Filter
Top Products
Figure 1-1 Flow of an Open Directory request
Request
Response
Open Directory client
DirectoryServices daemon
Open Directory plug-ins
The Open Directory programming interface identifies the basic features that are common to many directory
services and provides the functions necessary to support the development of high-quality applications that
can work with a wide range of dissimilar directory services.
Nodes
From the viewpoint of Open Directory, a directory service is a collection of one or more nodes, where a node
is a place that can be searched for information. Each NetInfo database in a hierarchy and each LDAP service
configured by the Directory Access tool is a separate node. The following rules apply to nodes.
■ A node is either the root of a directory or a child of another node.
■ A registered node is a node that an Open Directory plug-in has registered with Open Directory or that
an administrator has registered using the Directory Access tool.
■ A node is a collection of records and child nodes.
■ A record can belong only to one node.
■ A record has a type and can be of no more than one type. Examples of record types include user records
and group records.
■ A record has a name and type that together make the record unique within its node. For example, there
can’t be two user records that have the name “admin,” but there can be a user record named “admin”
and a group record named “admin” within the same node.
■ Nodes and records can contain any number of attributes.
■ An attribute can have a value. Certain attributes can have more than one value.
■ An attribute value is arbitrary data whose structure is unknown to the Open Directory programming
interface. Open Directory clients are responsible for interpreting the value of any particular attribute.
Figure 1-2 (page 11) shows how Open Directory and the Open Directory LDAPv3 and NetInfo plug-ins might
locate nodes over a network.
10
Open Directory Overview
2007-01-08 | © 2007 Apple Inc. All Rights Reserved.
CHAPTER 1
Concepts