LDAP

Provides operations for querying LDAP directories. LDAP directories are generally used to store information about the people in an organization. For example, LDAP directories typically store information about the business unit that a person belongs to, information that identifies the person, and information about how to contact them, such as telephone numbers and email addresses.

Directory structure

LDAP directories use a tree structure as the data model. Different types of databases, such as Sun ONE or Microsoft Active Directory, use different tree structures. LDAP administrators typically customize the directory structure based on the requirements of their organization.

Note: Talk to your LDAP administrator for information about the directory that you are querying.

The following graphic shows a very simple directory tree. LDAP directories typically contain many more items, numbering in the thousands.

The structure of the tree and the information that each item in the tree stores is defined by the directory schema.

Distinguished name

Each item in the tree is uniquely identified by their distinguished name (DN). The DN includes the relative DN of the directory item (for example ou=People) concatenated with the relative DN of the parent items in the tree.

A.
The DN of this item is cn=marketing,ou=Groups,dc=YourCompany,dc=com

B.
The DN of this item is ou=People,dc=YourCompany,dc=com

Each item in the directory tree has a number of attributes that are used to store information about the item. For example, items that represent people typically have an attribute named mail which is used to store the person’s email address.

The attributes of an item are defined by rules in the directory schema. Each item has the objectClass attribute which determines the schema rules that govern the item.

Base DN

Typically, when you connect to an LDAP server you specify the area of the directory tree that you want to use. To specify the area, you provide the DN of the item in the tree that contains all of the other items that you want to use. This DN is called the base DN.

For example, a base DN of ou=People,dc=YourCompany,dc=com provides access to information in that item and the items that it contains.

Using a base DN improves system efficiency because only the information in the base DN is retrieved from the LDAP server.

For information about using the LDAP service, see Services Reference for AEM forms .

// Ethnio survey code removed