Managing LDAP Metadata

In this section:

When the server accesses a data source, it needs to know how to interpret the data stored there. For each data source the server will access, you create a synonym that describes the structure of the data source and the server mapping of the LDAP data types.


Top of page

x
Mapping Server Metadata and LDAP Schema Definitions

Server metadata is generated from the LDAP schema, which is stored on the LDAP server in a partition separate from the partitions that contain directory objects (which are treated as reported data objects).

Each directory object in the LDAP tree is addressable using a Distinguished Name (DN), which contains the root path from the object up.

The schema defines set of rules that govern the types of objects that can exist in a tree. Each object belongs to an object class that specifies which attributes can be associated with the object. All attributes are based on a set of attribute types that are, in turn, based on a standard set of attribute syntaxes. The schema controls the structure of individual objects as well as the relationships among the objects in the tree. Schema rules allow some objects to contain other, subordinate objects. Thus, the schema gives structure to the tree.

The schema consists of two basic components:

Although LDAP can support many attribute syntaxes (data types), the Adapter for LDAP currently supports only the String data type.

Supported Object class rules are:

An LDAP Entry is the actual data item (object or node) that comprises the LDAP tree. Each entry holds Attributes, which are key=value pairs in which the key can have more than one value. Multi-value attributes are the default. Single-value attributes are denoted with the SINGLE-VALUE keyword in the attributeTypes attribute in the schema.

Server metadata describes a subset of the LDAP tree, starting with the DN passed down to the leaf hierarchical level when a synonym is created. The provided root DN is stored in the Access File.

The Server metadata represents each object in the processed LDAP hierarchy as a segment (whose name is taken from the Object class name), with fields (that are created out of the object attributes).

Master File

LDAP Schema

Segment name

Object class name

Field name

Adjusted Attribute name

Alias

Unadjusted Attribute name

Fields with MISSING=ON

Optional Attributes

The default USAGE and ACTUAL formats are set as A64 unless the size of an attribute is specified by the schema.



x
Creating Synonyms

How to:

Reference:

x

Synonyms define unique names (or aliases) for each LDAP table or view that is accessible from the server. Synonyms are useful because they hide the underlying data source's location and identity from client applications. They also provide support for extended metadata features of the server, such as virtual fields and additional security mechanisms.

Using synonyms allows an object to be moved or renamed while allowing client applications to continue functioning without modification. The only modification required is a redefinition of the synonym on the server. The result of creating a synonym is a Master File and an Access File, which represent the server's metadata.



x
Procedure: How to Create a Synonym

To create a synonym, you must have previously configured the adapter. You can create a synonym from the Applications or Adapters pages of the Web Console.

  1. From the Web Console menu bar, click Applications.

    The Applications page opens.

  2. Click the New button and select Synonym from the drop-down menu.

    The Select adapter to configure or Select connection to create synonym pane opens.

  3. Click a connection for the configured adapter.

    The first of a series of synonym creation panes opens.

  4. Enter values for the parameters required by the adapter as described in the synonym creation parameters reference.
  5. After entering the parameter values, click Create Synonym.

    The Status pane indicates that the synonym was created successfully.

The synonym is created and added under the specified application directory.

Note: You can also create a synonym from the Adapters page by right-clicking a configured adapter connection and selecting Create Synonym.

Note: When creating a synonym, if you choose the Validate check box, the server adjusts special characters and checks for reserved words. For more information, see Validation for Special Characters and Reserved Words.



x
Reference: Synonym Creation Parameters for LDAP

The following list describes the parameters for which you will need to supply values, and related tasks you will need to complete in order to create a synonym for the adapter. These options may appear on multiple panes. To advance from pane to pane, click the buttons provided, ending with the Create Synonym button, which generates the synonym based on your entries.

Processing Modes are SCHEMA FLAT, SCHEMA HIERARCHY, and LDIF:

SCHEMA FLAT

Builds a synonym ignoring the LDAP data tree hierarchy, and produces a Master File with a single segment.

SCHEMA HIERARCHY

Builds a synonym reflecting the LDAP data tree hierarchy supporting two levels of the data tree (root and child), and produces a Master File by mapping selected object classes to segments.

LDIF

Builds a synonym reflecting the complete hierarchy of the LDAP data tree and produces a multisegmented Master File.

Filter by Object Class name

Creates a subset of Object Classes so that only a small list of Object Classes is produced.

Set as Index

Indicates the attribute (field) that can be utilized as the sort attribute for the LDAP API.

Note: Only a single attribute can be used as an Index.

View referenced Object names

Produces a list of Object Classes related by inheritance to the one selected.

Note: Adding referenced Object(s) is optional.

Base DN
  • For SCHEMA FLAT: Is the Distinguished Name (DN) of the LDAP tree entry (node) that is set as a default root for data retrieval.

    Note: While Base DN is optional at the Create Synonym step, it is required for data retrieval, and can be provided in TABLE requests as:

    IF BASEDN EQ 'dc=ibi,dc=com'

  • For LDIF: Is the Distinguished Name (DN) of the LDAP tree entry (node) from which the synonym is created.
Synonym name

Displays the name that will be assigned to the synonyms. To assign a different name, replace the displayed value.

Model DN

Distinguished Name that the adapter uses to retreive list of attributes. It can be any valid DN of the LDAP tree. For example:

uid=pgmtst5,ou=iway,dc=ibi,dc=com

or

ou=iway,dc=ibi,dc=com

By default, it is root DSE:

dc=ibi,dc=com

If this step skipped, all the attributes in the schema are fetched to the list.

Select attributes

Optional attribute selection that allows the user to specify the list of attributes (fields) that are present in the synonym. The user can reduce the size of the Master File by omitting unnecessary attributes.

If this step is skipped, all schema attributes will be present in the synonym.

Note that if all attributes are selected, the effect is the same as if no attributes are selected. For example, all available attributes in the schema will be present in the synonym.

Validate

Select the Validate check box if you wish to convert all special characters to underscores and perform a name check to prevent the use of reserved names. (This is accomplished by adding numbers to the names.) This parameter ensures that names adhere to specifications. See Validation for Special Characters and Reserved Words for more information.

When the Validate option is unchecked, only the following characters are converted to underscores: '-'; ' '; ' \'; '/'; ','; '$'. No checking is performed for names.

Make unique

Select the Make unique check box if you wish to set the scope for field and group names to the entire synonym. This ensures that no duplicate names are used, even in different segments of the synonym. When this option is unchecked, the scope is the segment.

Application

Select an application directory. The default value is baseapp.

Prefix/Suffix

If you have tables with identical table names, assign a prefix or a suffix to distinguish them. For example, if you have identically named human resources and payroll tables, assign the prefix HR to distinguish the synonyms for the human resources tables. Note that the resulting synonym name cannot exceed 64 characters.

If all tables and views have unique names, leave the prefix and suffix fields blank.

Overwrite Existing Synonyms

To specify that this synonym should overwrite any earlier synonym with the same fully qualified name, select the Overwrite existing synonyms check box.

Note: The connected user must have operating system write privileges in order to recreate a synonym.



x
Reference: Guidelines for Manually Editing an LDAP Master File

If you wish to delete non-essential information from a generated synonym, you can manually edit the Master File using the following editing guidelines:



x
Reference: Managing Synonyms

Once you have created a synonym, you can right-click the synonym name in the Adapter navigation pane of either the Web Console or the Data Management Console to access the following options.

Option

Description

Open

Opens the Master File for viewing and editing using a graphical interface. If an Access file is used it will be also available.

Edit as Text

Enables you to view and manually edit the Master File synonym.

Note: To update the synonym, it is strongly recommended that you use the graphical interface provided by the Open option, rather than manually editing the Master File.

Edit Access File as Text

Enables you to view and manually edit the Access File synonym.

Note: This option is available only when an Access File is created as part of the synonym.

Sample Data

Retrieves up to 20 rows from the associated data source.

Data Profiling

Data Profiling provides the data characteristics for synonym columns.

Alphanumeric columns provide the count of distinct values, total count, maximum, minimum, average length, and number of nulls.

Numeric columns provide the count of distinct values, total count, maximum, minimum, average value, and number of nulls.

Refresh Synonym (if applicable)

Regenerates the synonym. Use this option if the underlying object has been altered.

Data Management

Followed by these options, if applicable:

Recreate DBMS Table. Recreates the data source table. You are asked to confirm this selection before the table is regenerated. (Note that the table will be dropped and recreated. During the process, data may be lost.)

Delete All Data. Deletes all existing data. You are asked to confirm this selection before the data is deleted.

Insert Sample Data. Inserts specified number of sample records, populating all fields with counter values.

Reorganize. Recreates the data source table preserving original data.

Note: This option is not available in the Web Console.

Impact Analysis

Generates reports on procedures, synonyms, and columns that provide information on the flows/stored procedures available on a particular server, and the synonyms and columns they use. These reports enable you to evaluate changes before they are made by showing which components will be affected. See the Server Administration for UNIX, Windows, OpenVMS, IBM i, and z/OS manual for details about Impact Analysis reports.

Copy

Copies the synonym to the clipboard.

Delete

Deletes the synonym. You are asked to confirm this selection before the synonym is deleted.

Cut

Deletes the synonym and places it on the clipboard.

Properties

Displays the properties of the synonym, including physical location, last modified date, description, and privileges.


iWay Software