Glossary
- access control list
- See ACL.
- ACL
- Access control list. Netscape's mechanism for controlling access to your directory.
- attribute
- Holds descriptive information about an entry. Attributes have a label and a value. Each attribute also follows a standard syntax for the type of information that can be stored as the attribute value.
- attribute list
- A list of required and optional attributes for a given entry type or object class.
- authentication
- 1. Process of proving the identity of the client user to the Directory Server. Users must provide a bind DN and the corresponding password in order to be granted access to the directory. The Directory Server allows the user to perform functions or access files and directories based on the permissions granted to that user by the directory administrator.
- 2. Allows a client to make sure they are connected to a secure server, preventing another computer from impersonating the server or attempting to appear secure when it is not.
- authentication certificate
- Digital file that is not transferable and not forgeable and is issued by a third party. Authentication certificates are sent from server to client or client to server in order to verify and authenticate the other party.
- bind DN
- Distinguished name used to authenticate to the Directory Server when performing an operation.
- browser
- Software, such as Netscape Navigator, used to request and view World Wide Web material stored as HTML files. The browser uses the HTTP protocol to communicate with the host server. Also known as a client program.
- CA
- See Certification Authority.
- Certification Authority
- Company or organization that sells and issues authentication certificates. You may purchase an authentication certificate from a Certification Authority that you trust. Also known as a CA.
- CGI
- Common Gateway Interface. An interface for external programs to communicate with the HTTP server. Programs written to use CGI are called CGI programs or CGI scripts, and can be written in many of the common programming languages. CGI programs handle forms or perform output parsing that is not done by the server itself.
- ciphertext
- Encrypted information that cannot be read by anyone without the proper key to decrypt the information.
- client
- See LDAP client.
- consumer
- Server containing replicated directory trees or subtrees from a supplier server.
- Directory Server gateway
- A collection of CGI forms that allows a browser to perform LDAP client functions, such as querying and accessing a Directory Server, from a web browser.
- directory service
- A database application designed to manage descriptive, attribute-based information about people and resources within an organization.
- distinguished name
- String representation of an entry's name and location in an LDAP directory.
- DNS
- Domain Name System. The system used by machines on a network to associate standard IP addresses (such as 198.93.93.10) with hostnames (such as www.netscape.com). Machines normally get the IP address for a hostname from a DNS server, or they look it up in tables maintained on their systems.
- DNS alias
- A DNS alias is a hostname that the DNS server knows points to a different host--specifically a DNS CNAME record. Machines always have one real name, but they can have one or more aliases. For example, an alias such as
www.[yourdomain].[domain] might point to a real machine called realthing.[yourdomain].[domain] where the server currently exists.
- file extension
- The section of a filename after the period or dot (.) that typically defines the type of file (for example, .GIF and .HTML). In the filename
index.html the file extension is html.
- file type
- The format of a given file. For example, graphics files are often saved in GIF format, while a text file is usually saved as ASCII text format. File types are usually identified by the file extension (for example, .GIF or .HTML).
- gateway
- See Directory Server gateway.
- hostname
- A name for a machine in the form machine.domain.dom, which is translated into an IP address. For example, www.netscape.com is the machine www in the subdomain netscape and com domain.
- HTML
- Hypertext Markup Language. The formatting language used for documents on the World Wide Web. HTML files are plain text files with formatting codes that tell browsers such as the Netscape Navigator how to display text, position graphics and form items, and display links to other pages.
- HTTP
- Hypertext Transfer Protocol. The method for exchanging information between HTTP servers and clients.
- HTTPD
- An abbreviation for the HTTP service, a program that serves information using the HTTP protocol. The service is often called an httpd.
- HTTP-NG
- The next generation of Hypertext Transfer Protocol.
- HTTPS
- A secure version of HTTP, implemented using the Secure Sockets Layer, SSL.
- IP address
- Internet Protocol address. A set of numbers, separated by dots, that specifies the actual location of a machine on the Internet (for example, 198.93.93.10).
- LDAP
- Lightweight Directory Access Protocol. Directory service protocol designed to run over TCP/IP and across multiple platforms.
- LDAP client
- Software used to request and view LDAP entries from an LDAP Directory Server. See also browser.
- LDAP Data Interchange Format
- See LDIF.
- LDIF
- LDAP Data Interchange Format. Format used to represent Directory Server entries in text form.
- Lightweight Directory Access Protocol
- See LDAP.
- MD5
- A message digest algorithm by RSA Data Security, Inc., which can be used to produce a short digest of data, that is unique with high probability, and is mathematically extremely hard to produce a piece of data that will produce the same message digest.
- MD5 signature
- A message digest produced by the MD5 algorithm.
- ns-slapd
- Netscape's LDAP Directory Server service that is responsible for all actions of the Directory Server. See also slapd.
- object class
- Defines an entry type in the directory by defining which attributes are contained in the entry.
- protocol
- A set of rules that describes how devices on a network exchange information.
- public-key encryption
- Encryption that uses two keys: a public key for encrypting data, and a private key for decrypting data. Someone sending you encrypted information encrypts it using your public key. The information can then only be decrypted using your private key.
- RAM
- Random access memory. The physical semiconductor-based memory in a computer. Information stored in RAM is lost when the computer is shut down.
- RDN
- Relative distinguished name. The name of the actual entry itself, before the entry's ancestors have been appended to the string to form the full distinguished name.
- replication
- Act of copying directory trees or subtrees from supplier servers to consumer servers.
- RFC
- Request For Comments. Procedures or standards documents submitted to the Internet community. People can send comments on the technologies before they become accepted standards.
- schema
- Definitions describing what types of information can be stored as entries in the directory. When information that does not match the schema is stored in the directory, clients attempting to access the directory may be unable to display the proper results.
- schema checking
- Ensures that entries added or modified in the directory conform to the defined schema. Schema checking is on by default and users will receive an error if they try to save an entry that does not conform to the schema.
- Secure Sockets Layer
- See SSL.
- server daemon
- The server daemon is a process that, once running, listens for and accepts requests from clients.
- server service
- The server service is a process that, once running, listens for and accepts requests from clients.
- Server Manager
- A collection of forms that allow you perform administrative management of your Directory Server with a browser.
- server root
- A directory on the server machine dedicated to holding the server program and configuration, maintenance, and information files.
- Server Selector
- Interface that allows you select and configure servers using a browser.
- service
- A background process on a WinNT machine that is responsible for a particular system task. Service processes do not need human intervention to continue functioning.
- slapd
- LDAP Directory Server service that is responsible for most functions of a directory except replication. See also ns-slapd.
- SSL
- Secure Sockets Layer. A software library establishing a secure connection between two parties (client and server) used to implement HTTPS, the secure version of HTTP.
- supplier
- Server containing the master copy of directory trees or subtrees that are replicated to consumer servers.
- symmetric encryption
- Encryption that uses the same key for both encrypting and decrypting.
- TCP/IP
- Transmission Control Protocol/Internet Protocol. The main network protocol for the Internet and for enterprise (company) networks.
- URL
- Uniform Resource Locator. The addressing system used by the server and the client to request documents. It is often called a location. The format of a URL is
[protocol]://[machine:port]/[document]. The port number is necessary only on selected servers, and it is often assigned by the server, freeing the user of having to place it in the URL.
- A sample URL is
http://www.netscape.com/index.html.
- X.500 standard
- The set of ISO/IEC documents outlining the standard object classes, attributes, and LDAP protocols to be used in directory server creation and management.
-