Server Sandbox

LDAP

Maybe at this moment you don't know what is a LDAP but maybe use LDAP in the real life.

LDAP (Lightweight Directory Protocol) concept is similar to use a address book to annotate information about people around you: Adress, email, work mobile,...

As Internet, LDAP is your adress book. And you can use LDAP for this. Your Adress book online!

LDAP is like database, but is specially designed for queries and put public information about employees of an organization or similar. The tree structure of a LDAP is known as Directory Information Tree (DIT):

LDAP object are referenced by its Distinguished Name (DN). A DN is a sequence of Relative Distinguished Names (RDN) connected by commas.

An RDN is an attribute with an associated value in the form attribute=value; normally expressed in a UTF-8 string format.

Each entry is a ObjectClass that can contain a define type of attributes.

LDAP Structure

LDAP is structured in entry. The first entry of a LDAP is simulated.

Typically LDAP have the form of a tree, but not always is it because can be entries that are alias of a other entry.

The entry of a LDAP is limited:

  • STRUCTURAL: Is the ObjectClass that define the entry
  • AUXILIARY: When the Objectclass is a parent of a other ObjectClass. The root ObjectClass is top
  • ABSTRACT: Optional ObjectClass that the entry can be container.

Commonly Used ObjectClass

Type Top Atribute required Atribute Optional
top objectClass
alias top aliasedObjectClass
person top description, seeAlso,
telephoneNumber,
userPassword
organizationalPerson person l, ou, postalAdress,
postalCode, st, street, title
inetOrgPerson organizationalPerson jpegPhoto, mail,
uid, o, userCertificate,...

Commonly Used Attributes

StringAttribute type
DCdomainComponent
CNcommonName
OUorganizationalUnitName
OorganizationName
STREETstreetAddress
LlocalityName
STstateOrProvinceName
CcountryName
UIDuserid