-
-
Several things distinguish a directory service from a relational database. Data can be redundant if it aids performance.
Directory schemas are object classes, attributes, name bindings and knowledge (namespaces) where an object class has:
- Must– attributes that each instances must have
- May– attributes which can be defined for an instance but can be omitted, with the absence similar to NULL in a relational database
Attributes are sometimes multi-valued, allowing multiple naming attributes at one level (such as machine type and serial number concatenation, or multiple phone numbers for “work phone”). Attributes and object classes are standardized throughout the industry, and formally registered with the IANA for their object ID. Therefore, directory applications try to reuse standard classes and attributes to maximize the benefit of existing directory-server software.
Object instances are slotted into namespaces; each object class inherits from its parent object class (and ultimately from the root of the hierarchy), adding attributes to the must-may list. Directory services are often central to the security design of an IT system and have a correspondingly-fine granularity of access control.
-
Leave a Reply
You must be logged in to post a comment.