110 likes | 123 Views
LDAP (Lightweight Directory Access Protocol) is a protocol used for accessing and organizing information stored in an information directory. LDAP directory servers allow different network operating systems to share and access information using this protocol. The servers consist of objects, attributes, schema, containers, and leaf objects organized in a directory tree structure. This protocol is cross-platform, standards-based, and supports LDAP-aware applications. This article provides an overview of LDAP directory services and answers common questions.
E N D
LDAP (Lightweight Directory Access Protocol) • LDAP is a protocol, Now at version 3 • Strictly speaking, though, LDAP isn't a database at all, but a protocol used to access information stored in an information directory • LDAP directory servers soon followed • Different NOSs can share and be accessed by using this protocol
LDAP Directory Servers They use LDAP to access the information stored in a directory database They all have the same characteristics Object Thing or person associated with network Attributes Properties associated with object Values Information stored in attributes 3
LDAP Directory Servers Schema Set of definitions of the kinds of objects and object-related information contained in directory Two types of definitions: Classes (object classes): identifies object type specified in directory Attributes: stores information about object 4
Schema elements associated with a User account object 5
LDAP Directory Servers Containers (OUs or organizational units) Logically defined receptacles Assemble similar objects Account User record containing all properties LDAP standard Directories and its contents form trees Tree Logical representation of multiple, hierarchical levels within directory Root, branches, leafs 6
Identifying and Organizing Network Elements A directory tree 7
LDAP Directory Servers • Advantages • Cross-platform support • Standards-based • LDAP aware applications • Open Source
LDAP Directory Servers • An example of an individual LDAP entry • dn: uid=fsmith, ou=employees, dc=foobar, dc=com • objectclass: inetOrgPerson • uid: fsmith • givenname: Fran • sn: Smith • cn: Fran Smith • telephonenumber: 510-554-1234 • mailAddress: fsmith@foobar.com • userpassword: {crypt}3x1231v76T89N
Summary • Commonly used protocol • Used with directory services • Objects, Attributes, Schema • Containers and Leaf objects
Directory Services - LDAP Questions