Previous | Next | Trail Map | The Basics | Preparations

What's in the Directory?

Once you've set up the directory, or have directed your program to communicate with an existing directory, what sort of information can you expect to find there?

There are two kinds of information that you can get from the directory: bindings and attributes. The directory can be viewed as consisting of name-to-object bindings. That is, each object in the directory has a corresponding name. An object in the directory can be retrieved by looking up its name. If you are using a naming service like the file system (as we will be doing in some of our examples), the objects are files and they are bound to file names.

Another kind of data that is stored in the directory are attributes. An object in the directory, in addition to having a name, also has an optional set of attributes. You can ask the directory for an object's attributes, as well as ask the directory to search for an object that has certain attributes.

Examples of accessing both these kinds of information are given in this trail. Specifics of exactly what you can access from a naming or directory service depend on how the particular service has been laid out and what information has been added into it.

Directory Schema

A schema specifies the types of objects that a directory may contain. This tutorial populates the directory with entries, some of which require special schema definitions. To accommodate these entries, you must first either turn off schema-checking in the server, or add the schema files that accompanies this tutorial to the server. Both of these tasks are typically performed by the directory server's administrator. This tutorial comes with two schema files that must be installed: The format of these files is a in formal description that might not be in a format that can be directly copied and pasted into server configuration files. Specifically, the attribute syntaxes are described in terms of RFC 2252. The Netscape Directory Server 4.1 has a different way of identifying attribute syntaxes. For that server, you should use "case ignore string" for the attributes with the "DirectoryString" syntax (1.3.6.1.4.1.1466.115.121.1.15), and use "binary" for the attribute with the Octet String syntax (1.3.6.1.4.1.1466.115.121.1.40).

Different directory servers have different ways of configuring their schema. This tutorial comes with some tools for installing the Java and CORBA schemas on directory servers that permit its schemas to be modified via the LDAP protocol. It also comes with tools for updating an existing directory that used older versions of these schemas.

  1. Create Java Schema
  2. Create CORBA Schema
  3. Update directory entries that used an outdated Java schema
  4. Update directory entries that used an outdated CORBA schema
Follow the instructions in the accompanying README file to run these programs.
Note: If you are using Netscape Directory Server 4.1, you must make the following schema modification.

If you are updating the schema by manually updating its configuration files, first locate the java-object-schema.conf file in the server installation at the directory named: 

NETSCAPE-DIRECTORY-HOME/slapd-SERVER-ID/config/
The contents of java-object-schema.conf is out-of-date. You must update it by using the contents of the updated schema. Also, instead of using the syntax for Octet String (1.3.6.1.4.1.1466.115.121.1.40), use Binary (1.3.6.1.4.1.1466.115.121.1.5) because DS 4.1 does not support the Octet String syntax.

If you are updating the schema using the Java programs that accompany this tutorial, first locate the ns-schema.conf file in the server installation at the directory named: 

NETSCAPE-DIRECTORY-HOME/slapd-SERVER-ID/config/
Comment out the line that contains java-object-schema.conf because that schema is out-of-date. Restart the server and use the CreateJavaSchema program to install the updated schema. It is necessary to manually remove the reference to the old schema from the list of built-in schemas in ns-schema.conf because the server does not permit such built-in schemas to be modified via the LDAP protocol.

Providing Directory Content for This Tutorial

To set up the file system namespace, run the Setup program. To run this program, you give it the name of the directory in which to create the tutorial test namespace. For example, typing the following: 
# java Setup /tmp/tutorial
creates a directory "/tmp/tutorial" and populates it with directories and files.

In the directory examples in this trail, the results shown reflect how the LDAP directory has been set up using the configuration file (tutorial.ldif) that accompanies this tutorial. If you are using an existing server, or a server with a different setup, you may see different results. Before you can load the configuration file (tutorial.ldif) into the directory server, you must first follow the instructions for updating the server's schema.

Installation Note: Access Control Different directory servers handle access control differently. Some examples in this trail perform updates to the directory. Therefore, you need to take server-specific actions to make the directory updatable in order for those examples to work. For the Netscape Directory Server, add the "aci" entry suggested in the netscape.aci.ldif file to the "dn: o=JNDITutorial" entry to make the entire directory updatable.

Previous | Next | Trail Map | The Basics | Preparations