LDAP Sharing knowledge :)

Several days ago, I read a book about LDAP. Understanding the schema and understanding components inside it, is part of my purpos e on reading it. The following are the points that I got from the book. I hope this blog help any visitors of this blog to understand LDAP.

I would like to start with the schema. What actually schema is used for? The schema is used for defining the structure of your organization in LDAP. The schema is defining 2 components to build the structure of your organization. They are:
1. Object class
Object classes define what entries are possible in an LDAP directory. Please have a look at the following example:

objectclass ( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an organization' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )

You may be often to see the above object class defined in your ldif file when you are trying to update or add an entry to your LDAP. The above piece of code, is defining objectClass named organization. The thing that you need to put your attention on is keyword NAME, SUP, MAY and MUST.

What are those things mean?
NAME means the name of your object, it should be unique among all of the object defined.
SUP means that from which class it is derived.
MUST means the compulsory attribute that should exist when you add an entry to which class it belongs to.
May means a not compulsory attribute.

For your information, actually, there are 3 classes that is provided by LDAP (read: OpenLDAP) they are: abstract classes, auxiliary classes, and structural classes. As a lot of cases, people more often to use structural class, in the above example, I am using structural class as you can see from the above example.

2. Attribute
Attribute is defining attribute that objectClass has. For better understanding, I would like to give an example. Below is the example declaration of attribute o and the above example in objectClass organization is the example usage (Please have a look):

dn: dc=atlassian,dc=com objectClass: dcObject objectClass: organization dc: atlassian o: Kia Huat

Please have a look at the following messy picture:



From the above picture, we can see that objectClasses defined are department, sales and IT. ObjectClass sales has several attribute which are name, age and hobby. so does IT.

In attribute, you can define it as a text, image or any sort of data. Howeve, I wont cover up all of those things. It would be better to see it by yourself as it should not be a big problem to understand it.

If you have any comments or advise, I would appreciate it. Please do not hesitate to give it to this blog.

Have a nice day !!!