Internet Express for Tru64 UNIX Version 6.10 Administration Guide (5900-1418, March 2011)
Figure 64 LDAP Directory Tree Structure
ZK-1476U-AI
o=unix
ou=people
ou=groups
uid=straw
uid=smith
cn=Engineering
cn=Marketing
RDN: ou=people
DN: ou=people, o=unix
RDN: uid=straw
DN: uid=straw, ou=people, o=unix
The attributes that are required or allowed in a directory entry are defined in an object class. Each
directory entry must contain an objectclass attribute that has at least one object class definition
for that entry. The LDAP protocol defines a standard set of object classes to promote interoperability.
It is also possible to extend the set of standard object classes by adding new object classes and
attributes. The collection of all object classes and their attributes is called the directory schema.
Example 6 shows the object class definition for person, as defined in an LDAP directory server
standard directory schema.
Example 6 LDAP Standard Object Class Definition for Person
objectclass person
oid 2.5.6.6
superior top
requires
sn,
cn
allows
description,
seeAlso,
telephoneNumber,
userPassword
In this example, the person object class inherits attributes from the object class called top. The
person object class requires the attributes sn (surname) and at least one cn (common name);
you can store multiple common names per surname. Other attributes (description, seeAlso,
telephoneNumber, and userPassword) are allowed, but not required. An entry for the person
object class might look like the following:
cn: James Kirk
cn: James T. Kirk
sn: Kirk
description: Admiral
userpassword:Gb0Rda/KJV//a
telephonenumber: +1 555 555-1212
objectclass: top
objectclass:person
Using the LDAP Browser
The Tru64 UNIX LDAP Browser allows any directory that is accessible through an LDAP V3 directory
server to be browsed, searched, and modified using a graphical user interface. The LDAP Browser
can be run on any platform that has Java Runtime Engine (JRE) Version 1.3 or higher installed.
196 LDAP Directory Server Administration