Table of Contents
Advertisement
• Mail routing (postfix, sendmail)
• Address books for mail clients, like Mozilla, Evolution, and Outlook
• Administration of zone descriptions for a BIND9 name server
• User authentication with Samba in heterogeneous networks
This list can be extended because LDAP is extensible, unlike NIS. The clearly-defined
hierarchical structure of the data eases the administration of large amounts of data, be-
cause it can be searched more easily.
35.2 Structure of an LDAP Directory
Tree
To get a deep background knowledge on how an LDAP server works and how the data
are stored, it is vital to understand the way the data are organized on the server and how
this structure enables LDAP to provide fast access to the data you need. To successfully
operate an LDAP setup, you also need to be familiar with some basic LDAP terminol-
ogy. This section introduces the basic layout of an LDAP directory tree and provides
the basic terminology used in an LDAP context. Skip this introductory section, if you
already have some LDAP background knowledge and just want to learn how to set up
an LDAP environment in SUSE Linux Enterprise.
An LDAP directory has a tree structure. All entries (called objects) of the directory
have a defined position within this hierarchy. This hierarchy is called the directory in-
formation tree (DIT). The complete path to the desired entry, which unambiguously
identifies it, is called distinguished name or DN. A single node along the path to this
entry is called relative distinguished name or RDN. Objects can generally be assigned
to one of two possible types:
container
These objects can themselves contain other objects. Such object classes are root
(the root element of the directory tree, which does not really exist), c (country),
ou (organizational unit), and dc (domain component). This model is comparable
to the directories (folders) in a file system.
LDAP—A Directory Service
673
Advertisement
Table of Contents
Troubleshooting
