Oracle Solaris supports LDAP in conjunction with the Oracle Directory Server Enterprise Edition (formerly Sun Java System Directory Server). However, any generic directory server can function as an LDAP server. In this book, the terms directory server and LDAP server are synonymous and used interchangeably.
LDAP naming service is one of different naming services that is supported in Oracle Solaris. Other naming services are described in Working With Oracle Solaris 11.2 Directory and Naming Services: DNS and NIS . For a comparison of the different naming services in Oracle Solaris, see Comparison: LDAP Naming Service and Other Naming Services.
LDAP performs the following services:
Naming service - LDAP provides naming data in accordance with a client request. For example, when resolving host names, LDAP functions like DNS by providing the fully qualified domain names. Suppose that the name of a domain is west.example.net. If the host name is requested by an application by using gethostbyname() or getnameinfo(), LDAP returns the value server.west.example.net.
Authentication service - LDAP manages and provides information that relate to client identity, authentication, and accounts. Thus, LDAP implements security measures to provide information only to authorized requesters.
The LDAP naming service offers the following advantages:
With the replacement of application-specific databases, information is consolidated and the number of distinct databases to manage is reduced.
Data can be shared by different naming services.
A central repository for data is used.
More frequent data synchronization between masters and replicas can be performed.
LDAP is multiplatform and multi-vendor compatible.
The following restrictions apply to the LDAP naming service:
An LDAP server cannot be its own client.
A client cannot be a client of NIS and LDAP at the same time.