The virtual explosion of technical advances in microelectronics, digital computers and software have changed the face of modern society. In fact, these technical advances have become so important and pervasive that this explosion is sometimes referred to as “The Information Revolution.” Through telephone lines, networks, satellite communications and the like, information and resources are ever increasingly being accessed and shared.
One mechanism used to organize, store, search, edit, and retrieve information and resources on a computer is through a directory. A directory contains a collection of objects, sometimes referred to as identities, with associated attributes or properties. For example, an directory object could be a User object that represents a human user. Beyond representing users, objects can represent things that humans relate to when dealing with computers. For instance, some typical objects might represent printers, print queues, files, resources, computers, and the like. In addition, objects can represent non-computer related things such as countries, companies, organizations, departments, buildings, and the like. Furthermore, objects can be organizational in nature to group other objects together. As one with ordinary skill in the art will readily appreciate, objects can represent virtually anything, whether imaginary or real.
A directory object has a variety of associated attributes. For instance, a user object may have attributes such as Given Name, Last Name, Title, Location, Telephone Number, Description, Authentication, Login Name, etc. In most cases, an object attribute will have associated attribute data. For example, the value for the attribute “Given Name” might be “George”. An attribute is usually based on an attribute type, which has an attribute syntax. The data which can be entered as a value associated with the attribute is dictated by the attribute syntax. For instance, some typical attribute types include Back Link, Boolean, Case Exact String, Case Ignore List, Case Ignore String, Class Name, Counter, Distinguished Name, E-mail Address, Facsimile Telephone Number, Hold, Integer, Interval, Net Address, Numeric String, Object ACL, Octet List, Octet String, Path, Postal Address, Printable String, Replica Pointer, Stream, Telephone Number, Time, Timestamp, Typed Name, and Unknown. Each of these attribute types has a predetermined attribute syntax or data structure appropriate for the type of data that will be entered as a value.
In many cases, the structure of a directory is governed by a schema. The schema defines the rules for adding and managing objects and object attributes in a directory. For instance, a schema can be specified through a data dictionary that provides a standard set of data types or classes from which objects can be created. In such a case, each object in the directory belongs to a class that specifies which attributes are associated with the object. In other words, an object is of a particular type and is created from a corresponding class. For example, a User object would be created from a User class, a Printer object would be created from a Printer class, etc. An object created from a class is sometimes referred to as being “instantiated” from the class, wherein the object is referred to as an “instance” of the class. Generally, such schemas are extensible so that they may be tailored to modify existing classes or add new classes.
Beyond controlling the structure of the directory objects, the schema may also control the relationship among the objects in the directory. In controlling this relationship, the schema may specify subordination among object classes. For instance, for every object there can be a group of classes from which subordinate objects can be formed. Objects that contain other objects are called container objects, which are the building blocks of the hierarchal relationship of objects in the directory. Objects that cannot contain other objects are known as non-container or leaf objects. As such, the combination of container and leaf objects can be arranged in a tree-like structure representing the hierarchal relationship of the various objects. Directories that include such schemas are sometime referred to as hierarchal directories.
There are a variety of types, formats and standards for directories. For example, some directories are compliant with the Lightweight Directory Access Protocol (“LDAP”). LDAP is a protocol used to access a directory. One common use for LDAP compliant directories is in conjunction with Web browsers and e-mail programs, however, LDAP directories are used in a variety of other applications as well. Another example is X.500 directories, which are hierarchal directories that use the Directory Access Protocol (“DAP”) to access such directories. Beyond these two limited examples, a variety of other types of directories are currently known to one with ordinary skill in the art. Moreover, additional types of directories will undoubtably emerge in the future. Some current examples of directories include Novell Directory Services “NDS”, Novell's eDirectory, Oracle Databases, Netscape's Directory Server and Planet Directory Server, Microsoft's Active Directory, IBM's SecureWay Directory.
Sometimes, the directories on various computers are coordinated to provide a larger directory, which is sometimes referred to as a distributed directory. Generally speaking, a distributed directory spans and is shared by multiple networked servers wherein the objects in the directory are synchronized between the various servers, although a single server can also maintain a distributed directory. While distributed directories are often used with client/server networks, they are not necessarily limited to the context of such networks. Information on the distributed directory can be created, read, modified, and shared by other networked nodes, such as client computers or other servers, assuming such nodes have appropriate access rights to the distributed directory.