Directory information tree
This information describes the Directory Server directory information tree (DIT).
- cn=Admin
- cn=Event Notification
- cn=Front End
- cn=Kerberos
- cn=Master Server
- cn=Referral
- cn=Schema
- cn=SSL
- cn=Transaction
cn=Configuration
- DN
- cn=Configuration
- Description
- This is the top-level entry in the configuration DIT. It holds data of global interest to the server, although in practice it also contains miscellaneous items. Every attribute in the this entry comes from the first section (global stanza) of ibmslapd.conf.
- Number
- 1 (required)
- Object Class
- ibm-slapdTop
- Mandatory Attributes
- Optional Attributes
cn=Admin
- DN
- cn=Admin, cn=Configuration
- Description
- Global configuration settings for IBM Admin Daemon
- Number
- 1 (required)
- Object Class
- ibm-slapdAdmin
- Mandatory Attributes
- Optional Attributes
cn=Event Notification
- DN
- cn=Event Notification, cn=Configuration
- Description
- Global event notification settings for Directory Server
- Number
- 0 or 1 (optional; needed only if you want to enable event notification)
- Object Class
- ibm-slapdEventNotification
- Mandatory Attributes
- Optional Attributes
cn=Front End
- DN
- cn=Front End, cn=Configuration
- Description
- Global environment settings that the server applies at startup.
- Number
- 0 or 1 (optional)
- Object Class
- ibm-slapdFrontEnd
- Mandatory Attributes
- Optional Attributes
cn=Kerberos
- DN
- cn=Kerberos, cn=Configuration
- Description
- Global Kerberos authentication settings for Directory Server.
- Number
- 0 or 1 (optional)
- Object Class
- ibm-slapdKerberos
- Mandatory Attributes
- Optional Attributes
- None
cn=Master Server
- DN
- cn=Master Server, cn=Configuration
- Description
- When configuring a replica, this entry holds the bind credentials and referral URL of the master server.
- Number
- 0 or 1 (optional)
- Object Class
- ibm-slapdReplication
- Mandatory Attributes
- cn
- ibm-slapdMasterPW (Mandatory if not using Kerberos authentication.)
- Optional Attributes
- ibm-slapdMasterDN
- ibm-slapdMasterPW (Optional if using Kerberos authentication.)
- ibm-slapdMasterReferral
- objectClass
cn=Referral
- DN
- cn=Referral, cn=Configuration
- Description
- This entry contains all the referral entries from the first section (global stanza) of ibmslapd.conf. If there are no referrals (there are none by default), this entry is optional.
- Number
- 0 or 1 (optional)
- Object Class
- ibm-slapdReferral
- Mandatory Attributes
- Optional Attributes
- None
cn=Schemas
- DN
- cn=Schemas, cn=Configuration
- Description
- This entry serves as a container for the schemas. This entry is not really necessary because the schemas can be distinguished by the object class ibm-slapdSchema. It is included to improve the readability of the DIT.
Only one schema entry is currently allowed: cn=IBM Directory.
- Number
- 1 (required)
- Object Class
- Container
- Mandatory Attributes
- Optional Attributes
- None
cn=IBM Directory
- DN
- cn=IBM Directory, cn=Schemas, cn=Configuration
- Description
- This entry contains all the schema configuration data from the first section (global stanza) of ibmslapd.conf. It also serves as a container for all the backends which use the schema. Multiple schemas are not currently supported, but if they were, then there would be one ibm-slapdSchema entry per schema. Note that multiple schemas are assumed to be incompatible. Therefore, a backend can be associated with a single schema only.
- Number
- 1 (required)
- Object Class
- ibm-slapdSchema
- Mandatory Attributes
- Optional Attributes
cn=Config Backends
- DN
- cn=Config Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
- Description
- This entry serves as a container for the Config backends.
- Number
- 1 (required)
- Object Class
- Container
- Mandatory Attributes
- Optional Attributes
- None
cn=ConfigDB
- DN
- cn=ConfigDB, cn=Config Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
- Description
- Configuration backend for IBM Directory server configuration
- Number
- 0 - n (optional)
- Object Class
- ibm-slapdConfigBackend
- Mandatory Attributes
- Optional Attributes
cn=RDBM Backends
- DN
- cn=RDBM Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
- Description
- This entry serves as a container for the RDBM backends. It effectively replaces the database rdbm line from ibmslapd.conf by identifying all sub-entries as DB2 backends. This entry is not really necessary because the RDBM backends can be distinguished by object class ibm-slapdRdbmBackend. It is included to improve the readability of the DIT.
- Number
- 0 or 1 (optional)
- Object Class
- Container
- Mandatory Attributes
- Optional Attributes
- None
cn=Directory
- DN
- cn=Directory, cn=RDBM Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
- Description
- This entry contains all the database configuration settings for the default RDBM database backend.
