LDAP Directory Information Models (RFC 4512) discusses the X.500 Directory Information Models X.501, as used by the Lightweight Directory Access Protocol (LDAP) RFC 4510.

LDAP Directory Information Models Introduction#

The Directory is "a collection of open systems cooperating to provide Directory Services" X.500. The information held in the Directory is collectively known as the Directory Information Base (DIB). A Directory user, which may be a human or other entity, accesses the Directory through a client (or Directory User Agent (DUA)). The client, on behalf of the directory user, interacts with one or more servers (or Directory System Agents (DSA)). A server holds a fragment of the DIB.

The Directory Information Base contains two classes of information:

  • user information (e.g., information provided and administrated by users). Section 2 describes the LDAP Model of User Information.
  • administrative and operational information (e.g., information used to administer and/or operate the directory). Section 3 describes the model of Directory Administrative and Operational Information.

These two models, referred to as the generic Directory Information Models, describe how information is represented in the Directory.

These generic models provide a framework for other information models. Section 4 discusses the subschema information model and subschema discovery. Section 5 discusses the DSA (Server) Informational Model.

Other X.500 information models (such as access control distribution knowledge and replication knowledge information models) may be adapted for use in LDAP. Specification of how these models apply to LDAP is left to future documents.

The set of entries representing the DIB are organized hierarchically in a tree structure known as the Directory Information Tree (DIT).

