The ultimate aim of an application program is access to the directory to perform some operation on the contents of the directory. A user may request the telephone number or electronic mail address of a fellow employee. In order to access this information, the application performs a read operation on the directory so that information is extracted about a target object in the directory and manipulated locally within the application.
XDS functions that perform directory operations, such as ds_read( ), require public and private objects as input parameters. Typically, a public object is generated by an application program and contains the information required to access a target directory object. This information includes the AVAs and RDNs that make up a distinguished name of an entry in the directory. However, an application program may also generate a private object. Private objects are described in Private Objects.
A public object is created by using OM classes and OM attributes. These OM classes and OM attributes model the target object entry in the directory and provide other information required by the directory service to access the directory.
More:
Building the Distinguished Name as a Public Object
Client-Generated and Service-Generated Public Objects