Light Weight Directory Access Protocol (LDAP) has become very popular due to its efficient and fast data access. A large number of applications/services are currently being developed which use an LDAP directory as their centralized data repository.
The LDAP directory stores entries as a tree. Each entry may consist of one or more attribute names and attribute values. An entry may be uniquely identified by its distinguished name (DN) that may include a common name (cn) attribute of the entry and DN of a parent entry.
Typically, an LDAP directory server adds entries to the LDAP directory in response to requests received from various clients. In particular, each time a user of a client device wants to add an entry to the LDAP directory, the client has to submit a request to the LDAP directory server specifying a desired entry. For example, if a system administrator wants to add an LDAP entry for person A and an entry for a private group of person A, the system administrator has to request the addition of both entries and has to separately specify attributes for each entry, even tough many of these attributes are identical (e.g., the user name and user ID). If the system administrator sends a request to change some attributes in the entry of person A, the system administrator has to remember to also request a change of the corresponding attributes in the corresponding private group entry.