LDAP Schema is a very important part of LDAP directory services.

Although many people may have a basic understanding of attribute Types and objectClass Types, there is a great deal of information about _LDAP Schema that most people do not know.

Because LDAP Schema is important it is extremely useful to have a more complete understanding of what it really entails. We will make further attempts to provide an in-depth description of schema elements in general.

LDAP Schema of a Directory Server defines a set of rules that govern the kinds of information that the server can hold. Directory schema is comprised of a number of different elements, including:

  • LDAPSyntaxes -- Provide information about the kind of information that can be stored in an attribute.
  • MatchingRule -- Provide information about how to make comparisons against attribute values.
  • Matching Rule Use -- Indicates which attribute types which are suitable for use with an extensibleMatch rules
  • AttributeTypes -- Defined as an Attribute Type Description and includes an OID and a set of names that may be used to refer to a given attribute, and associates that AttributeType with a LDAPSyntaxes and set of matching rules.
  • Object Classes -- Define named collections of attributes and classify them into sets of required and optional attributes.
  • Name Forms -- Define rules for the set of attributes that should be included in the RDN for an entry.
  • DIT Content Rule -- Define additional constraints about the object classes and attributes that may be used in conjunction with an entry.
  • DIT Structure Rule -- Define rules that govern the kinds of subordinate entries that a given entry may have.

Attributes are the elements responsible for storing information in a directory, and the schema defines the rules for which attributes may be used in an entry, the kinds of values that those attributes may have, and how clients may interact with those values.

Clients may learn about the schema elements that the server supports by retrieving an appropriate SubschemaSubentry.

A collection of Links On LDAP Schema#

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-59) was last changed on 05-Jan-2017 12:23 by jim