Linux Lightweight Directory Access Protocol (LDAP)
LDAP is a lightweight directory access protocol package which provides client/server based directory database services which runs on UNIX platforms over TCP/IP. The associated RFC is 1777. Directory service is based on entries which have the following characteristics.
- Distinguished name (DN)
- Collection of attributes
- Types - String such as "mail".
- Values (one or more) - Example: firstname.lastname@example.org
The directory hierarchy is organized into geographic, political, or organizational boundaries such as from top to bottom as shown below:
- states or organizations
- people, printers, documents
There are three database choices:
- LDBM - High performance disk based database
- SHELL - Database interface to UNIX commands.
- PASSWD - Password file database.
LDAP capabilities are:
- Can serve multiple databases
- Provides access control
- Can replicate the database