Directory Service Terminology

[This is preliminary documentation and subject to change.]

Attribute

Attributes, or properties, are data items used to describe the objects that are represented by the classes definedin the schema. Attributes are defined in the schema separately from the classes; this allows a single attribute definition to be applied to many classes. For example, "Description" is an attribute that can be applied to any class in the schema. The "Description" attribute is defined once in the Schema, assuring consistency, rather than having a different definition for "Description" of a User and "Description" of a Printer.

Attribute Instance

An occurence of an attribute that is defined in the Schema. This term is used to distinguish betwen the definition of an attribute and a discrete occurance of the attribute. For example, storing a User object for "James Smith" with the common-name attribute set to "James Smith" creates an instance of common-name.

Class

A Class is a formal description of a discrete, identifiable type of object that can be stored in the DS. For example, User, Print-Queue, and Group are all classes.

Class Instance

An occurence of an Class that is defined in the Schema. This term is used to distinguish betwen the definition of a class and a discrete occurance of the class. For example, storing a User object for "James Smith" in the DS creates an instance of User.

Content Rules

Content rules define the possible contents of the class instances stored in the DS. In the NTDS the content rules are completely expressed by the must-have and may-have attributes of the schema definitions for each class.

Derivation

See Inheritance.

Directory Information Tree

The Directory Information Tree, or "DIT" is the directory itself, represented as a tree structure in which the vertices are the directory entries (class instances) and the connecting lines the parent-child relationships between the entries.

DIT

See Directory Information Tree.

Inheritance

Inheritance is the ability to build new object classes from existing object classes. The new object is defined as a subclass of the parent object. The parent object becomes a superclass of the new object. A subclass inherits the attributes of the parent, including structure rules and content rules.

LDAP

The Lightweight Directory Access Protocol. The standard Internet communications protocol used to communicate with the NTDS. Both Version 2 and Version 3 of LDAP are supported.

Object

The unit of storage in the DS. DS "objects" are not to be confused with "COM Objects" or other Object-oriented system objects, which have an executable component and run-time behavior. DS Objects consist only of data. A DS object is defined by a Class-Schema object and a group of Attribute-Schema objects referenced by the Class-Schema object.Class-Schema and Attribute-Schema objects are themselves DS Objects, and have definitions in the schema like any other objects. See Class.

Object Identifier

Object Identifiers are unique numeric values, issued by various "Issuing Authorities" to uniquely identify data elements, syntaxes, and various other parts of distributed applications. OIDs are found in OSI applications, X.500 Directories, SNMP, and other applications where uniqueness is important. OIDs are based on a tree structure, in which a superior issuing authority (such as the ISO) allocates a "branch" of the tree to a subauthority, who in turn can allocate sub-branches. OIDs in the NTDS include some issued by the ISO for X.500 classes and attributes, and some issued by Microsoft. OID notation is a dotted string of numbers, for example 1.2.840.113556.1.5.4, which breaks down as follows:

1	ISO	The root authority. Issued 1.2 to ANSI
2	ANSI	Issued 1.2.840 to USA
840	USA	Issued 1.2.840.113556 to Microsoft
113 556	Microsoft	Microsoft internally manages several OID branches under 1.2.840.113556
1	Microsoft DS
5	NTDS Classes
4	Built-in Domain

OID

See Object Identifier.

Schema

The Schema contains a formal definition of the Directory Service contents and structure. The schema defines all attributes and classes. For each class, the possible superior, must-have, and may-have properties are defined. "Possible superiors" defines the possible tree structures for the DS by specifying what classes can be the parent for any given class. Must-have and May-have list the attributes for a class that must be present to store the class and what additional attributes may optionally be present.

Structure Rules

Structure rules define the possible tree structure(s). In the NTDS, the structure rules are completely expressed by the Poss-superiors attribute present on each Class-Schema object. See Schema.

Subclass

A Class-Schema object that inherits from some other Class-Schema object. See Inheritance.

Superclass

A Class-Schema object from which one or more other Class-Schema objects inherit. See Inheritance.

Tree

See Directory Information Tree.

X.500

A family of standards developed jointly by the ISO and ITU (formerly known as the CCITT) that specify the naming, information representation, and communications protocols for a directory service.