Naming rules and the LDAP service

Naming rules affect how the LDAP service processes LDAP search operations and LDAP write and compare operations. Naming rules also define naming contexts for the LDAP service.

How naming rules affect LDAP search operations

About this task

An LDAP client can specify a search base when searching a directory. A search base limits the scope of a search by specifying a point in the directory tree at which to begin. You use naming rules to define a search base for a directory. If an LDAP client specifies a search base, the LDAP service searches an Domino® Directory or Extended Directory Catalog configured in directory assistance only if the directory has a naming rule that matches the search base. For example, if an LDAP client specifies the search base ou=sales,o=renovations, the LDAP service searches only Notes® directories that have rules such as:

*/ */ */ */ */ *

*/ */ */ */ renovations/ *

*/ */ */ sales/ renovations/ *

but not Notes® directories with rules such as:

*/ */ */ mktg/ renovations/ *

*/ */ */ */ org2/ *

*/ */ */ */ renovations/ us

Note: You can't define a search base for the primary Domino® Directory.

If the LDAP service can't find the information for which an LDAP client is searching in its primary Domino® Directory, a condensed Directory Catalog, or a Domino® Directory or Extended Directory Catalog configured in a directory assistance database, it can refer the client to a remote LDAP directory.

By default, the LDAP service can refer a client to one LDAP directory only. If the client specifies a search base, the LDAP service refers the client only to an LDAP directory that is enabled for LDAP clients and has a naming rule that matches the search base. If there is more than one such directory, the LDAP service refers the client to the one with the lowest search order.

If the client doesn't specify a search base, the LDAP service refers the client to an LDAP directory that is enabled for LDAP clients, and if there is more than one, it refers the client to the one assigned the lowest search order.

If there is more than one host name specified in the Directory Assistance document for the LDAP directory that the LDAP service picks for a referral, the LDAP service refers the client to the first host name listed.

If you increase the number of referrals the LDAP service can return to a client, the LDAP service follows the logic described in the preceding section to pick the first directory referral. If there is more than one host name specified in the Directory Assistance document for this directory, the LDAP service uses the additional host name(s) as the additional referral(s), up to the maximum number of referrals the LDAP service configuration allows. If there is no additional host name specified for the first directory picked for referrals, then LDAP service can refer the client to an LDAP directory with a different Directory Assistance document.

Naming rules as LDAP naming contexts

About this task

Some LDAP client applications, for example the IBM® WebSphere® Application Server, can discover naming contexts configured for an LDAP directory server by searching the directory server's root directory server entry (DSE). When an LDAP user doesn't specify a search base, these applications can use the naming contexts configured on the server to contruct one to apply to the LDAP client searches.

The LDAP service uses naming rules configured in the directory assistance database to define naming contexts in its root DSE.