This month, we continue our exploration of LDAP: the Lightweight Directory Access Protocol. If you followed along last month, you should now have a working LDAP server. Now we’ll look at two ways of using it — for a company directory and for user authentication. But first, let’s take a look at LDAP schema.
Friday, February 15th, 2002
Share This:
This month, we continue our exploration of LDAP: the Lightweight Directory Access Protocol. If you followed along last month, you should now have a working LDAP server. Now we’ll look at two ways of using it — for a company directory and for user authentication. But first, let’s take a look at LDAP schema.
About Schema
A schema is a collection of object and attribute definitions that defines the structure of the entries in a database, and LDAP has its own schema definitions. LDAP objects are standardized in order to provide interoperability with a variety of directory services servers. On Linux systems, schema definitions are stored in files located in the /etc/ openldap/schema/ subdirectory. Specify the files that are in use via entries in the OpenLDAP configuration file, /etc/openldap/slapd.conf, as in the examples in Listing One.
Listing One: Configuration Entries
include /etc/openldap/schema/core.schema include /etc/openldap/schema/misc.schema
Object definitions in the schema files are fairly easy to understand; take a look at Listing Two. This is the definition of the person object class. The first line specifies the unique Object Identifier (2.5.6.6), followed by the class name (‘person’), a notation that the parent class is the top pseudo-object indicating the top of the hierarchy, and that this is a STRUCTURAL object. The remaining lines specify required and optional attributes for the object, with the use of…
Please log in to view this content.
Not Yet a Member?
Register with LinuxMagazine.com and get free access to the entire archive, including:
