5.3. Using Views

5.3. Using Views

Virtual directory tree views, or views, create a virtual directory hierarchy, so it is easy to navigate entries, without having to make sure those entries physically exist in any particular place. The view uses information about the entries to place them in the view hierarchy, similarly to members of a filtered role or a dynamic group. Views superimpose a DIT hierarchy over a set of entries, and to client applications, views appear as ordinary container hierarchies.

Views create a directory tree similar to the regular hierarchy, such as using organizational unit entries for subtrees, but views entries have an additional object class (nsview) and a filter attribute (nsviewfilter) that set up a filter for the entries which belong in that view. Once the view container entry is added, all of the entries that match the view filter instantly populate the view. The target entries only appear to exist in the view; their true location never changes. For example, a view may be created as ou=Location Views, and a filter is set for l=Mountain View. Every entry, such as cn=Jane Smith,l=Mountain View,ou=People,dc=example,dc=com, is immediately listed under the ou=Location Views entry, but the real cn=Jane Smith entry remains in the ou=People,dc=example,dc=com subtree.

A Directory Tree with a Virtual DIT View hierarchy
Figure 5.4. A Directory Tree with a Virtual DIT View hierarchy

Virtual DIT views behave like normal DITs in that a subtree or a one-level search can be performed with the expected results being returned.

TIP

There is a sample LDIF file with example views entries, Example-views.ldif, installed with Directory Server. This file is in the /usr/share/dirsrv/data directory on Red Hat Enterprise Linux and Solaris and the /opt/dirsrv/share/data directory on HP-UX.

5.3.1. Creating Views in the Console

To create a view in the Directory Server Console, do the following:

  1. Select the Directory tab.

  2. In the left navigation tree, create a suffix to hold the views. For instance, for views based on the locality (l) attribute, name this organizational unit Location Views.

  3. Right-click ou=Location Views, and select New > Other.

  4. Select nsview from the New Object menu, and hit OK.

  5. In the Property Editor window, hit the Add Value button, and add the organization unit object class.

  6. Name the organization unit according to how to organize the views. For instance, ou=Sunnyvale. Make the ou attribute the naming attribute.

  7. Hit the Add Attribute button, and add the nsviewfilter attribute.

  8. Create a filter that reflects the views. For example: 

    (l=Sunnyvale)

  9. Hit OK to close the attributes box, and hit OK again to save the new view entry.

The new view is immediately populated with any entries matching the search filter, and any new entries added to directory are automatically included in the view.

5.3.2. Deleting Views from the Directory Server Console

To delete a view from the Directory Server Console, do the following:

  1. Select the Directory tab.

  2. Select the view to delete, such as ou=Sunnyvale,ou=LocationViews,dc=example,dc=com. To delete all the views, delete the entire sub suffix, ou=LocationViews,dc=example,dc=com.

  3. Right-click the entry, and select Delete from the drop-down menu.

    Alternatively, highlight the entry, and select the Object menu and then select Delete.

  4. A dialog box appears to confirm the deletion of the entry. Click Yes.

5.3.3. Creating Views from the Command Line

To create a view from the command line, do the following:

  1. Use the ldapmodify utility to bind to the server and prepare it to add the new view entry to the configuration file. 

    ldapmodify -a -D "cn=directory manager" -w secret -h host -p 389

  2. Add the new views container entry, in this example, under the dc=example,dc=com root suffix. This entry must have the nsview object class and the nsViewFilter attribute. The nsViewFilter attribute sets the attribute-value which identifies entries that belong in the view. 

    dn: ou=Example View,dc=example,dc=com
objectClass: top
objectClass: organizationalunit
objectClass: nsview
ou=Example View
nsViewFilter: l=Mountain View
description: Example View

5.3.4. Deleting Views from the Command Line

To delete a view from the command line, do the following:

  1. Use the ldapdelete utility to bind to the server and prepare it to remove the view entry to the configuration file. 

    ldapdelete -D "cn=directory manager" -w secret -h host -p 389 "ou=Example View,dc=example,dc=com"

  2. Remove the view entry. It is not necessary to remove any entries included in the view. 

    dn: ou=Example View,dc=example,dc=com
objectClass: top
objectClass: organizationalunit
objectClass: nsview
ou=Example View
nsViewFilter: l=Mountain View
description: Example View

Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.