Active Directory, OpenLDAP or Apple's Open Directory have different schemas for holding user info and group membership. Having a Open Directory here I can say for example that user's Distinguished Name is attribute dn
, while it seems to be distinguishedName
for AD.
Is there a site that references how the main DS hold the info, and if not why not start to list them here? I searched for it but couldn't find it.
I'm looking for the following:
- User
- distinguished name
- email address
- username (aka login)
- real name (aka full name)
- Group
- member list
You would have to look at documentation from each vendor, and your own internal documentation as well.
LDAP schemas can be (and often are) extensively customized to meet local needs.
For AD
MSDN Topic (includes a list of classes/attributes)
For Open Directory/OS X
There's a whole sub-chapter on Open Directory
LDAP In General
This page has a good list - See in particular:
RFC 2256 (LDAP Schema)
RFC 2307 (LDAP as a Network Information Service
RFC 4519 (Even More LDAP Schema Extensions)
If you use
sudo
there are LDAP extensions for that too