Adding some sample data using Apache Directory Studio

exercise No. 1

Populating the DIT

Q:

Add two departments billing and research. Then supply corresponding user entries to both departments by using the LDAP browser view. (As being mentioned previously hardcore hackers take this track neglecting time consuming GUI stuff).

Hint: If you do have limited understanding of LDAP classes an schemata you may want to create entries containing the following objectClass values:

Departments billing and research:
Child user entries below billing and research:

Note that required parent objectClass definitions like top and person are being omitted here. Apache Directory Studio will gracefully add missing objectClasses on behalf of you automatically. The subsequent LDIF dump may serve as a hint:

...
	      dn: ou=billing,dc=hdm-stuttgart,dc=de
	      objectClass: top
	      objectClass: organizationalUnit
	      ou: billing

	      dn: ou=research,dc=hdm-stuttgart,dc=de
	      objectClass: top
	      objectClass: organizationalUnit
	      ou: research

	      dn: uid=lapinski,ou=billing,dc=hdm-stuttgart,dc=de
	      objectClass: posixAccount
	      objectClass: top
	      objectClass: person
	      objectClass: organizationalPerson
	      cn: Mee Lapinski
	      gidNumber: 100
	      homeDirectory: /home/lapinski
	      sn: Lapinski
	      uid: lapinski
	      uidNumber: 1023
	      ...

Question: What is the ratio behind adding the objectClass value posixAccount? Hint: Try to create a corresponding dataset having two persons with identical names within the same department.

A:

Your result may look like:

Figure 1102. Two departments billing and research populated with sample user entries
Two departments billing and research populated with sample user entries

Without having the objectClass value posixAccount the attribute uid would be disallowed and could thus not be part of our DN values. This would leave us with solutions like:

dn: cn=Mee Lapinski,ou=billing,dc=hdm-stuttgart,dc=de

This in turn disallows identical common names (e.g. a second Mee Lapinski) within the same department. Thus the auxiliary objectClass posixAccount enables us to introduce additional mandatory uid attribute being the unique identifier within a given parent scope.