[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Building an LDAP database "for dummies"

To: Jonathan Coles <jcoles0727@rogers.com>
Subject: Re: Building an LDAP database "for dummies"
From: Howard Chu <hyc@symas.com>
Date: Tue, 29 Jun 2004 21:07:52 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <40E23135.2050700@rogers.com>
References: <40E23135.2050700@rogers.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a2) Gecko/20040622

Jonathan Coles wrote:

In trying to learn how to create an LDAP database, my head is spinning with all the verbiage about trees, DN, CN, DC, slapd.conf, ldap.conf and so on. Is there a simple working example with an LDIF file, slapd.conf, and ldap.conf file that could get me started?

No matter what I try, ldapadd always complains that there is "No such object". The error message is useless as it doesn't tell me which object. And, of course, some of the objects don't exist because I'm trying to define them! Catch-22.

What I'm reading in the documentation and in this group tells me that the database has a "tree" structure that must match in the database and the queries. What is this tree? Is it the schema files that are included into slapd.conf? Or is it the DN, CN, objectClass statements in the LDIF file I use to create the database? Or, is something else I don't yet know about?

Have you ever used the Domain Name System? (Yes, obviously.) Do you understand the notion of a "hierarchical namespace"? Surely you've already been heavily exposed to it, the filesystem on the computer you're typing on is most likely hierarchical as well. LDAP/X.500 is no different, these are all directories of one form or another and they all store data in a similar fashion.

In DNS there are "TLDs" (Top Level Domains) - .com, .edu, .org, .us, etc... Other subdomains are created underneath these domains, e.g. openldap.org. There can be arbitrarily many subdomains nested in this fashion, e.g. "room8.level6.LosAngeles.ca.MyCompany.com" and there can be various other entries inside a subdomain e.g. "printer1.room8.level6.LosAngeles.ca.MyCompany.com", printer2..., and so on.

In creating any hierarchical tree, you have to start at the root node and work your way down. You can't create "MyCompany.com" if ".com" doesn't exist yet. You can't create "CA.MyCompany.com" until "MyCompany.com" has been created.

Just like in a filesystem directory - to create /usr/local/lib/gcc you first have to make sure that /usr, /usr/local, and /usr/local/lib exist first, in that order.

So - "What is this tree?" - the tree is the structure you design to contain the data you're going to store. Schema is just a description of what kinds of data will be recognized by the server, but it doesn't say anything about the location of the data. The tree structure gives you the location. -- -- Howard Chu Chief Architect, Symas Corp. Director, Highland Sun http://www.symas.com http://highlandsun.com/hyc Symas: Premier OpenSource Development and Support

Follow-Ups:
- Re: Building an LDAP database "for dummies"
  - From: pkoelle <paul@subsignal.org>
- Re: Building an LDAP database "for dummies"
  - From: Jonathan Coles <jcoles0727@rogers.com>

References:
- Building an LDAP database "for dummies"
  - From: Jonathan Coles <jcoles0727@rogers.com>

Prev by Date: Re: Is the Mozilla LDIF export bogus?
Next by Date: Re: Building an LDAP database "for dummies"
Index(es):
- Chronological
- Thread