OpenDJ: Adding your data, part I

OpenDJ logo When you install OpenDJ, you can create a base DN and import your LDIF data right away. But what if you skip that step?

You can use OpenDJ Control Panel or the command-line tools to create a new suffix — more on those in subsequent posts. But what are you actually doing?

OpenDJ stores data in what are called backends. Typically you store your data in a JE backend, which uses a Berkeley DB Java Edition underneath for data storage.

Before you add data to the directory, you must create a backend, and configure the associated suffix by indicating its base Distinguished Name (base DN). A distinguished name (DN) is an LDAP term, referring to the unique name of a directory entry, the name that distinguishes the entry from all other entries in the directory. An example of a distinguished name is uid=bjensen,ou=people,dc=example,dc=com. As directory data is seen hierarchically, uid=bjensen,ou=people,dc=example,dc=com is seen as being under ou=people,dc=example,dc=com, which itself is under dc=example,dc=com.


OpenDJ Control Panel browser shows the data this way, too. The DN at the top of the hierarchy is the base DN. We refer to a directory suffix by its base DN. The base DN is literally the suffix of all other DNs beneath it in the hierarchy. For example, dc=example,dc=com is the suffix of uid=bjensen,ou=people,dc=example,dc=com and also of ou=people,dc=example,dc=com.

OpenDS backends are named differently from the suffixes they hold. If you recall when you install OpenDJ, you have the option to create a base DN. The default is to create the base DN dc=example,dc=com stored in a backend named userRoot (to distinguish it from another default backend named adminRoot).* That lets you import the entry with DN dc=example,dc=com and all the test entries underneath right away.

But that default does not help if your base DN is dc=myCompany,dc=com or o=myOrg. Stay tuned for further entries that show you how to add directory data for, and for o=myOrg.

*The dc=example,dc=com is safe as a default because, while fine for testing, it cannot clash with real data that exist. The dc is short for domain component. Thus, dc=example,dc=com maps to, like, and, are reserved for documentation and cannot be registered publicly.



Filed under Directory Services and LDAP

2 responses to “OpenDJ: Adding your data, part I

  1. Pingback: OpenDJ: Adding your data, part III | Margin Notes 2.0

  2. Pingback: OpenDJ: Adding your data, part II | Margin Notes 2.0

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s