The Lightweight Directory Access Protocol (LDAP) is the protocol^[138] for accessing the preeminent directory services deployed in the world today. Over time, system administrators are likely to find themselves dealing with LDAP servers and clients in a number of contexts. For example, Active Directory and Mac OS X Open Directory are both LDAP-based. This tutorial will give you an introduction to the LDAP nomenclature and concepts you’ll need when using the material in Chapter 9.

The action in LDAP takes place around a data structure known as an entry. Figure C-1 is a picture to keep in mind as we look at an entry’s component parts.

Figure C-1. The LDAP entry data structure

An entry has a set of named component parts called attributes that hold the data for that entry. To use database terms, they are like the fields in a database record. In Chapter 9 we use Perl to keep a list of machines in an LDAP directory. Each machine entry will have attributes like name, model, location, owner, etc.

Besides its name, an attribute consists of a type and the value for the attribute. The value has to be of the type defined for the attribute. For example, if you are storing employee information, your entry might have a phone attribute that has a type of telephoneNumber. The value of this attribute might be that employee’s phone number. A type also has a syntax ...