[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Understanding LDAP
At 07:27 PM 7/21/00 +0800, Izauddin Mohd Isa wrote:
>Hi guys,
>
>I'm new to this LDAP. I have surf n surf all the beaches (site) that has
>
>LDAP information but still cannot grasp on how it work in term of the
>directory schema, entry, objectclass and attribute.
>
>Correct me if I'm wrong. The LDAP store it data or entry in the database
>
>based on the directory schema and the schema is based on the objectclass
>
>and the attribute. The openldap distribution come with this
>slapd.oc.conf
>and slapd.at.conf. Is this the standard objectclass and attribute ?
Standard? depends on your definition of standard. For the most part
the schema is 'Standard Track', but does contain a fair amount of
other schema (from various sources).
>What about posixAccount and inetOrgPerson objectclass that I found on some
>of the web site ?
This schema is Informational (ie: not Standard Track).
>Can we defined our own objectclass and attribute ?
Yes, see FAQ: http://www.openldap.org/faq/index.cgi?file=219
>Where can I found the comprehensive list of objectclass and attribute ?
There is no comprehensive list of schema items. However, there are
lists which contain commonly available/used items. See FAQ.
>Said that I want to have an entry in the LDAP database that have the
>info from organizationalPerson, posixAccount and inetOrgPerson
>(I found this at ldap.hklc.com) objectclass, so I just write this three
>oc
>definition in a file and rename it to slapd.oc.conf and discard the
>other
>objectclass. Will this work ? if not why ?
See the FAQ for examples.
>How an entry is written in the LDAP database when we use openldap that
>came with RH6.2 by default ? Said that I enter a data using common name
>and want their unix account information as well, do I have to combine
>the
>structure/schema from the organizationalPerson and posixAccount and
>created a single
>objectclass so that I only have one entry in the LDAP database. If I did
>
>not combine both the objectclass do I have to enter two dn into the LDAP
>
>database ? (one for the organizationalPerson and one for the
>posixAccount).
Best you read the U-Mich guide (see FAQ for URI) or a decent book on
the subject (again see FAQ: http://www.openldap.org/faq/index.cgi?file=73)
I recommend that everyone read:
David Chadwick's online book "Understanding X.500" (remember that LDAP
is an access protocol to an X.500 directory).
http://www.salford.ac.uk/its024/Version.Web/Contents.htm
and Tim Howes' "Use as directed"
http://www.data.com/issue/990207/ldap.html
>Do point me to where I can find the answer for the above question, and
>thank you very much for all the information that I can get.
I suggest browsing the FAQ as well as the mailing list archives...