DB 문서들
DSN 갤러리
LDAP Q&A 2315 게시물 읽기
No. 2315
DAP의 연산자 설명좀 해주셔요
2007-01-15 14:05ⓒ
2007-01-15 16:15ⓜ

제가 DAP과 LDAP에 대해서 배우고 있는 학생인데요. 아직 잘 몰라서요. 지금 DAP에 대해서 공부를 하고 있는데 인터넷 검색을 해도 명쾌한 답변이 없어서 이렇게 글을 올립니다.

제가 알고싶은건 DAP의 연산자인데 일단 DAP의 연산자의 종류에 대해선 파악을 했지만 각 연산자에 대한 기본이해가 아직 안된 상태입니다. 자료도 없구요. 그래서 저의 추리로(?)

각 연산자에 대한 설명을 제가 달아보겠습니다. 틀리거나 추가할 설명이 있으시면 좀 설명좀 해주셨으면 합니다. 

질의관련 : read - 사용자가 검색한 디렉토리 정보를 읽을수 있는 연산자 
               list - 잘 모르겠습니다.
               seaarch - 사용자가 디렉토리의 정보를 검색하는 것
               compare - 비교연산자라는 것은 알겠는데 뭘 비교한다는건지 모르겠습니다.

수정관련 : addEntry - DIT에서 엔트리를 추가하는 연산자
               removeEntry - DIT에서 엔트리를 제거하는 연산자(만약 엔트리를 삭제하면 그 엔트리에 대한 하위엔트리도 다 삭제되나요?)
               modifyEntry - DIT에서 엔트리를 수정하는 연산자(엔트리의 무엇을 수정하는지 모르겠습니다.)
               addAttribute - 엔트리를 구성하는 attribute중 attribute type을 추가하는 연산자
               addAttributeValue - 엔트리를 구성하는 attribute중 attribute value를 추가하는 연산자
               removeAttribute - attribute 속성을 지우는 연산자 (만약에 이게 맞다면 attribute 속성을 지우면 그에 대한 값들도 다 지워야 하지 않나요?)
               removeAttributeValue - attribute 값을 지우는 연산자
               add(new) - LDAP과의 비교하는 자료를 보니 replace로 되있던데 이건 잘 모르겠습니다. 
               remove(old) - 이것도 잘 모르겠습니다.
               modifyDN - 고유식별자 이름을 수정하는 연산자

이 글에 대한 댓글이 총 2건 있습니다.

회사에 이과장님 있으시죠 그분에게 물어보면 다 잘 알겁니다. 
그럼 공부 열심히 하세요. 

The Bind and Unbind Operations

The Interrogation Operations

The Read Operation

The Read operation is used to read information from one specific directory entry. The input arguments are a purported name and an indication of which information is to be read. The latter argument enables the user to specify whether all the information is to be read, or just a subset of the attribute types and values held in the entry.

The result of the operation normally yields the distinguished name of the entry, plus the requested attribute types and values.

The Compare Operation

The Compare operation is used to compare a user presented attribute value with those actually existing in the entry. The input arguments are a purported name, and a purported attribute value. The operation result returns a True or False indication, signifying whether or not the attribute value is actually present in the target entry. Compare is usually used to check the value of the user password attribute (Chapter 7).

The List Operation

The List operation is used to list the immediate subordinates of an entry. The input argument is a purported name. The result of the operation returns the relative distinguished names of the subordinates. The List operation is used to browse through the DIT, and to discover which entries are below other entries in the DIT, for example, to find the names of all the people resident in an organisational unit.

The Search Operation

The Search operation is used to search portions of the DIT, and to return selected information about selected entries. It is potentially a very powerful operation, and allows users to find entries that match a chosen set of criteria. The input arguments identify amongst other things: the base entry from which the search is to start, the portion of the DIT to be searched, the criteria (filter) for selecting entries, and what information should be returned from the selected entries.

The base entry argument is a purported name. The portion of DIT to be searched may be one of: the base entry only, or only the immediate subordinates of the base entry, or the base entry plus its entire subtree. The filter applies certain tests to an entry to determine if it is selected or not. The tests are applied to attributes within the entry, and test for such things as: if an attribute type is present, or if an attribute value lies within a given range. Finally, how much entry information should be returned is specified. This can be all the information, or just a specified subset of attribute types and values.

