Complete Contents
Chapter 1 Understanding LDAP
Chapter 2 Using the Netscape Directory SDK for Java
Chapter 3 Quick Start
Chapter 4 Writing an LDAP Client
Chapter 5 Using the LDAP Java Classes
Chapter 6 Searching the Directory
Chapter 7 Using Filter Configuration Files
Chapter 8 Adding, Updating, and Deleting Entries
Chapter 9 Comparing Values in Entries
Chapter 10 Working with LDAP URLs
Chapter 11 Getting Server Information
Chapter 12 Connecting Over SSL
Chapter 13 Working with LDAP Controls
Chapter 14 Using SASL Authentication
Chapter 15 Using Netscape's JNDI Service Provider
Chapter 16 Working with Extended Operations
Chapter 17 Using the Asynchronous Interface
Directory SDK for Java 4.0 Programmer's Guide:
Previous Contents Index


This glossary defines terms commonly used when working with LDAP.

base DN.   The distinguished name (DN) that identifies the starting point of a search.

For example, if you want to search all of the entries in the "ou=People," subtree of the directory, "ou=People," is the base DN.

For more information on base DNs and searching the directory, see "Specifying the Base DN and Scope".

continuation reference.   See search reference.

control.   LDAP controls are specified as part of the LDAP v3 protocol. A control provides the means to specify additional information for an operation. Clients and servers can send controls as part of the requests and responses for an operation.

For more information on LDAP controls, see Chapter 13, "Working with LDAP Controls".

DIT.   The hierarchical organization of entries that make up a directory. DIT stands for "Directory Information Tree."

DSA.   An X.500 term for an LDAP server. DSA stands for "Directory System Agent."

DSE.   An entry containing server-specific information. DSE stands for "DSA-specific entry." Each server has different attribute values for the DSE.

extended operation.   An extension mechanism in the LDAP v3 protocol. You can define extended operations to perform services not covered by the protocol. The extended operation mechanism specifies the means for an LDAP client to request a custom operation (not specified in the LDAP protocol) from an LDAP server.

For more information on extended operations, see Chapter 16, "Working with Extended Operations".

LDIF.   LDAP Data Interchange Format. The format is specified in the Internet-Draft "The LDAP Data Interchange Format -- Technical Specification," which is available at the following location: Note that Internet-Drafts expire every six months. If the URL above does not work, try incrementing the number by one. For example, draft-06.txt would become draft-07.txt.

operational attributes.   Attributes that are used by servers for administering the directory. For example, creatorsName is an operational attribute that specifies the DN of the user who added the entry. Operational attributes are not returned in any search results unless you specify the attribute by name in the search request.

For more information on searching the operational attributes, see "Specifying the Attributes to Retrieve".

referral.   Refers an LDAP client to another LDAP server. An LDAP server can be configured to send your client a referral if your client requests a DN with a suffix that is not in the server's directory tree (for example, if the directory includes entries under "" and your client requests an entry under "").

Referrals contain LDAP URLs that specify the host, port, and base DN of another LDAP server.

Note that referrals are not the same as (but are similar to) search references. A search reference is returned as part of the results of a search; a referral is returned when the base DN of a search (or the target DN of any other LDAP operation) is not part of the LDAP server's directory tree.

For more information on handling referrals, see "Handling Referrals".

referral hop limit.   The maximum number of referrals that your client should follow in a row. For example, suppose your client receives a referral from LDAP server A to LDAP server B. After your client follows the referral to LDAP server B, that server sends you a referral to LDAP server C, which in turn refers you to LDAP server D. Your client has been referred 3 times in a row. If the referral hop limit is 2, the referral hop limit has been exceeded.

For more information on handling referrals, see "Handling Referrals".

root DSE.   An entry (a DSE) that is located at the root of the DIT.

For information on getting the root DSE of an LDAP server, see "Getting the Root DSE".

search reference.   Also known as continuation references, search result references, or smart referrals. A search reference is an entry in the directory that refers to another LDAP server (the reference is in the form of an LDAP URL).

Search references are returned in search results along with entries found in the search. (A referral, on the other hand, is returned before searching through any entries. A referral is returned if the base DN does not have a suffix that is handled by the server.)

For more information on handling search references, see "Getting the Search Results".

search result reference.   See search reference.

server plug-in.   Beginning with version 3.0, Netscape Directory Server supports a plug-in interface that allows you to extend the functionality of the server. You can write plug-ins that handle extended operations or SASL authentication requests. For more information on server plug-ins, see the Netscape Directory Server Programmer's Guide.

smart referral.   See search reference.

subschema entry.   Entry containing all the schema definitions (definitions of object classes, attributes, matching rules, and so on) used by entries in part of a directory tree.

For more information on getting the subschema entry, see "Getting the Schema for an LDAP Server".



© Copyright 1999 Netscape Communications Corporation. All rights reserved.