Sun Java System Calendar Server 6.3 Administration Guide

10.3.3 Sun LDAP Schema Version 1 for Calendar Server Version 6.3

The graphic that follows shows an example of an LDAP directory organization for a multiple domain installation that uses Sun LDAP Schema version 1.

This organization includes two trees for domain management:

Figure 10–2 LDAP Directory Organization Using LDAP Schema Version 1

This diagram shows an example of a two tree, Schema version
1, LDAP organization.

The DC tree (node) is similar to the DNS, which determines a domain entry given the domain name. The inetdomainbasedn LDAP attribute points to the base DN, which is the root of the domain’s users, resources and groups in the organization tree (node). Within each domain, the identifiers for Calendar Server users, resources, and groups must be unique.

Note –

If your earlier LDAP configuration did not contain a DC tree, in order to use Schema version 1 mode or Schema version 2 compatibility mode, you must create the DC tree nodes yourself as explained in 10.2 Setting up a Multiple Domain Environment for Calendar Server Version 6.3 for the First Time. However, Schema version 2 is the preferred mode.

In a multiple domain installation using LDAP Schema version 1, a directory search requires these two steps to find an entry:

  1. In the DC tree, the search operation locates the domain entry that contains the value of the DN pointing to the base DN (inetDomainBaseDN attribute) of domain in the organization tree.

  2. In the organization tree, the search operation locates the domain entry and then searches from that entry’s base DN to find the user, resource, or group within the domain.