Lightweight Directory Access Protocol (LDAP)
LDAP is an open standard that defines a method for accessing and updating directory information over a network. LDAP is based on the X.500 standard, but is significantly simpler. Unlike X.500, LDAP supports TCP/IP. LDAP has gained rapid acceptance as the directory access method of the Internet and, as such, has become a strategic component within corporate intranets.
A directory is a specialized data repository that stores typed and ordered information about objects. For example, directories may be used to store:
Some of the characteristics of an LDAP directory are:
-
The data contained in an LDAP directory is rarely changed.
-
Because the data tends to fairly static, LDAP directories are tuned for extremely fast-read operations.
-
The data is located on a number of systems on a network for redundancy, performance and scalability.
-
The directory is structure hierarchically, ensuring that there is an authoritative source of the data in the directory system.
-
The directory represents elements and objects. The objects are created from object classes, which represent a collection of attributes. This means LDAP directories are object-oriented.
-
LDAP directories use a standard schema available to all applications using the directory.
-
Directory attributes can have single or multiple values.
-
Directories are replicated over a large number of servers on the network. This means that if one system is unavailable, a client can get the replicated information from another system in the network.
|