LDAP: An Introduction

Basse Jonathan

Table of content

• Concept
• History
• Protocol
• Models
• APIs
• Application
• Source

Concept

LDAP is:

• A directory.
• An information management system.
• A very simple DB.

LDAP is not:

• Usefull for high data management.
• A FTP server or File System.

History

• Lightweight Directory Access Protocol was born in 1993.
• LDAP is an adaptation of X.500 DAP (Telecom directory).
• Evolution:
  • LDAPv1 RFC 1487
  • LDAPv2 RFC 1777
  • LDAPv3 RFC 2251

Models: Informations

• An entry is the basic element. It contain an object informations.
• Informations are given as attribute.
• Directory Schema define known object.
• "Directory Information Tree" (DIT) define structure.
• Entry identification is done by "Distinguish Name" (DN).

Models: Functional

• add, rename: non-existent entry, no parent.
• add, modify: conform attribute.
• delete: no child.

Models: Authentication

• bind: connection.
• unbind: disconnection.
• abandon: give up in progress request.

APIs

• Netscape Directory SDK - Java, C (Netscape)
• Net LDAPapi - Perl (GNU)
• Java Naming and Directory Interface (JUNI) - Java (SUN)

LDIF

• Standard model of data representation.
• 64 base ASCII format.

Use

• Microsoft: Active Directory.
• Sun: NameService Switch library (NSS).
• Linux: Linux Directory Services.

Application

• System application.
• Intranet/Extranet/Internet application.
• Database and Meta-Directory.

Application: System

• Authentication.
• Users right/access.
• Printer/Server localization.

Application: Intranet/Extranet/Internet

• Authentication.
• Users right/access.
• Directory services.
• Information management.

Application: Database, Meta-Directory

• Directory can replace DBM for light information.
• Directory can be synchronize on DBM for light information - Meta-Directory.

Source

• Linux LDAP services: http://www.rage.net/ldap/
• LDAP Central: http://www.ldapcentrale
• OpenLDAP.org: http://www.openldap.org