What is LDAP?

LDAP
Elsewhere:
Intro to LDAP
LDAP roadmap
RFC's
Schemas:
inetOrgPerson
IWPS (I'net White Pages)
Netscape LDAP FA
Netscape Attri!"te Dictionar#
OpenLDAP
Director# Standards (Wor$dta$%)
C$ic%&ai$ 'o"r
Admin's view
(entr# (indo()
User's view:
OS )
O"t$oo%
Netscape*
& Pro
+"dora
App$eShare IP integration
What is LDAP,
Speci-ications
Press In-o
LDAP, Lightweight Directory Access Protocol, is an Internet protocol
that email programs se to loo! p contact in"ormation "rom a server,
sch as #lic!$ail #entral Directory%
As soon as Internet emai$ !ecame pop"$ar* it (as c$ear (e needed a good
phone !oo%. Printed directories (ere o!so$ete !e-ore the in% (as dr#. O$der
Internet methods o- $oo%ing "p names* s"ch as (ho is* Ph* or -inger* (ere
$imited or arcane. +/er# emai$ program has a persona$ address !oo%* !"t
ho( do #o" $oo% "p an address -or someone (ho's ne/er sent #o" emai$,
0o( can an organi1ation %eep one centra$i1ed "p2to2date phone !oo% that
e/er#!od# has access to,
'hat's (h# so-t(are companies s"ch as &icroso-t* I3&* Lot"s* and
Netscape agreed to s"pport a standard ca$$ed LDAP. 4LDAP2a(are4 c$ient
programs can as% LDAP ser/ers to $oo% "p entries in a (ide /ariet# o- (a#s.
LDAP ser/ers inde5 a$$ the data in their entries* and 4-i$ters4 ma# !e "sed to
se$ect 6"st the person or gro"p #o" (ant* and ret"rn 6"st the in-ormation #o"
(ant. For e5amp$e* here's an LDAP search trans$ated into p$ain +ng$ish:
4Search -or a$$ peop$e $ocated in Chicago (hose name contains 4Fred4 that
ha/e an emai$ address. P$ease ret"rn their -"$$ name* emai$* tit$e* and
description.4 (0o(e/er* man# emai$ c$ients ha/e more $imited search and
retrie/a$ options.)
4Permissions4 are set !# the administrator to a$$o( on$# certain peop$e to
access the LDAP data!ase* and optiona$$# %eep certain data pri/ate. LDAP
ser/ers a$so pro/ide 4a"thentication4 ser/ice* so that (e!* emai$* and -i$e2
sharing ser/ers (-or e5amp$e) can "se a sing$e $ist o- a"thori1ed "sers and
pass(ords.
LDAP (as designed at the 7ni/ersit# o- &ichigan to adapt a comp$e5
enterprise director# s#stem (ca$$ed ).899) to the modern Internet. A
director# ser/er r"ns on a host comp"ter on the Internet* and /ario"s c$ient
programs that "nderstand the protoco$ can $og into the ser/er and $oo% "p
entries. ).899 is too comp$e5 to s"pport on des%tops and o/er the Internet*
so LDAP (as created to pro/ide this ser/ice 4-or the rest o- "s.4
LDAP ser/ers e5ist at three $e/e$s: 'here are !ig p"!$ic ser/ers s"ch as
3igFoot and In-ospace* $arge organi1ationa$ ser/ers at "ni/ersities and
corporations* and sma$$er LDAP ser/ers -or (or%gro"ps.
:o" pro!a!$# a$read# ha/e an LDAP2a(are c$ient insta$$ed on #o"r
comp"ter. &ost modern emai$ c$ients are set "p to search an LDAP director#
-or emai$ addresses. 'hese inc$"de O"t$oo%* OS ) &ai$* +"dora* Netscape*
"ic%&ai$ Pro* and &"$!err#.
LDAP has !roader app$ications* s"ch as $oo%ing "p ser/ices and de/ices on
the Internet (and intranets). Netscape Comm"nicator can store "ser
pre-erences and !oo%mar%s on an LDAP ser/er. 'here is e/en a p$an -or
$in%ing a$$ LDAP ser/ers into a (or$d(ide hierarch#* a$$ searcha!$e -rom
#o"r c$ient.
LDAP promises to sa/e "sers and administrators time and -r"stration*
ma%ing it eas# -or e/er#one to connect (ith peop$e (itho"t -r"strating
searches -or emai$ addresses and other tri/ia.