Data model

The LDAP data model is closely aligned with the X.500 data model. In this model, a Directory Service provides a hierarchically organized set of entries. Each of these entries is represented by an object class (or set of object classes). The object class of the entry determines the set of attributes that are required to be present in the entry including the set of attributes that can optionally appear in the entry. An attribute is represented by an attribute type and one or more attribute values. In addition to the attribute type and values, each attribute has an associated syntax that describes the type of the attribute values. Examples of attribute syntaxes include Directory String and Octet String.

To summarize, the directory is made up of entries. Each entry contains a set of attributes. These attributes can be single or multi-valued (have one or more values that are associated with them). The object class of an entry determines the set of attributes that must and the set of attributes that might exist in the entry.

In XDS/XOM, a complex set of arrays of structures is used to represent a directory entry. In LDAP, this is simplified. With the LDAP API, a set of C language utility routines is used to extract attribute type and value information from directory entry information that is returned from an LDAP search operation. Unlike XDS/XOM, attribute values are provided to the calling program in either null-terminated character string form or in a simple structure that specifies a pointer and a length value. Furthermore, attribute types are provided to the program as null-terminated character strings instead of object identifiers.