LDAP Terms

 

Schema

The schema is the set of rules or the structure that defines the types of data that can be stored in a directory, and how that data can be stored. Data is stored in the form of entries.

Active Directory (AD)

The Microsoft directory service, commonly used with Windows-based networking. Microsoft Active Directory is compatible with LDAP.

eDirectory

The Novell directory service, used for Novell NetWare-based networking. Novell eDirectory has an LDAP gateway that can be used for management.

Entry

The data that is stored in the LDAP directory. Entries are stored in attribute/value (or name/value) pairs, where the attributes are defined by object classes. A sample entry would be cn=john where cn (common name) is the attribute, and john is the value.

Object class

Object classes define the type of entries that an LDAP directory may contain. A sample object class, as used by AD, would be user or group.

Object

In LDAP terminology, the entries in a directory are referred to as objects. For the purposes of the SonicOS implementation of the LDAP client, the critical objects are User and Group objects. Different implementations of LDAP can refer to these object classes in different fashions; for example, Active Directory refers to the user object as user and the group object as group, while RFC2798 refers to the user object as inetOrgPerson and the group object as groupOfNames.

Attribute

A data item stored in an object in an LDAP directory. The object can have required attributes or allowed attributes. For example, the dc attribute is a required attribute of the dcObject (domain component) object.

dn

A distinguished name, which is a globally unique name for a user or other object. It is made up of a number of components, usually starting with a common name (cn) component and ending with a domain specified as two or more domain components (dc). For example, cn=john,cn=users,dc=domain,dc=com.

cn

The common name attribute is a required component of many object classes throughout LDAP.

ou

The organizational unit attribute is a required component of most LDAP schema implementations.

dc

The domain component attribute is commonly found at the root of a distinguished name and is commonly a required attribute.

TLS

Transport Layer Security is the IETF standardized version of SSL (Secure Sockets Layer). TLS 1.0 is the successor to SSL 3.0.