1 / 16

Introduction To OpenLDAP Directory Services

Introduction To OpenLDAP Directory Services. What is a Directory Service?. A specialized database optimized for reading, browsing, and searching. No complicated Transactions or roll-back schemes. (“all or nothing” changes) Sophisticated filtering capabilities

vianca
Download Presentation

Introduction To OpenLDAP Directory Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction To OpenLDAP Directory Services

  2. What is a Directory Service? • A specialized database optimized for reading, browsing, and searching. • No complicated Transactions or roll-back schemes. (“all or nothing” changes) • Sophisticated filtering capabilities • Tuned for quick response to high volume lookup

  3. How a is Directory Service provided? • Some are local. Service is provided in a restricted context. (the finger service on a machine) • Others are global. (the internet) – Usually distributed service. The Internet Domain Name System is a distributed directory service.

  4. What is LDAP? • Lightweight Directory Access Protocol • Runs over TCP/IP • Details of LDAP can be found at RFC2251

  5. What kind of info can be stored? • It is based on entries like a Db • An entry is defined as – A collection of attributes that has a globally-unique Distinguished Name (DN). • All entries are arranged in a tree-like structure.

  6. C = US C = GB St = California THE ORGANIZATION O = Acme ORGANIZATIONAL UNIT Ou = Marketing Ou = Sales Cn = Barbara Jensen PERSON TRADITIONAL NAMING

  7. Dc = net Dc = com Dc = DE THE ORGANIZATION Dc = example ORGANIZATIONAL UNIT Ou = Servers Ou = People Uid = babs PERSON INTERNET NAMING TREE

  8. Diagram Diagram O=Edu (Organization) Ou=Villanova (Organization Unit) Ou =People Cn =Jill Smith Ssn=1234753548 Persons Cn =Bob Smith Ssn=1234758807 Cn =Jim Smith Ssn=1236198807

  9. What about Unauthorized Access? • Some have no protection • Some protection packages can be written by the developers. • There are authentication mechanisms provided.

  10. How does LDAP work? • It is based on a client server model. • One or more servers contain the info. That makes up the directory tree. • A client connects to the server and asks a question. • Sever answers and a pointer to where the client can get additional info. • The same view of the directory is available no matter where the client connects from. This is important feature in a global service.

  11. How is Information Referenced? • An Entry is referenced by its DN. • A DN is made by concatenating the name of the entry itself and the names of its ancestor entries.

  12. What About X.500? • Technically, LDAP is a protocol to an X.500 directory service. • LDAP makes it easier to access X.500 but still needs a full X.500 service to make data available to all the LDAP clients being developed.

  13. So what does OpenLDAP provide? • OpenLDAP is just an open source version of LDAP. • It contains slurpd and slapd. • Slapd: stand-alone LDAP daemon • Slurpd: stand-alone LDAP update replication daemon.

  14. SLAPD • Slapd is a directory server that runs on many platforms. Can be used to create a personal directory service. • Removes the burden from the server-side of LDAP.

  15. SLURPD • A daemon that helps slapd provide replicated service. Which cuts down on response time. • Responsible for distributing changes to the master slapd to the various replicas. • Slurpd and Slapd communicate via a simple log file.

  16. Works Cited • http://www.openldap.org/doc/admin/intro.html • http://www.whatis.com

More Related