Home arrow Site Administration arrow Page 5 - Understanding LDAP (part 1)

The Sins Of The Fathers... - Administration

Wish there was a global Yellow Pages so that you could find peopleon the Web quicker? LDAP might just be what you're looking for. In thisintroductory tutorial, get up to speed on basic LDAP concepts, including theLDAP information model, LDAP objects and LDAP naming conventions.

  1. Understanding LDAP (part 1)
  2. Of Needles And Haystacks
  3. Looking For Answers
  4. Treating Entries As Objects
  5. The Sins Of The Fathers...
By: Vikram Vaswani, (c) Melonfire
Rating: starstarstarstarstar / 75
February 27, 2003

print this article


One of the nice things about object-oriented programming is inheritance - which means, simply, that you can take a pre-existing object and use it to spawn a child object which inherits all the properties of the parent, while simultaneously including any custom properties you may decide to give it. And your newly-created object can, in turn, serve as the base for yet another object, and so on ad infinitum...

In the LDAP world, all this means is that object definitions can be inherited, thereby freeing schema designers to concentrate on other, more important things. In the example above, for instance, you'll see that the definition for the "inetOrgPerson" class does not include attributes for "cn" and "sn" - even though my original LDAP entry includes these attributes.

Why, you ask? Because the "inetOrgPerson" class also inherits some attributes from the "organizationalPerson" class

objectclass ( NAME 'organizationalPerson'
DESC 'RFC2256: an organizational person'
MAY ( title $ x121Address $ registeredAddress $ destinationIndicator
preferredDeliveryMethod $ telexNumber $
teletexTerminalIdentifier $
telephoneNumber $  internationaliSDNNumber $
facsimileTelephoneNumber $
street $  postOfficeBox $ postalCode $ postalAddress $
physicalDeliveryOfficeName $ ou $ st $ l ) )

which, in turn, inherits some attributes (including the lost-but-now-found "cn" and "sn" attributes) from the "person" class.

objectclass ( NAME 'person'
DESC 'RFC2256: a person'
MUST ( sn $ cn )
MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )

In case you're wondering, all these definitions are LDAP standards and come bundled with most LDAP servers; however, if you have the time (and necessary knowledge), LDAP also allows you to design your own schema definitions and include them in your object collection.

You can also apply more than one object definition to a single entry - consider the following hybrid:

dn: dc=melonfire, dc=com
objectclass: dcObject
objectclass: organization
dc: melonfire
o: Melonfire

In this case, I've said that the entry is an instance of the "dcObject" and "organization" classes. Since I've used more than one object class, the final LDAP entry must be compliant with the rules specified in each of the referenced class definitions.

Now, while I'd love to go on and on about the theory behind LDAP, this is, sadly, all we have time for at the moment (it's also all you really need to know about LDAP, unless you're a geek with a penchant who likes calculating pi to the nineteenth digit). In the second part of this article, I'll be putting all this theory to the test, using it to build a real, live LDAP-based address book for a small office. Make sure you come back for that!

Note: Examples are illustrative only, and are not meant for a production environment. Melonfire provides no warranties or support for the source code described in this article. YMMV!

>>> More Site Administration Articles          >>> More By Vikram Vaswani, (c) Melonfire

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Coding: Not Just for Developers
- To Support or Not Support IE?
- Administration: Networking OSX and Win 7
- DotNetNuke Gets Social
- Integrating MailChimp with Joomla: Creating ...
- Integrating MailChimp with Joomla: List Mana...
- Integrating MailChimp with Joomla: Building ...
- Integrating MailChimp with Joomla
- More Top WordPress Plugins for Social Media
- Optimizing Security: SSH Public Key Authenti...
- Patches and Rejects in Software Configuratio...
- Configuring a CVS Server
- Managing Code and Teams for Cross-Platform S...
- Software Configuration Management
- Back Up a Joomla Site with Akeeba Backup

Developer Shed Affiliates


Dev Shed Tutorial Topics: