Subject: A extended architecture of directory entry
Author: eLDAP
In response to: A classic example of directory entry
Posted on: 08/09/2006 02:19:35 PM
Here is another directory entry
dn: uid=Babs_Jensen,ou=people,dc=mydomain,dc=com
uid: Babs_Jensen
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgperson
objectClass: strongAuthenticationUser
cn: Babs Jensen
sn: Jensen
userCertificate:: GXas3KaSd...
givenname: Barbara
mail: bjensen@example.com
In this structure, a auxiliary object class
strongAuthenticationUser is added besides the classic structural object class
inetOrgperson. The
strongAuthenticationUser specifies that the attribute 'userCertificate' MUST be present for this entry to be valid in the LDAP DIT.
>
> On 08/09/2006 02:16:12 PM
eLDAP wrote:
Here is a classic directory entry
dn: uid=Babs_Jensen,ou=people,dc=mydomain,dc=com
uid: Babs_Jensen
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgperson
cn: Babs Jensen
sn: Jensen
givenname: Barbara
mail: bjensen@example.com
In this structure, the structural object class inetOrgperson inherits from structural organizationalPerson, structural person and eventually the abstract object class top. Therefore, when you assign the inetOrgperson object class to an entry, it automatically inherits the required and allowed attributes from the superior object class.
Here, 'objectClass' is the required attribute specified in top while 'cn' and 'sn' are required attributes specified in person. The rest attributes are defined in MAY lists of the objectclasses.
It should be noted that 'uid' is not required by schema itself, but it MIGHT be required to be present by RDN naming rule. Some LDAP servers, like SunOne and Active Directory, may automatically add the RDN as attribute when built up the entry.
References:
