Category Archives: Directory Access

Understanding LDAP

Directory Services: In simple words, a directory service would map a name to a value. A simple example is DNS or Domain Name System which is used by internet to map human readable names to an IP address. For example 10.22.12.22 might map to kamalmeet.com. It is easier for user to remember names, so DNS comes to help by converting the names to IP addresses.

Directory services can store simple or complex data for each name/ key based on requirement. One major point that distingushes Directory services from ususal database system is that we expect a lot of read operations but only a few writes. More on Directory Services – https://en.wikipedia.org/wiki/Directory_service

X.500: X.500 is a series of standars covering directory services. Most popular is DAP (Directory Access Protocol). More on X.500 on https://en.wikipedia.org/wiki/X.500

LDAP: Now as we know about Directory Services. LDAP or Lightweight Directory Access Protocol, provides us set of commands or rules to access a directory services. Most common implementation for LDAP is found for Single Signon systems.

Some of the operations supported by LDAP are – bind, search, compare, add new entry, delete an entry, modify an entry etc

A sample LDAP entry might look like

 dn: cn=John Doe,dc=example,dc=com
 cn: John Doe
 givenName: John
 sn: Doe
 telephoneNumber: +1 888 555 6789
 telephoneNumber: +1 888 555 1232
 mail: john@example.com
 manager: cn=Barbara Doe,dc=example,dc=com
 objectClass: inetOrgPerson
 objectClass: organizationalPerson
 objectClass: person
 objectClass: top

Source https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol