Chapter 1 Understanding LDAP This chapter explains the LDAP protocol and the concepts behind LDAP. LDAP (Lightweight Directory Access Protocol) is the Internet directory protocol. Developed at the University of Michigan at Ann Arbor in conjunction with the Internet Engineering Task Force, LDAP is a protocol for accessing and managing directory services.
This chapter explains the LDAP protocol and the concepts behind LDAP.
"How Directory Services Work"
"How LDAP Servers Organize Directories"
"How LDAP Clients and Servers Work"
"Understanding the LDAP v3 Protocol"
"For More Information"
cn: Barbara Jensen mail: babs@ace.com telephoneNumber: 555-1212 roomNumber: 3995
cn: Jennifer Jensen cn: Jenny Jensen mail: jen@ace.com telephoneNumber: 555-1213 telephoneNumber: 555-2059 roomNumber: 3996
Figure 1.1    A hierarchy of entries in the directory
uid=bjensen, ou=People, o=Airius.com
Figure 1.2    An example of a distinguished name in the directory
searching for and retrieving entries from the directory
adding new entries to the directory
updating entries in the directory
deleting entries from the directory
renaming entries in the directory
You can specify controls (both on the server and on the client) that extend the functionality of an LDAP operation.
You can request the server to perform extended operations (beyond the standard LDAP operations).
You can use Simple Authentication and Security Layer (SASL) mechanisms to authenticate to the directory.
Servers have DSEs (DSA-specific entries, where a DSA is a directory server) that provide information including the versions of the LDAP protocol supported, a list of the controls, extended operations, and SASL mechanisms supported by the server, and the naming contexts of the server (specifying the portion of the directory tree managed by this server).
Servers make their schemas available to clients. (You can get a directory server's schema from the root DSE.)
Both client and severs can support data in UTF-8 format. Clients can now request and receive data that is tagged with language information.