1. Introduction to LDAP
With the rapid growth and development of the Internet economy, many interconnected organizations need to accurately track all of the information that is stored, processed and passed on to the users, customers, suppliers and partners.
Ensure that information is current, available, accurate, retrievable within a reasonable time, is the basis of the proper functioning of an organization, which makes the right decisions.
The user information consists of data for each user, including personal data such as name, phone, address, e-mail, the group to which it belongs, that desenvolve function within an organization, access privileges (which resources can use, which you can access files, ..), security credentials and preferences.
The success rate of new e-commerce applications depend on the accuracy and adequacy of information available for the user. The adempimiento good practice for the administration of users will enable organizations to:
- Maintain a unified user profile.
- Creating and deleting accounts across all servers and related applications.
- Strengthen security by centralizing access control and can integrate digital certificates.
- Propagation of the correct and updated information of users in all systems.
With the rapid growth and development of the Internet economy, many interconnected organizations need to accurately track all of the information that is stored, processed and passed on to the users, customers, suppliers and partners.
Ensure that information is current, available, accurate, retrievable within a reasonable time, is the basis of the proper functioning of an organization, which makes the right decisions.
The user information consists of data for each user, including personal data such as name, phone, address, e-mail, the group to which it belongs, that desenvolve function within an organization, access privileges (which resources can use, which you can access files, ..), security credentials and preferences.
The success rate of new e-commerce applications depend on the accuracy and adequacy of information available for the user. The adempimiento good practice for the administration of users will enable organizations to:
- Maintain a unified user profile.
- Creating and deleting accounts across all servers and related applications.
- Strengthen security by centralizing access control and can integrate digital certificates.
- Propagation of the correct and updated information of users in all systems.
Download your Full Reports for Lightweight Directory Access Protocol(LDAP Protocol)
1.1. What is LDAP?
LDAP is a directory access protocol light (Lightweight Directory Access Protocol), a standard protocol used to access "Directory Servers".
The directory is a special kind of database that contains structured information in a tree, similar to directories of files that are used, or the phone book to look for phone numbers or use directory services network as the DNS (Domain Name Service).
The concept is similar to the directory structure of the hard drives, but in this case, the root directory is "The World" and the first level subdirectories are "countries". Lower levels of the directory structure contain entries for companies, organizations or places, while yet lower still we find directory entries for people, and perhaps equipment or documents.
LDAP is a client-server system. To access the LDAP service, the LDAP client must first authenticate with the service. That is, you must tell the server who is accessing the data for the server to the client to decide whether or not accessible. If the client successfully authenticates to the LDAP server when the server receives after requests from the client, it will check if the client is authorized to make that request.
The LDAP standard has proposed ways in which clients can authenticate to LDAP servers (RFC 2251 and RFC 2829).
1.2. Distinguished Name (Name distinguishable)
To refer to a file in a subdirectory on your hard disk, you might use something like:
/ Usr / local / myapp / docs
Bars indicate each division in the reference to the file and the sequence is read from left to right.
In LDAP equivalent to the reference to a file is the "Distinguished Name" (Name distinguishable), abbreviated as "dn" is always unique in a directory.
Dn An example could be:
cn = Jose Garcia, ou = Security, o = My Company, c =
Commas indicate each division in the reference, and the sequence is read from right to left.
Former dn would read as:
Country =
Organization = My Company
OrganizacionalUnit = Safety
Jose Garcia CommonName =
In the same way that there are no rules on the organization of the directory structure of a hard disk, a server administrator can choose the directory structure that best suits for your purposes. But yes there are always rules assumed that must be met, I could not write code to access a directory server unless you know something about its structure, in the same way that you can not use a database without some knowledge of what which is available in it.
1.3. Advantages of LDAP
- LDAP is an open standard. Most applications used are able to search for information in a database.
- Centralize all information in one place has huge benefits:
? Single point of administration with less chance of errors.
? Less duplicate data in many parts.
? Ability to perform backups.
- Origin authentication only
- User accounts in a central place. You can use a dawn LDAP to manage users, passwords and much more information than can be stored in a file / etc / passwd. This information may be used either by users of Microsoft Windows and Unix and Mac
- You can for example create a small web interface for users to change their passwords without entering the unix system because password information is in LDAP and not in the system.
- LDAP can be created with an NT domain accounts.
- You may want to centralize preferences for different applications, eg Netscape preferences, bookmarks etc. LDAP can be saved, and the user can move from one machine to another receiving preferences from an LDAP server.
- The user can switch from one Windows NT Netscape Netscape on a Linux / Solaris / Mac and can use the same information.
- Users are not required to repeat endlessly different personal data for use as date of birth, address, phone, communicating your userid will get the rest of the information from LDAP.
1.4. Dissemination and LDAP integration
Today all companies, institutions and organizations of a certain size commonly used LDAP servers bringing enormous benefits to manage information about their users centrally, allowing different user applications and the use thereof.
Having a single point of access to information ensures secure access through different authentication methods (based on passwords and digital certificates), allowing administrators to specify privileges and permissions to access data at a level of high depth.
LDAP ? lite version known as the international standard for X.500 directories, because instead of requiring large resources and a full OSI stack, LDAP works correctly on any PC and is compatible with TCP / IP, being simpler can access X.500 directories still supporting all features of X.500.
Download your Full Reports for Lightweight Directory Access Protocol(LDAP Protocol)
Advertisement