes are used by the directory server itself to store information about entries. Such attributes are not designed for use by end users (though on occasion they can be useful), and are usually not returned during LDAP searches.
Question : What do you mean by the directory information tree in terms of LDAP?
Answer : LDAP directories store data in hierarchical relationships, too. At the top of the directory information tree is the root entry. Beneath that is a subordinate entry, which, in turn, may have its own subordinate entries. Each of these records has its own DN, and its own attributes.
Answer : When we think of a directory, we conjure images of telephone directories or address books. We use such directories to find information about individuals or organizations. For instance, I might thumb through my address book to find the phone number of my friend Jack, or skim through the telephone directory looking for the address of Acme Services.
A directory server is used this way, too. It maintains information about some set of
entities (entities like people or organizations), and it provides services for accessing that information.
Of course, a directory server must also have means for adding, modifying, and deleting information, as well. But, even as a telephone directory is assumed to be primarily a resource for reading, a directory server's information is assumed to be read more often than written. This assumption about the use of a directory server is codified, or summarized, in the phrase "high-read, low-write". Consequently, many applications of LDAP technology are geared toward reading and searching for information.
Question : What is a Unique Name or Unique Identifier in LDAP system?
Answer : One way of distinguishing between two very similar records is to create a unique name for each record in the directory. This is the strategy adopted by LDAP; each record in the directory has a distinguished name. The distinguished name is an important LDAP term; usually it is abbreviated as DN.
A DN then, is composed of a combination of directory information, and looks something like this:
dn: o=Acme Services, l=Chicago, st=Illinois, c=US
Give an Example LDAP Entry?
Answer : An entry is composed of a DN and one or more attributes. The DN serves as a unique identifier within an LDAP directory information tree. Attributes provide information about that entry. Let's convert our previous telephone directory entry into an LDAP record:
dn: o=Acme Services, l=Chicago, st=Illinois, c=US
o: Acme Services
postalAddress: 123 West First Street
l: Chicago
st: Illinois
postalCode: 60616-1234
c: US
telephoneNumber: +1 773 555 8943
telephoneNumber: +1 800 555 9834
objectclass: organization
The first line is the DN. All other lines in this record represent attributes.
An attribute describes a specific type of information. There are eight attributes here
in our example, representing the following:
1. Organization Name (o)
2. Mailing address (postalAddress)
3. Locality (l), which may be the name of a city, town, village, and so forth
4. State or Province (st)
5. Postal Code or ZIP Code (postalCode)
6. Country (c)
7. Telephone Number (telephoneNumber)
8. Object Class (objectclass), which specifies what type (or types) of record this entry is.
Question : In LDAP, does attribute name are case sensitive?
Answer : No they are not.
Question : What is Operational Attributes?
Answer : In addition to regular attributes, the directory server may also attach special operational attributes to an entry. Operational attributes are used by the directory server itself to store information about entries. Such attributes are not designed for use by end users (though on occasion they can be useful), and are usually not returned during LDAP searches.
Question : What do you mean by the directory information tree in terms of LDAP?
Answer : LDAP directories store data in hierarchical relationships, too. At the top of the directory information tree is the root entry. Beneath that is a subordinate entry, which, in turn, may have its own subordinate entries. Each of these records has its own DN, and its own attributes.
Comments
Post a Comment