LDAP schemas

Client connection data is stored in a global repository called the LDAP (Lightweight Directory Access Protocol) directory. An IBM® MQ client uses an LDAP directory to obtain the connection definitions. The structure of the IBM MQ client connection definitions within the LDAP directory is known as the LDAP schema. An LDAP schema is the collection of attribute type definitions, object class definitions, and other information which a server uses to determine whether a filter or attribute value assertion matches against the attributes of an entry, and whether to permit, add, and modify operations.

Storing data in the LDAP directory

The client connection definitions are located under a specific branch within the directory tree known as the connection point. Like all other nodes within an LDAP directory, the connection point has a Distinguished Name (DN) associated with it. You can use this node as the starting point for any queries you make on the directory. Use filtering when querying the LDAP directory to return a subset of client connection definitions. You can restrict access to sub-trees based on permissions granted in other parts of the directory tree - for example, to users, departments, or groups.

Defining your own attributes and classes

Store the client channel definition by modifying the LDAP schema. All LDAP data definitions require objects and attributes. The objects and attributes are identified by an object identifier (OID) number which uniquely identifies the object or attribute. All classes within an LDAP schema inherit either directly or indirectly from the top object. The client channel definition object contains the attributes of the top object. All LDAP data definitions require objects and attributes:

Object definitions are collections of LDAP attributes.
Attributes are LDAP data types.

The description of each attribute and how they map to the normal IBM MQ properties are described in LDAP attributes.