an LDAP server

Submitted by admin on Thu, 11/12/2009 - 16:17
  2. introduction
  3. what it is
  4. what it isn't
  5. where it is
  6. history

introduction

LDAP is a protocol followed by LDAP clients and servers. A directory is a database that can be read from very quickly.

An LDAP server receives questions about directory information and gives answers almost instantly. An LDAP client is a program that asks the server questions. They both follow the LDAP protocol.

OpenLDAP is an open source LDAP product. Sun Java Directory Server and Microsoft Active Directory are closed source LDAP products.

what it is

An LDAP server receives questions about directory information and gives answers almost instantly. Servers usually listen on port 389. Many LDAP servers can be distributed around a busy network to deal with demand. Each one keeps an identical copy of the directory which is kept up to date automatically.

The LDAP server is responsible for authenticating the clients that want to use the service and figuring out which parts of the directory they are allowed to access. It can also prevent eavesdropping on its conversations with SSL, in the same way that a web server and web browser encrypt their conversation.

The LDAP server controls the directory. It usually uses a specialised database that can search many entries very quickly. When an LDAP server receives a request for an entry in a huge directory of a million entries, it can search the directory and find the entry in a fraction of a second. An LDAP server can be used to control other types of data store, such as a relational database or a password file. If the directory is split across several different databases the server can control all of them at the same time.

LDAP servers can work in the same master and servant configuration as DNS servers. This distributes the LDAP service across a network. One LDAP server is the master and is used to maintain the master directory. The other LDAP servers are slaves and keep exact copies of the master directory. These servers answer all the questions from clients. The LDAP master server is turned into a cluster to provide HA. The work of keeping copies of the directory up to date is called replication.

what it isn't

Well known. Despite being around for years LDAP servers and not understood in the same way web servers and e-mail servers are.

where it is

LDAP servers are in the biz LAN, the central area of the LIC, along with database, e-mail and application servers. No customers can send requests directly to an LDAP server. There are only two servers and both are masters.

LDAP server hosts in the LIC
Internet
enterprise network
LIC
BLD01
BLD02

history

Microsoft started including an LDAP server with their operating systems.