LDAP in the enterprise

By: Gary Sims

The Lightweight Directory Access Protocol (LDAP) is a network protocol used to access a special purpose database (called a directory) that stores information about people, organizations, and computers. What can LDAP do for your business and your network?

LDAP was developed as an easier version of the Directory Access Protocol that is part of the X.500 directory standard. It is the network language spoken between a piece of client software (such as an email client) and a directory. A directory is a type of database that stores information about your enterprise in a hierarchical form. Each entry in the directory is referenced using what is called a “distinguished name,” which consists of the name of the entry itself as well as the names, from bottom to top, of the entries above it in the directory.

How does this work in practice? Suppose you wanted to write an email to Wile E. Coyote, a colleague in your organization, Acme Products. Rather than needing to know his email address or already have him in your personal address book, your email client can look up Mr. Coyote in the directory (using LDAP) and get his email address. It will discover his distinguished name to be “CN=Wile E. Coyote, O=Acme, C=US”. Here CN means Common Name, O means Organization, and C stands for Country; all may be in upper or lower case.

Read more at NewsForge.com


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s