Download What is LDAP (Lightweight Directory Access Protocol

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts

Data vault modeling wikipedia , lookup

Database wikipedia , lookup

Versant Object Database wikipedia , lookup

Concurrency control wikipedia , lookup

Expense and cost recovery system (ECRS) wikipedia , lookup

Business intelligence wikipedia , lookup

Information privacy law wikipedia , lookup

Clusterpoint wikipedia , lookup

Relational model wikipedia , lookup

Design of the FAT file system wikipedia , lookup

DMOZ wikipedia , lookup

Files-11 wikipedia , lookup

Database model wikipedia , lookup

Transcript 
Information to
Understand
Technology
TECHNOLOGY BRIEF
www.silicon-press.com
LDAP
What is LDAP (Lightweight Directory Access Protocol)?
LDAP (Lightweight Directory Access Protocol) is a widely used Internet protocol for
accessing online directory information. LDAP is an open industry standard.
A directory such as a telephone directory is a listing of entries (objects) and
information about these entries. LDAP directories are used to store data like white
pages, user profiles, and devices available on the company network. LDAP facilitates the
management of company policies regarding the different kinds of privileges employees
are allowed and their access rights to different kinds of equipment. The data stored in
LDAP directories can be shared by a variety of applications.
An LDAP directory is a limited and specialized database. Unlike databases, LDAP
directories do not, for example, support concurrency control or transactions, and they
do not have active database capabilities (triggers). In case of directory replication, there
is no notion of simultaneous updates of the replicas.
LDAP Directory Specifics
Directory entries are like the tuples in a relational database. Entries have fields
whose values are attribute-value pairs. Some entries can be specified to be required
while others can be declared to be optional. Each entry has at least one type,
objectclass, associated with it. An entry can have multiple types, and types can be
added to or deleted from an entry at run time.
A directory schema is typically (but not always) hierarchical, similar to schemas
found in object databases. In case of a white page enterprise directory, the directory
hierarchy should reflect the enterprise hierarchy.
LDAP provides simple operations for adding, deleting and updating entries and
querying (searching) the directory. Queries can be specified to search all or part of a
directory. The results of a query can narrowed by specifying “filters” which are similar
to WHERE clauses in SQL. Filters are not as general as the WHERE clause since they are
limited to examining the fields of a single entry. Like the SELECT clause in SQL, LDAP
also allows queries to specify which field values are to be returned in the result.
Each directory entry is updated separately. Consequently, data in the replicas may
temporarily not be synchronized with each other. Also, since there are no transactions,
a directory update involving multiple entries can make a directory temporarily
inconsistent since each entry must be updated separately.
Directories are typically queried far more often than they are updated.
Consequently, LDAP directories are optimized for querying.
www.silicon-press.com
Email: [email protected]
Tel: 908-273-8919 Fax: 908-273-6149
© Silicon Press
LDAP Directory Services
LDAP runs over TCP/IP. LDAP directory services are implemented using the clientserver model. A single directory can be spread over multiple servers and/or may be
replicated on multiple servers. Regardless of the directory data distribution, each client
gets the same view of the directory – except for temporary periods when multiple servers
are being updated to make a directory update.
What is the Advantage of LDAP?
LDAP is an open industry standard. LDAP directories are limited but specialized
databases. They have been designed for storing relatively simple information such as
white pages for organizations and enterprises, and devices in networks.
Compared to databases, LDAP directories are
o
o
o
o
o
o
o
flexible,
easier to scale,
handle heterogeneity well,
facilitate replication (for availability and reliability),
support distributed data management while giving clients a unified view of the
stored data,
optimized for queries, and
simpler and cheaper to maintain.
Where will LDAP be used?
Some examples where LDAP is being used are
o
o
o
o
o
o
enterprise directories,
web user profiles,
Directory Enabled Networks (DEN) –– intelligent networks where information
about network components is stored and available in directories,
library catalogs,
access control and authentication, and
messaging.
Where Can I Find More Information?
o
o
o
Internet Engineering Task Force (http://www.ietf.org)
An LDAP Roadmap & FAQ
(http://www.kingsmountain.com/ldapRoadmap.shtml)
Introductory LDAP Articles & Papers (http://www.rage.net/ldap/links.shtml)
www.silicon-press.com
Email: [email protected]
Tel: 908-273-8919 Fax: 908-273-6149
© Silicon Press
Related documents
FoxFiles: Getting Started What is FoxFiles?
FoxFiles: Getting Started What is FoxFiles?
Indiana University – University Information Systems
Indiana University – University Information Systems
Network Services
Network Services
Presentation
Presentation
LDAP- Lightweight Directory Access Protocol
LDAP- Lightweight Directory Access Protocol
www.openldap.org
www.openldap.org
INTRODUCTION
INTRODUCTION
MS Word version
MS Word version
Components of an operating system
Components of an operating system
Regulatory statistics and information
Regulatory statistics and information
File
File
Operating Systems (OS)
Operating Systems (OS)
directory service
directory service
Microsoft`s Active Directory Services
Microsoft`s Active Directory Services
OPERATING SYSTEM FUNCTIONS
OPERATING SYSTEM FUNCTIONS
CUSTOMER_CODE SMUDE DIVISION_CODE SMUDE
CUSTOMER_CODE SMUDE DIVISION_CODE SMUDE
Towards a Common Java LDAP API
Towards a Common Java LDAP API
File System Interface
File System Interface
Introduction
Introduction
Chapter 12 File Management File Management
Chapter 12 File Management File Management
Naming
Naming
LDAP Access Using JNDI.sxi
LDAP Access Using JNDI.sxi