Although multiple backends with arbitrary names can be created, the Server Administration assumes that "cn=Directory" is the main directory backend, and that "cn=ChangeLog" is the optional change log backend. Only the suffixes displayed in "cn=Directory" are configurable through the Server Administration (except for the change log suffix, which is set transparently by enabling change log).
- Number
- 0 - n (optional)
- Object Class
- ibm-slapdRdbmBackend
- Mandatory Attributes
- Optional Attributes
- ibm-slapdBulkloadErrors
- ibm-slapdChangeLogMaxEntries
- ibm-slapdCLIErrors
- ibm-slapdDBAlias
- ibm-slapdDB2CP
- ibm-slapdDbConnections
- ibm-slapdDbLocation
- ibm-slapdPagedResAllowNonAdmin
- ibm-slapdPagedResLmt
- ibm-slapdPageSizeLmt
- ibm-slapdPlugin
- ibm-slapdReadOnly
- ibm-slapdReplDbConns
- ibm-slapdSortKeyLimit
- ibm-slapdSortSrchAllowNonAdmin
- ibm-slapdSuffix
- ibm-slapdUseProcessIdPw
If you are using ibm-slapdUseProcessIdPw, change the schema to make ibm-slapdDbUserPW optional.
cn=Change Log
- DN
- cn=Change Log, cn=RDBM Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
- Description
- This entry contains all the database configuration settings for the change log backend.
- Number
- 0 - n (optional)
- Object Class
- ibm-slapdRdbmBackend
- Mandatory Attributes
- Optional Attributes
- ibm-slapdBulkloadErrors
- ibm-slapdChangeLogMaxEntries
- ibm-slapdCLIErrors
- ibm-slapdDBAlias
- ibm-slapdDB2CP
- ibm-slapdDbConnections
- ibm-slapdDbLocation
- ibm-slapdPagedResAllowNonAdmin
- ibm-slapdPagedResLmt
- ibm-slapdPageSizeLmt
- ibm-slapdPlugin
- ibm-slapdReadOnly
- ibm-slapdReplDbConns
- ibm-slapdSortKeyLimit
- ibm-slapdSortSrchAllowNonAdmin
- ibm-slapdSuffix
- ibm-slapdUseProcessIdPw
If you are using ibm-slapdUseProcessIdPw, change the schema to make ibm-slapdDbUserPW optional.
cn=LDCF Backends
- DN
- cn=LDCF Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
- Description
- This entry serves as a container for the LDCF backends. It effectively replaces the database ldcf line from ibmslapd.conf by identifying all sub-entries as LDCF backends. This entry is not really necessary because the LDCF backends can be distinguished by the object class ibm-slapdLdcfBackend. It is included to improve the readability of the DIT.
- Number
- 1 (required)
- Object Class
- Container
- Mandatory Attributes
- Optional Attributes
cn=SchemaDB
- DN
- cn=SchemaDB, cn=LDCF Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
- Description
- This entry contains all the database configuration data from the ldcf database section of ibmslapd.conf.
- Number
- 1 (required)
- Object Class
- ibm-slapdLdcfBackend
- Mandatory Attributes
- Optional Attributes
cn=SSL
- DN
- cn=SSL, cn=Configuration
- Description
- Global SSL connection settings for Directory Server.
- Number
- 0 or 1 (optional)
- Object Class
- ibm-slapdSSL
- Mandatory Attributes
- Optional Attributes
- ibm-slapdSslCertificate
- ibm-slapdSslCipherSpec
ibm-slapdSslCipherSpecs is now deprecated. Use ibm-slapdSslCipherSpec instead. If you use ibm-slapdSslCipherSpecs, the server will convert to the supported attribute.
- ibm-slapdSslKeyDatabase
- ibm-slapdSslKeyDatabasePW
cn=CRL
- DN
- cn=CRL, cn=SSL, cn=Configuration
- Description
- This entry contains certificate revocation list data from the first section (global stanza) of ibmslapd.conf. It is only needed if "ibm-slapdSslAuth = serverclientauth" in the cn=SSL entry and the client certificates have been issued for CRL validation.
- Number
- 0 or 1 (optional)
- Object Class
- ibm-slapdCRL
- Mandatory Attributes
- Optional Attributes
cn=Transaction
- DN
- cn = Transaction, cn = Configuration
- Description
- Specifies Global transaction support settings. Transaction support is provided using the plugin:
extendedop /QSYS.LIB/QGLDTRANEX.SRVPGM tranExtOpInit 1.3.18.0.2.12.5 1.3.18.0.2.12.6The server (slapd) loads this plugin automatically at startup if ibm-slapdTransactionEnable = TRUE. The plugin does not need to be explicitly added to ibmslapd.conf.
- Number
- 0 or 1 (optional; required only if you want to use transactions.)
- Object Class
- ibm-slapdTransaction
- Mandatory Attributes
- Optional Attributes
- None
Parent topic:
Directory Server configuration schema