2. 9/16/2010<br />2<br />Directory:<br /><ul><li>A directory is a specialized list that lets you quickly look up information about the things the directory references.
3. At its most basic deﬁnition, a directory is any </li></ul>database specialized more for reading than <br />for writing.<br /><ul><li>Directory server is used to maintain information about some set of entities (entities like people or organizations), and it provides for accessing that information
9. 9/16/2010<br />5<br />Distinguished name (DN):<br /><ul><li>One way of distinguishing between two very similar records is to create a</li></ul>unique name for each record in the directory<br /><ul><li>Strategy adopted by LDAP ; each record in the directory has a distinguished name (DN).
22. 9/16/2010<br />9<br /><ul><li>Attribute names, like “o” the organization name and postalAddress, refer to well-defined attribute definitions contained in an LDAP schema. They cannot be "invented" on the fly, or made up as you go.
23. Creating new attributes requires writing a schema
24. You can add schema definitions to LDAP directories, making the LDAP entries easily extensible.
27. 9/16/2010<br />10<br />The Object Class Attributes<br /><ul><li>The last attribute in the given record is object class attribute. This is a special attribute that provides information about type of entry.
28. An object class determines what attributes may be given to a record</li></ul>Operational Attributes<br /><ul><li>In addition to regular attributes, the directory server may also attach special operational attributes to anentry
29. Operational attributes are used by the directory it self to store information about entries
31. 9/16/2010<br />11<br />The Directory Information Tree<br /><ul><li>Information in an LDAP directory is organized into one or more hierarchies where, at the top of the hierarchy, this is a base entry, and other entries are organized in tree-like structures beneath the base entry
32. Each node on the hierarchy is an entry, with a DN and more than one attributes</li></ul>The protocol accesses LDAP directories:<br /><ul><li>A directory is a tree of directory entries.
33. An entry consists of a set of attributes.
34. An attribute has a name (an attribute type or attribute description) and one or more values.
36. 9/16/2010<br />12<br />The Data Format:<br /><ul><li>The data in an LDAP server is organized in a hierarchical/relational format.
37. The top level is called the domain and </li></ul>the branches are in the form of <br />organizational units, normally departments<br />in an company.<br /><ul><li>These organizational units can then be sub-divided into sub-divisions.