The basic elements of an LDAP directory are below.
Entry - It forms the basic information object and is
composed of one or more attributes.
Attribute - The attributes of an object are basically key-value
pairs. But it is required for the objects to contain only valid key. Key is
valid or not is dependent on the class from which the object is derived.
Normally classes define some required or mandatory attributes, some optional
attributes and their types for an object. LDAP contains several classes and one
object can get derived from more than one class.
Distinguished Name (DN) - It represents the unique name used
to refer to a particular object in the tree. It is made up from the DN of the
parent object and RDN of the entry. An RDN identifies the entry among the
children of its parent entry. The RDN's are separated by commas and optional
spaces. It is possible to have multi-attribute distinguished names by putting a
"+" between the attributes.
Schema – The directory schema defines a set or rules for
storing data in a directory. It basically defines the directory's object class
and attributes type. We have already discussed object classes in detail above.
A schema attribute type basically defines the attributes type name and its
unique ID, attribute's syntax and matching types. It can also define whether
the type is single or multi valued.
Let us look at an example. A common use of LDAP is an address
book. For this we can use the structural class called "person" which
defines sn (surname) and cn (commonname) as the required attributes. The
optional attributes provided by this class are telephoneNumber, seeAlso and
description. If we want to store addresses, we need to use
"organizationalPerson" class which derives from "person"
class and adds several more attributes like title, street, postalAddress,
postalCode, etc. And since it derives from person class, we still have the sn
and cn attributes.