The result returns the name of every selected entry along with the requested entry information. Under certain circumstances (§ 5.10.3), the result may be incomplete. In this case, embedded referrals to other DSAs will be returned in place of the names of the entries.

The Abandon Operation

The Abandon operation allows the user to abandon any of the above interrogation operations, if they are no longer interested in obtaining the result. The abandon operation has just one argument, which identifies the operation to be abandoned. If the abandon operation succeeds, the operation that has been abandoned will return an error diagnostic instead of a normal result. However, the abandon operation is not guaranteed to always work, and the Directory may refuse (fail) the abandon request, e.g. a DSA may not wish, or be able, to abandon an operation which has already been chained to other DSAs. In this case the original operation will complete as normal, and the abandon operation will return an error

The Modification Operations

The AddEntry Operation

The AddEntry operation allows a leaf entry to be added to the DIT. The DIT is thus built up from the root of a naming context, downwards.
Note that this is the standardised method of building the DIT. Most Implementations add proprietary interfaces for bulk loading the DIT from other corporate databases.
Entries cannot be inserted into the middle of a branch, since this would affect the distinguished names of all of the subordinate entries. (Note however, that the ModifyDN operation affectively allows non-leaf insertions and deletions.)

The operation arguments contain the name of the new entry (distinguished name in '88 edition systems), plus its associated attributes. Any type of entry may be added: an object entry, an alias entry or a subentry.

The RemoveEntry Operation

The RemoveEntry operation allows a leaf entry to be deleted from the Directory. The operation argument contains the distinguished name of the entry to be removed. Any type of entry may be removed, but in order to remove a non-leaf entry, all its subordinates have to be removed first. In this way the tree is eaten away leaf by leaf.

The ModifyRDN Operation

This operation, which is only available to '88 edition systems, is used to change the relative distinguished name of a leaf entry. The operation arguments are the distinguished name of the entry, the new RDN, and an indication of whether or not the old RDN attribute values should be deleted from the entry. ModifyRDN provides no capability for restructuring the DIT. '88 edition DSAs will have to provide this facility via a proprietary mechanism.

The ModifyDN Operation

The ModifyRDN operation obviously has many restrictions, for example, how do you rename a non-leaf entry? Consequently, its scope has been considerably enhanced in the '93 Standard, and it has been given a new name to signify this difference. The ModifyDN operation is capable of renaming leaf and non-leaf entries, and of moving subtrees to new positions in the DIT. The operation can therefore help in restructuring the DIT to reflect new organisational structures.

The operation arguments comprise of the distinguished name of the entry to be renamed, the new RDN, and the distinguished name of the new superior entry in the DIT (optional). The standard places restrictions on the operation when it is used to move subtrees. In this case, all the affected entries must be in the same DSA (§ 5.16), otherwise proprietary mechanisms will still be needed.

The ModifyEntry Operation

This operation allows the contents of an entry to be modified, by adding new attributes and attribute values to, and by deleting existing attributes and attribute values from, the entry's contents. Any number of modifications may be specified in one operation, but all must succeed, or none will be made. In other words, the operation is atomic. Note that you are not allowed to modify the distinguished attribute values (i.e. the RDN) of the entry by this operation

송상준(sjsong)님이 2007-01-17 23:52에 작성한 댓글입니다.
이 댓글은 2007-01-18 00:08에 마지막으로 수정되었습니다.

헉... 감사합니다. (__)

윤상원님이 2007-01-18 16:36에 작성한 댓글입니다. Edit
2319ldapsearch 에서 데이타를 찾을 수가 없습니다만; [2]
2317아래글에 이어서... [2]
2316LDAP에서 CRL 관련 질문입니다. [5]
2315DAP의 연산자 설명좀 해주셔요 [2]
2313ldap 자료나 사이트점 알려주세요 [2]
2312버클리 db에 대한 질문입니다. [1]
2311요즘 LDAP을 열심히 보고 있지요 [2]
Valid XHTML 1.0!
All about the DATABASE... Copyleft 1999-2021 DSN, All rights reserved.
작업시간: 0.044초, 이곳 서비스는
	PostgreSQL v13.3으로 자료를 관리합니다