Main Page

encyclopedia.codeboy.net
 

Lightweight Directory Access Protocol

\n\n Lightweight Directory Access Protocol (LDAP) is a protocol for accessing on-line directory services. The IETF designed and specified LDAP as a better way to make use of X.500 directories - having found the original Directory Access Protocol (DAP) too complex for simple internet clients to use. LDAP defines a relatively simple protocol for updating and searching directories running over TCP-IP. The common term "LDAP directory" can mislead. No specific type of directory is an "LDAP directory". One could reasonably use the term to describe any directory accessible using the LDAP protocol and which can identify objects in the directory with X.500 identifiers. Directories such as OpenLDAP, though primarily designed as repositories for X.500 data using access by LDAP, are nevertheless no more "LDAP directories" than any other directory accessible by the LDAP protocol. LDAP has gained wide support from vendors such as: \n* Apple (through Open Directory)\n* AT&T\n* Banyan \n* HP\n* IBM/Lotus\n* Microsoft (through Active Directory)\n* Novell\n* Oracle (through Oracle Internet Directory)\n* SGI and\n* Sun\nas well as in open source/free software implementations such as OpenLDAP. An LDAP directory entry consists of a collection of attributes with a name, called a distinguished name (DN), which refers to the entry unambiguously. Each of the entry's attributes has a type and one or more values. The types are typically mnemonic strings, like "cn" for common name, or "mail" for e-mail address. The values depend on the type. For example, a mail attribute might contain the value "donald.duck@disney.com". A jpegPhoto attribute would contain a photograph in binary JPEG/JFIF format. LDAP directory entries feature a hierarchical structure that reflects political, geographic, and/or organizational boundaries. Entries representing countries appear at the top of the tree; below them come entries representing states or national organizations. Further below might appear entries representing people, organizational units, printers, documents, or just about anything else.

LDAP-related RFCs

\n* [RFC 1777] LDAP\n* [RFC 1778] String Representation of Standard Attribute Syntaxes\n* [RFC 1959] URL Format\n* [RFC 1960] String Representation of Search Filters\n* [RFC 1823] C API\n* [RFC 3377] LDAP v3

External Links

\n* OpenLDAP\n* Linux LDAP HOWTO\n* LDAP Articles, Links, Whitepapers\n* LDAP Software, Tools & Utilities\n* LDAP (v3) Revision (ldapbis) Working Group
\nThis article (or an earlier version of it) contains (or contained) material from FOLDOC, used with permission. Category:Internet standards

"The significant problems we face cannot be solved at the same level of thinking we were at when we created them." - Albert Einstein (1879-1955)