Principles Digital Communication System & Computer Networks (Charles River Media Computer Engineering)
| < Day Day Up > |
|
23.4 LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL (LDAP)
To access network services, directories play an important role. We keep information about contact addresses in a directory (name, address, e-mail, phone numbers and so on). Information about registered users is kept in directories at the servers, DNS servers keep the information about the IP addresses in a directory, information obtained from the finger command (the users who are presently logged on to the network) is kept in a directory and so on.
Presently, we store directory information in different formats on the desktop, on the palmtop, on the mobile phone, and so on. That is the reason we cannot transfer directory information from one device to another device. If there is a standard mechanism for storing and retrieving directory information, it would be of great help, LDAP is meant exactly for this.
If directory information is kept using standard mechanisms, it can be accessed through standard protocols, and the directories are accessible universally. To facilitate this, ISO/OSI protocol suite defines X.500 directory service standards. However, implementation of these directory services and protocols is difficult, particularly on computers with less processing power such as a PC. Hence, LDAP has been formulated as a lightweight protocol that can run on PCs having less processing power.
Note | X.500 is the standard for directory service. This standard specifies how directory information is organized and how to search for information. It uses Directory Access Protocol (DAP) to access the directory. However, it is not well suited to run on small computers such as PCs, and hence a lighter version was developed called LDAP. |
LDAP uses the X.500 directory service framework and the Directory Access Protocol (DAP) defined in X.500. X.500 defines the following:
-
Information model gives the format in which the information has to be stored in the directory.
-
Namespace specifies how the information has to be referenced and organized.
-
Functional model defines operations that can be performed on the information.
-
Authentication model defines how to secure the information stored in the directory.
-
Distributed operational model defines how data is distributed and how the operations are carried out.
Since DAP is a heavyweight protocol, LDAP has been developed. LDAP gives the same functionality without much overhead.
LDAP is a client/server protocol. The LDAP client sends a request, and the LDAP server sends the response. The request can be to search and find an entry in the directory, to modify an entry in the directory, or to delete an entry in the directory. The LDAP server provides the information in the form of an LDAP server response. If the server has to contact some other server to obtain the information (called the references), it is the server's responsibility to do that.
LDAP defines the format for organizing directory information using a hierarchical naming scheme. It also specifies the operations to be performed on the directory to update the directory and search/find records in the directory.
LDAP also defines how the information has to be organized in the directory. Each entry in the directory is given a unique name; the collection of names is called the namespace. Each entry will have a number of attributes. The entries are organized hierarchically. The various operations that can be performed on the directory are search and find, modify, and add records to the directory.
Many application software packages such as e-mail packages, browsers, and such have LDAP functionality.
Note | When you use multiple devices (palmtop, mobile phone, and so forth), an important requirement is that the address book be the same in both the devices—the data in both devices should be synchronized. Synchronization is easy if a standard, such as LDAP, is followed for storing the directory information. To synchronize the data, a markup language called SyncML has been standardized. |
| < Day Day Up > |
|