Product SiteDocumentation Site

Chapter 5. Defining Dynamic Attribute Values

5.1. Introduction to Attributes
5.2. About Attribute Uniqueness
5.3. About Classes of Service
5.3.1. About a Pointer CoS
5.3.2. About an Indirect CoS
5.3.3. About a Classic CoS
5.4. About Linking Attributes
5.4.1. Schema Requirements for Linking Attributes
5.4.2. Using Linked Attributes with Replication
5.5. About Dynamically Assigning Unique Number Values
5.5.1. How the Directory Server Manages Unique Numbers
5.5.2. Using DNA to Assign Values to Attributes
5.5.3. Using the DNA Plug-in with Replication
As described in Section 3.2.2, “Standard Attributes”, LDAP entries store discrete parts of information in attributes that are added to an entry.
Red Hat Directory Server provides several different mechanisms for dynamically and automatically maintaining some types of attributes on directory entries. These plug-ins and configuration options simplify managing directory data and expressing relationships between entries.

5.1. Introduction to Attributes

When performing a site survey, one of the earliest steps is to identify the characteristics of the entries in the directory (Section 2.3.3, “Characterizing the Directory Data”). These characteristics are the different aspects of the entities that need to be recorded in the directory entry. For an employee, this means information like the person's manager, title, business category, email address, home and office phone numbers. Each characteristic of the entry is maintained in an entry attribute.
Part of the characteristics of entries are their relationships to each other. Obviously, a manager has an employee, so those two entries are related. Groups are associated with their members. There are less apparent relationships, too, like between entries which share a common physical location.
Red Hat Directory Server provides several different ways that these relationships between entries can be maintained smoothly and consistently. There are several plug-ins can apply or generate attributes automatically as part of the data within the directory:
  • Attribute uniqueness requires that every instance of a particular attribute within the subtree or database has a unique value. This is enforced whenever an entry is created or an attribute is modified.
  • Classes of service use one entry as a template; whenever that attribute value changes, then all other entries within the scope of the CoS automatically have the same attribute on their entries changed. (The entries affected by the CoS are identified through a definition entry.)
  • Linked attributes follow DN values in attributes in one entry and automatically add a pre-determined attribute (with a value that points back to the original entry) to the referenced entries. So, if entry A lists entry B as a direct report, then entry B can automatically be updated to have a manager attribute with entry A as its specified manager.
  • Distributed Numeric Assignments automatically assign unique identifying numbers to entries. This is useful for GID or UID number assignments, which must be unique across an organization.
Consider several things about specific entry attribute values, as part of planning both directory data and directory schema:
  • How are the entries related? Are there common attributes which are shared among entries? Are there attributes which must represent connections between entries?
  • How and where (in what entry) is the original source of the data likely to be maintained? How often is this information updated and how many entries are affected when the data are changed?
  • What schema elements are used by these entries and what is the syntax of those attributes?
  • How does the plug-in handle distributed directory configuration, such as replication or synchronization?