Home Forums OS X Server and Client Discussion Open Directory dsattrtypestandard vs dsattrtypenative

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #373859
    skrimfid
    Participant

    Hello,

    So I’m a little confused on dsattrtypestandard vs. dsattrtypenative. I think I know what the deal is, but I’m not sure so I thought I would give my version of the story and someone could point out where I’m wrong.

    The dsAttrTypeStandard is used for mapping native LDAP records (dsAttrTypeNative) to Directory Service records. The data is stored in LDAP using the Native records. The Standard records aren’t actually written to LDAP (or anywhere) but are used for applications that modify LDAP records so they can always call the consistent interface of the Standard records and not have to worry about the underlying Native records.

    I just vomited that right onto my keyboard and have no idea if it’s accurate or not, but I would LOVE to know what is! I just finished reading Chapter one of the 10.5 Directory Services book which goes into a lot of detail about this very subject, but I’m just having a devil of a time actually interpreting what the Standard records are used for and why? Why not just go right to the native LDAP records?

    Anyway, thanks for reading.

    Matthew

    #373897
    skrimfid
    Participant

    Anyone home?

    #373939

    To understand it better, open up Directory Utility and go to Search and Mappings of a LDAP config. Under the Record Types and Attributes, you’ll see the “Standard” Record Types and Attributes. If you select a top level Record (like Users), you’ll see the objectClasses that are mapped to this Record Type. So when DirectoryService wants to find a user, it knows to search in LDAP for objects of type “inetOrgPerson, posixAccount, etc”, and starts searching in the DN in “Search base”. Once the results come back, the “native” LDAP attributes (such as uidNumber) are mapped to standard attributes (“UniqueID”). The inspector in Workgroup Manager allows you to see what is directly in LDAP (“Native”) and how this being mapped to DirectoryServices (“Standard”). If you had something mapped incorrectly, you could easily see that.

Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Comments are closed