|Red Hat Enterprise Linux 3: Reference Guide|
|Prev||Chapter 14. Lightweight Directory Access Protocol (LDAP)||Next|
Any discussion of LDAP requires a basic understanding of a set of LDAP-specific terms:
entry — A single unit within an LDAP directory. Each entry is identified by its unique Distinguished Name (DN).
attributes — Information directly associated with an entry. For example, an organization could be represented as an LDAP entry. Attributes associated with the organization might be its fax number, its address, and so on. People can also be represented as entries in the LDAP directory. Common attributes for people include the person's telephone number and email address.
Some attributes are required, while other attributes are optional. An objectclass definition sets which attributes are required and which are not for each entry. Objectclass definitions are found in various schema files, located in the /etc/openldap/schema/ directory. For more information on LDAP schema, refer to Section 14.5 The /etc/openldap/schema/ Directory.
LDIF — The LDAP Data Interchange Format (LDIF) is an ASCII text representation of LDAP entries. Files used for importing data to LDAP servers must be in LDIF format. An LDIF entry looks similar to the following example:
[<id>] dn: <distinguished name> <attrtype>: <attrvalue> <attrtype>: <attrvalue> <attrtype>: <attrvalue>
Each entry can contain as many <attrtype>: <attrvalue> pairs as needed. A blank line indicates the end of an entry.
All <attrtype> and <attrvalue> pairs must be defined in a corresponding schema file to use this information.
Any value enclosed within a "<" and a ">" is a variable and can be set whenever a new LDAP entry is created. This rule does not apply, however, to <id>. The <id> is a number determined by the application used to edit the entry.