Linux Today: Linux News On Internet Time.

Linux Journal: You Can Get There from Here, Part 3 [LDAP Intro]

Sep 29, 2001, 11:29 (0 Talkback[s])
(Other stories by Marcel Gagné)
"Welcome back, one and all, to the "SysAdmin's Corner". This series is about getting to that all important data on your system, even when you are far away. Part of the data we take for granted at home is our e-mail, hence the first part of this series. Closely related to that very topic are those ever growing lists of people with whom we communicate. Sure, you could carry your own list of contacts, but what about the corporate address book and its wealth of information? How can we get to that?

So glad you asked since it's a nice intro to today's discussion on LDAP. LDAP is an acronym for Lightweight Directory Access Protocol. I like to think of it as directory assistance for your network, a kind of net-enabled 411 service. With an LDAP server running on your, er, server, directory assistance will never be far away. Sound good? Strap in because this is a big topic. I'll get into some of the nittier and grittier stuff associated with LDAP later, but I know that you want to walk away from this with something that works, so this is the plan for today.

A directory is a collection of entries, as you might expect in any database. Each entry is made up of attributes--more importantly globally-unique distinguished names, and I do mean globally. Each attributes also has types with associated values. For instance, an e-mail address is defined as "mail", while a person's full name is referred to as cn for "common name". All this data is organized inside of a hierarchical structure. The database represents an organization. Inside that organization are organizational units. Inside organizational units are people. A person is described by attributes of different types and values. Trust me. This will all make sense when you see it in action."

Complete Story

Related Stories: