light weight directory access protocol
TRANSCRIPT
-
8/7/2019 light weight directory access protocol
1/24
LIGHT WEIGHT DIRECTORYACCESS PROTOCOL
Presented by
Chaithra H.T
-
8/7/2019 light weight directory access protocol
2/24
TOPICS Introduction
History
Why LDAP?
Architecture
How does LDAP works?
Technology
Utilities
Conclusion
-
8/7/2019 light weight directory access protocol
3/24
Introduction LDAP, the Lightweight Directory Access
Protocol, is a client-server protocol foraccessing and managing directory
information.
Directory is a set of objects with attributesorganized in a logical and hierarchical
boundaries depending on the model chosen.
LDAP is based on the X.500 standard.
-
8/7/2019 light weight directory access protocol
4/24
It is an internet protocol runs over TCP/IP.
It is an open protocol, applications need notto worry about the type of server hosting the
directory.
The directory structure is a specializeddatabase which is optimized for browsing,
searching, locating and reading information.
-
8/7/2019 light weight directory access protocol
5/24
History
X.500 is the OSI directory standard.
X.500 defines the Directory Access Protocol.
The size and complexity of DAP makes it difficult
to run on smaller machines.
LDAP was designed to remove some of the
burden of X.500.
-
8/7/2019 light weight directory access protocol
6/24
Why LDAP?
It access through a simpler TCP/IP model.
A mobile user may initiate a database lookup over the
Internet .
It was given its lightweight name because it can be easilyimplemented over the internet due to its lightweight
bandwidth usage.
-
8/7/2019 light weight directory access protocol
7/24
Unlike the directory structure,
which allows the user access to all
the information available, LDAPallows information to be accessed
only after authenticating the user.
It also supports privacy end
integrity security services.
-
8/7/2019 light weight directory access protocol
8/24
HOW DOES LDAP
WORKS? LDAP directory service is based on client-
server model.
LDAP is a message oriented protocol.
Client constructs an LDAP message
containing a request and sends it to theserver.
-
8/7/2019 light weight directory access protocol
9/24
Server processes the request and sends it back to
the client in the form of LDAP message.
Client initiates a session with the LDAP server.
Client specifies a name or an IP address and portof the LDAP server.
Client specifies user name and password.
-
8/7/2019 light weight directory access protocol
10/24
ARCHITECTURE
-
8/7/2019 light weight directory access protocol
11/24
Client requests information.
Server1 returns referral to server2
Client resend request to server2
Server2 returns information to client
-
8/7/2019 light weight directory access protocol
12/24
X.500
Information model
A namespace
A functional model
An authentication framework
A distributed operation model
-
8/7/2019 light weight directory access protocol
13/24
General purpose, standards-
based directories
X.500
RFC 1497
SLDAPD
-
8/7/2019 light weight directory access protocol
14/24
Technology Request For Comments: RFC 4510
LDAP is an Internet protocol for accessing distributed
directory services .
Request For Comments: RFC 4515
LDAP defines a network representation of a search
filter transmitted to an LDAP server.
Request For Comments: RFC 4516
LDAP describes it as Uniform Resource Locator(URL).
-
8/7/2019 light weight directory access protocol
15/24
A
ssociated technology The technology associated LDAP
are in the integration of LDAP with
DCE This reduces administrative
support concerns and the
duplication of resources that
accompanies server administration
-
8/7/2019 light weight directory access protocol
16/24
Trends
It is evolving into a more intelligentnetwork structure called a
Directory Enable Network (DEN).
It separates the logical properties
from physical components.
-
8/7/2019 light weight directory access protocol
17/24
Utilities LDAPMODIFY
LDAPADD
LDAPCHANGEPWD
LDAPSEARCH
LDAPDELETE
-
8/7/2019 light weight directory access protocol
18/24
LDAPMODIFY & LDAPADD :
Invoking LDAPADD is equivalent to
invoking LDAPMODIFY with -a flagturned on.
Syntax :ldapmodify [-a] [-b] [-c]
-
8/7/2019 light weight directory access protocol
19/24
LDAPCHANGEPWD: It is a modify
password tool.
Syntax: ldapchangepwd [-h ldaphost]
[-n newpassword]
-
8/7/2019 light weight directory access protocol
20/24
LDAPSEARCH: search the entries in
LDAP server.
Syntax: ldapsearch [-p ldapport] [-dn]
-
8/7/2019 light weight directory access protocol
21/24
LDAP
CONFIGURATION The configuration FILE SLAPD.OC.CONF
contains the definition of all the object
classes.
The attributes of the object classes are
defined in SLAPD.AT.CONF FILE.
-
8/7/2019 light weight directory access protocol
22/24
LDAP ACCESS
CONTROL Access to [ by ].
This directive grants access to a set ofentries/attributes by one or more requesters.
Example: Access To * by * Read.
The above directive gives read permission to
everyone.
-
8/7/2019 light weight directory access protocol
23/24
Conclusion
LDAP provides a low-overhead method of accessing the
X.500 directory.
It runs over TCP, eliminating much of the connection set-
up.
It has an excellent future as a directory access protocol.
-
8/7/2019 light weight directory access protocol
24/24
Thank you