This figure shows the directory entries that are placed under the example realm cn=sampleRealm.

cn=sampleRealm exists within the following structure:

The top level is cn=Realms.

The second level is cn=sampleRealm.

On the level beneath cn=sampleRealm are three containers:

The entry cn=usermgr stores information related to user management.

The entry cn=rolemgr stores information related to role (group) management.

The cn=Policy container, which in turn stores two types of entries:  cn=Permissions and cn=Grantees.