The Directory Server Access Control Model
Understanding the Directory Server Schema
Matching Rule Description Format
Understanding Attribute Syntaxes
The Attribute Syntax Description Format
Commonly Used Attribute Syntaxes
Attribute Type Description Format
Object Class Description Format
Directory Server Object Class Implementation
Understanding DIT Content Rules
DIT Content Rule Description Format
DIT Content Rule Implementation
DIT Structure Rule Description Format
DIT Structure Rules and Multiple Schemas
DIT Structure Rule Implementation
Understanding Matching Rule Uses
Matching Rule Use Implementation
Understanding Directory Server Plug-Ins
DIT structure rules can be used to define the allowed hierarchical structure of the directory data. In particular, they make it possible to specify what types of entries are allowed to exist as immediate children of entries with a specified structural object class. For example, only entries with the inetOrgPerson structural class can be immediate children of entries with an organizationalUnit structural object class.
DIT structure rules are themselves hierarchical. Each DIT structure rule is assigned a rule ID, which is an integer value, and is also associated with a name form (which in turn links it to a structural object class). DIT structure rules can also reference one or more superior DIT structure rules, and this provides the mechanism for controlling the data hierarchy. If a DIT structure rule does not specify any superior rules, then entries containing its associated structural object class are allowed to exist at the root of the associated schema. If a DIT structure does specify one or more superior rules, then entries with an associated structural object class are allowed to exist only below entries containing the structural object class of one of those superior rules.