8/7/2019 light weight directory access protocol

1/24

LIGHT WEIGHT DIRECTORYACCESS PROTOCOL

Presented by

Chaithra H.T

8/7/2019 light weight directory access protocol

2/24

TOPICS Introduction

History

Why LDAP?

Architecture

How does LDAP works?

Technology

Utilities

Conclusion

8/7/2019 light weight directory access protocol

3/24

Introduction LDAP, the Lightweight Directory Access

Protocol, is a client-server protocol foraccessing and managing directory

information.

Directory is a set of objects with attributesorganized in a logical and hierarchical

boundaries depending on the model chosen.

LDAP is based on the X.500 standard.

8/7/2019 light weight directory access protocol

4/24

It is an internet protocol runs over TCP/IP.

It is an open protocol, applications need notto worry about the type of server hosting the

directory.

The directory structure is a specializeddatabase which is optimized for browsing,

searching, locating and reading information.

8/7/2019 light weight directory access protocol

5/24

History

X.500 is the OSI directory standard.

X.500 defines the Directory Access Protocol.

The size and complexity of DAP makes it difficult

to run on smaller machines.

LDAP was designed to remove some of the

burden of X.500.

8/7/2019 light weight directory access protocol

6/24

Why LDAP?

It access through a simpler TCP/IP model.

A mobile user may initiate a database lookup over the

Internet .

It was given its lightweight name because it can be easilyimplemented over the internet due to its lightweight

bandwidth usage.

8/7/2019 light weight directory access protocol

7/24

Unlike the directory structure,

which allows the user access to all

the information available, LDAPallows information to be accessed

only after authenticating the user.

It also supports privacy end

integrity security services.

8/7/2019 light weight directory access protocol

8/24

HOW DOES LDAP

WORKS? LDAP directory service is based on client-

server model.

LDAP is a message oriented protocol.

Client constructs an LDAP message

containing a request and sends it to theserver.

8/7/2019 light weight directory access protocol

9/24

Server processes the request and sends it back to

the client in the form of LDAP message.

Client initiates a session with the LDAP server.

Client specifies a name or an IP address and portof the LDAP server.

Client specifies user name and password.

8/7/2019 light weight directory access protocol

10/24

ARCHITECTURE

8/7/2019 light weight directory access protocol

11/24

Client requests information.

Server1 returns referral to server2

Client resend request to server2

Server2 returns information to client

8/7/2019 light weight directory access protocol

12/24

X.500

Information model

A namespace

A functional model

An authentication framework

A distributed operation model

8/7/2019 light weight directory access protocol

13/24

General purpose, standards-

based directories

X.500

RFC 1497

SLDAPD

8/7/2019 light weight directory access protocol

14/24

Technology Request For Comments: RFC 4510

LDAP is an Internet protocol for accessing distributed

directory services .

Request For Comments: RFC 4515

LDAP defines a network representation of a search

filter transmitted to an LDAP server.

Request For Comments: RFC 4516

LDAP describes it as Uniform Resource Locator(URL).

8/7/2019 light weight directory access protocol

15/24

A

ssociated technology The technology associated LDAP

are in the integration of LDAP with

DCE This reduces administrative

support concerns and the

duplication of resources that

accompanies server administration

8/7/2019 light weight directory access protocol

16/24

Trends

It is evolving into a more intelligentnetwork structure called a

Directory Enable Network (DEN).

It separates the logical properties

from physical components.

8/7/2019 light weight directory access protocol

17/24

Utilities LDAPMODIFY

LDAPADD

LDAPCHANGEPWD

LDAPSEARCH

LDAPDELETE

8/7/2019 light weight directory access protocol

18/24

LDAPMODIFY & LDAPADD :

Invoking LDAPADD is equivalent to

invoking LDAPMODIFY with -a flagturned on.

Syntax :ldapmodify [-a] [-b] [-c]

8/7/2019 light weight directory access protocol

19/24

LDAPCHANGEPWD: It is a modify

password tool.

Syntax: ldapchangepwd [-h ldaphost]

[-n newpassword]

8/7/2019 light weight directory access protocol

20/24

LDAPSEARCH: search the entries in

LDAP server.

Syntax: ldapsearch [-p ldapport] [-dn]

8/7/2019 light weight directory access protocol

21/24

LDAP

CONFIGURATION The configuration FILE SLAPD.OC.CONF

contains the definition of all the object

classes.

The attributes of the object classes are

defined in SLAPD.AT.CONF FILE.

8/7/2019 light weight directory access protocol

22/24

LDAP ACCESS

CONTROL Access to [ by ].

This directive grants access to a set ofentries/attributes by one or more requesters.

Example: Access To * by * Read.

The above directive gives read permission to

everyone.

8/7/2019 light weight directory access protocol

23/24

Conclusion

LDAP provides a low-overhead method of accessing the

X.500 directory.

It runs over TCP, eliminating much of the connection set-

up.

It has an excellent future as a directory access protocol.

8/7/2019 light weight directory access protocol

24/24

Thank you