55 lines
3.6 KiB
HTML
55 lines
3.6 KiB
HTML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="dc.language" scheme="rfc1766" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow"/>
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<title>Directory Server (LDAP) - User projected directory information tree</title>
|
|
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
|
|
<link rel="stylesheet" type="text/css" href="ic.css" />
|
|
</head>
|
|
<body>
|
|
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
|
|
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
|
|
|
|
|
|
<a name="rzahyusrprjdit"></a>
|
|
<h3 id="rzahyusrprjdit">User projected directory information tree</h3>
|
|
<p>The figure below shows a sample directory information tree (DIT) for the
|
|
user projected backend. The figure shows both individual and group profiles.
|
|
In the figure, JSMITH and TSMITH are user profiles, which is indicated internally
|
|
by the group identifier (GID), GID=*NONE (or 0); EDITORS is a group profile,
|
|
which is indicated internally by a non-zero GID.</p>
|
|
<p>The suffix dc=SystemA,dc=acme,dc=com is included in the figure for reference.
|
|
This suffix represents the current database backend which is managing other
|
|
LDAP entries. The suffix cn=schema is the current server-wide schema being
|
|
used.</p>
|
|
<div class="mmobj">
|
|
<img src="rzahy501.gif" alt="Figure shows an example of a directory root. The information represented in this figure is discussed in the text preceding and following this figure." /></div>
|
|
<p>The root of the tree is a suffix, which defaults to <tt class="xph">os400-sys=<span class="italic">SystemA.acme.com</span></tt>, where <tt class="xph"><span class="italic">SystemA.acme.com</span></tt> is the name of your system.
|
|
The objectclass is <tt class="xph">os400-root</tt>. Although the DIT cannot
|
|
be modified or deleted, you can reconfigure the system objects' suffix. However,
|
|
you must ensure that the current suffix is not being used in ACLs or elsewhere
|
|
on the system where entries would need to be modified should the suffix be
|
|
changed.</p>
|
|
<p>In the previous figure, the container, cn=accounts, is shown below the
|
|
root. This object cannot be modified. A container is placed at this level
|
|
in anticipation of other kinds of information or objects that might be projected
|
|
by the operating system in the future. Below the cn=accounts container are
|
|
the user profiles that are projected as <tt class="xph">objectclass=os400-usrprf</tt>.
|
|
The user profiles are referred to as projected user profiles and are known
|
|
to LDAP in the form <tt class="xph">os400-profile=JSMITH,cn=accounts,os400-sys=SystemA.acme.com</tt>.</p>
|
|
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
|
|
</body>
|
|
</html>
|