LDAP introduction
What is Directory Server?
To get started with LDAP, you first need to know what a directory is. Directory is provides a central repository for storing and managing information. Almost any kind of information can be stored, from identity profiles and access privileges to information about application and network resources, printers, network devices and manufactured parts. Information stored in Directory Server can be used for the authentication and authorization of users to enable secure access to enterprise and Internet services and applications. Directory Server is extensible, can be integrated with existing systems, and enables the consolidation of employee, supplier, customer and partner information.
What is LDAP?
The Lightweight Directory Access Protocol (LDAP) is an application protocol for reading and editing directories over an IP network. A directory is an organized set of records. For example, the telephone directory is an alphabetical list of persons and organizations, with each record having an address and phone number. A directory information tree often follows political, geographic, or organizational boundaries. LDAP directories often use Domain Name System (DNS) names for the highest levels. Deeper inside the directory might appear entries for people, departments, teams, printers, and documents.If this is your first time to LDAP, you might be wondering how is this different from an RDBMS. I suggest my readers to visit the following article Should I Use a Directory, a Database, or Both?A directory is optimized for read operations, while a database is optimized for write and change operations. Therefore, any data that is read many more times than it is written or modified is a good candidate for storage in a directory.
Diffrence between ldap and relational databse?
LDAP directories differ from relational databases. In LDAP, you do not look data up in tables. Instead, you look data up in trees, similar to the tree you get if you diagram the contents of a file system. The data is not in rows and columns, but in what are called entries. These entries are much like entries in the phone book. Entries may even actually contain phone numbers. Here is a text representation of an LDAP entry.dn: uid=bjensen, ou=People, dc=example,dc=com
Advantages:
Provides a standard means of accessing data over a networkFast searches and retrival of dataGood security mechanisms
Disadvantages
X.500 heritageFlexibility (relies on namespace and schema)Entries are in non-ASCII format (to update need special tools) Application vendors use directories in their own way Lack of standardization in some areas
A directory publishing serviceLightweight Directory Access Protocol to X.500 directoriesThe latest: Protocol v3 (RFC2253)Stores attribute based data (a kind of database) Data generallly read more than written to (enhanced search, optimised for reads)Client/Server implementationPossesses an extensible schema for Objectclasses
LDAP vendors
OpenLDAP (OpenLDAP public license) http://www.openldap.org
COMMERCIAL Offerings:
SunOne (iPlanet) Directory Server
Novell's eDirectory
IBM Directory Server
Microsoft Active DirectoryInnosoft
Lotus Domino
Nexor
Critical Path
apache ds
What is Apache Directory Studio?
The Eclipse based LDAP browser and directory client Apache Directory Studio is a complete directory tooling platform intended to be used with any LDAP server however it is particularly designed for use with Apache DS. It is an Eclipse RCP application, composed of several Eclipse (OSGi) plugins that can be easily upgraded with additional ones. These plugins can even run within Eclipse itself.
0 comments: