1541-4922/04/$25.00 © 2004 IEEE
Published by the IEEE Computer Society
A Brief Introduction to LDAP and Its Future
Jesús Ayala Cortés
| | Article Contents | |
| | Conclusion | |
| Download Citation | |
| | | |
| Download Content | |
| | | |
| | |
Although early directory standards, such as X.500, offer some cross-platform functionality, none has the flexibility of the Lightweight Directory Access Protocol or is as widespread. In LDAP Directories Explained, Brian Arkills, an experienced engineer, shares his knowledge of LDAP in theory and practice.
The book has two main parts. Part I discusses, in a vendor-neutral tone, all the basic LDAP topics, including
The namespace concept and design
The importance of using schema, including object classes, attributes, syntaxes, and matching rules
Metadirectories
Security
Legacy integration
Capacity planning
Systems management
Procurement
Because directory services aren't widely understood, Part I begins by defining them and explaining their benefits. Later, it covers in detail how LDAP organizes directories and handles queries.
In Part II, Chapters 6 to 8 describe three LDAP implementations: OpenLDAP, Microsoft Active Directory, and Directory Server. This overview of these popular products will help you compare them and understand deeply how they implement LDAP. Arkills highlights the most important features in each implementation and considers the advantages of using open or proprietary platforms.
The book's appendices explain more technical issues for each of these implementations. They also cover LDAP client operations, APIs, online references, and general issues concerning LDAP, including an interesting case study of Stanford University's directory architecture.
Arkills often combines his knowledge with interesting personal experiences of when he tried to solve a problem while at the University of Michigan. In one example, the administration distributed desktop PCs throughout the campus to provide access to the central university-wide directory, which was based on X.500. That resulted in the creation of a protocol similar to LDAP called Dixie.
Arkills questions LDAP's future and looks forward to what the next 10 years will bring. This point of view is really new and relevant in a textbook. He also examines the Directory Services Markup Language, a new protocol that will probably replace LDAP in upcoming years with other technologies.
LDAP Directories Explained is comprehensive; it thoroughly explains LDAP directory services. The book assumes minimal knowledge of general networking and administration, making the material accessible to intermediate and advanced readers alike. The summaries at each chapter's end are useful because readers can select content that interests them and decide which areas they want to read or use as a reference or textbook. The book is oriented toward software developers and programmers, because it extensively covers how vendors have implemented LDAP.
If you're considering an LDAP deployment or using any LDAP server, you'll find this book a useful introduction. Both newcomers and intermediates will benefit from the book's explanation of the basics of the TCP/IP stacks, particularly how you can use them to extract information from a hierarchical directory such as one based on X.500.
I recommend this book for IT folks who might be new to LDAP or want to know more about it, and for those wanting to better understand the concepts of something they're already using. For those who are Microsoft Directory Service users or administrators, I also recommend Inside Active Directory, by Sakari Kouti and Mika Seitsonen.
In LDAP Directories Explained, Brian Arkills employs a practical approach and includes the most recent advances in LDAP technology. He provides the technical foundation you need to make business decisions and justifications about choosing LDAP as an IT solution for your integration projects.
Jesús Ayala Cortés is an experienced industry engineer involved with business IT and high-tech projects. Contact him at ayala@queretaro.com.
DOWNLOAD PDF