Table of Contents
Advertisement
Managing Authentication Servers
In addition to managing attributes in directory entries, LDAP makes the descriptive information stored in
the entries accessible to other applications. The general structure of entries in a directory tree is shown in
the following illustration. It also includes example entries at various branches in the tree.
c=Canada
st=Arizona
cn=your full name, ou=your function, o=your company, c=US
Directory Searches
DNs are always the starting point for searches unless indicated otherwise in the directory schema.
Searches involve the use of various criteria including scopes and filters which must be predefined, and
utility routines, such as Sort. Searches must be limited in scope to specific durations and areas of the direc-
tory. Some other parameters used to control LDAP searches include the size of the search and whether to
include attributes associated with name searches.
Base objects and scopes are specified in the searches, and indicate where to search in the directory. Filters
are used to specify entries to select in a given scope. The filters are used to test the existence of object
class attributes, and enable LDAP to emulate a "read" of entry listings during the searches. All search
preferences are implemented by means of a filter in the search. Filtered searches are based on some
component of the DN.
Retrieving Directory Search Results
Results of directory searches are individually delivered to the LDAP client. LDAP referrals to other serv-
ers are not returned to the LDAP client, only results or errors. If referrals are issued, the server is responsi-
ble for them, although the LDAP client retrieves results of asynchronous operations.
Directory Modifications
Modifications to directory entries contain changes to DN entry attribute values, and are submitted to the
server by an LDAP client application. The LDAP-enabled directory server uses the DNs to find the entries
to either add or modify their attribute values.
Attributes are automatically created for requests to add values if the attributes are not already contained in
the entries.
OmniSwitch AOS Release 7 Network Configuration Guide
ROOT
dn=c=US
c=US
st=California
ou=department
ou=function
cn=your full name
Directory Information Tree
dn=o=your company,c=US
o=your company
ou=section
cn=co-worker full nam e
June 2013
LDAP Servers
page 29-17
- Quick Links:
- Configuring Vlans
Hide quick links:
Advertisement
Table of Contents
