[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: which attributes compose "Relative Distinguished Names"
Song a écrit :
> Emmanuel JEGOU wrote:
> >
> > Song a écrit :
> >
> > > Emmanuel JEGOU wrote:
> > > >
> > > > Song a écrit :
> > > >
> > > > > Hello,
> > > > >
> > > > > I'm new to LDAP and am confused about:
> > > > >
> > > > > 1.which attributes compose "Relative Distinguished Names"? It seems that
> > > > > nothing
> > > > > in the configuration file indicates them.
> > > >
> > > > You can have the attribut you want for the Relative Distinguished Name, but
> > > > on one level of your tree it must be the same.
> > > >
> > >
> > > Thank you for the help. But I'm still confused :(
> > >
> > > If we don't indicate which attributes compose RDN and their levels in
> > > the tree, then we
> > > can have several different views of the database, for example:
> > >
> > > c=CN c=CN
> > > /\ /\
> > > / \ / \
> > > / \ / \
> > > / \ / \
> > > o=org1 o=org2 ou=unit1 ou=unit2
> > > /\ /\ /\ /\
> > > / \ / \ / \ / \
> > > / \ / \ / \ / \
> > > ou=unit1 ou=unit2 ou=unit1 ou=unit2 o=org1 o=org2 o=org1 o=org2
> > >
> > > Thanks in advance
> > >
> > > song
> >
> > No, you can't have several different views because you have the DN of each entry
> > that identifie each one in the entire tree. For example, with the tree on the
> > left, the bottom left entry is identified by : 'dn:ou=unit1, o=org1, c=CN' and
> > the right one by : 'dn:o=org1, ou=unit1, c=CN'. The order in the DNs is
> > significant so the two trees above are different.
> > I am no sure you could have the tree on the right because I think you should have
> > your Organization (o=org1) before your OrganizationalUnit (ou=unit1). But I am
> > not sure of it.
> Surely we human beings understand the right order, but how does the LDAP
> software
> know which order is right (the left one) and refuse to treate "o=org1,
> ou=unit1,
> c=CN" as a valid DN?
I just tested it and LDAP accept it as a valid DN. But, you have to create your
directory without this kind of problems. It is not an easy way to have a good LDAP
directory and it may take quite a long time before having the good directory which will
work fine.
good luck.
>
> >
> > Hope it could help you. If someone know I am wrong somewhere, tell me please ; I
> > am new with LDAP too.
> >
> > Manu.
> >
--
---------------------------------
Emmanuel JEGOU
mailto:Emmanuel.Jegou@naonet.fr
---------------------------------
Naonet => Internet - Intranet
http://www.naonet.fr
---------------------------------