An appropriate NDS context must be passed to every NDAP API to describe to NDS what object is to be acted upon and how.

An NDS context is like a data structure; however, a programmer cannot directly access its members. All NDAP NDS C APIs require a reference to a context data structure as a parameter. Some of the API requests are handled locally and so don't use the context. NDS C APIs that actually send a request somehow modify the NDS tree's database to require a context parameter for one of two purposes:

• To describe the location and type of the target object, enabling NDS to find the right object to write to, read from, and so on.

• To describe the user object of the person who logged in to the connection being used to make the request. In this case, NDS searches the target object's Access Control List (ACL) to determine if the authenticated user specified by the context parameter is listed and then determine if that user has the necessary rights to perform the requested operation.

The two routines below demonstrate how this example application manages its contexts.

First, the example creates an initial context for login. The description for this operation begins with explanation item number 2.

Then, whenever the example needs a context for an NDAP call operation (read, write, create, and so on) it makes a copy of the initial context. The description of this operation begins with explanation item 1.