LevSelector.com |
intro | home - top of the page - |
LDAP (Lightweight Directory Access Protocol) - a client-server protocol. Sort of like a database server - but data is stored in a directory structure instead of tables. Optimized for situations when you need fast data retrieval and rare change. LDAP became a commonly used tool for storing user information, such as company phone books, web sites user information, etc. LDAP forms the backbone of Microsoft's Active Directory system. Other companies actively using LDAp are Netscape, Novell, even Sendmail Inc. Some people believe that directory services like LDAP will eventually substitute old standards.
Imagine that you have some data in a directory tree structure - may be an actual file directory tree itself (in practice you can use different data storage systems in the back end). You also have a server sitting in memory capable of retrieving data on your request (and storing it too). Each piece of data may contain many attributes (text and binary).
LDAP is open and free, there are packages for Perl, Java, and other languages allowing to communicate with the server (store/retrieve data). There are tools (like Netscape SDK) allowing to customize the client and server themselves as you see fit and to add LDAP to your existing applications.
The protocol is standardized.
It may be made secure.
The most widely used implementation of LDAP was written at the University of Michigan, and development is currently being supported by the National Science Foundation
Netscape:
• http://developer.netscape.com/tech/directory/
- Netscape tech docs - look for LDAP
• http://developer.netscape.com/tech/directory/directory.html
- Directory and LDAP Developer Central
• http://developer.netscape.com/docs/articles/directory/perldap_central.html
- PerLDAP is a set of modules written in Perl and C that will allow developers
to leverage their existing Perl knowledge to easily write to and manage
LDAP-enabled directories.
• www.innosoft.com/ldapworld/
- LDAP World pages at Innosoft International, Inc.,
• www.kingsmountain.com/ldapRoadmap.shtml
- many links on FAQs
• www3.innosoft.com/ldapworld/ldapfaq.html
-FAQ
• www.umich.edu/~dirsvcs/ldap/
- FAQ
• www.mjwilcox.com/ldap/ldapfaq.htm
- FAQ
• www.umich.edu/~dirsvcs/ldap/doc/guides/slapd/1.html#RTFToC1
- Introduction to slapd and slurpd
• http://www.OpenLDAP.org/devel/tools.html
- many good tools
• www.openldap.org/
- Open LDAP project
• http://www.LDAPzone.com/
- LDAPzone
• www.umich.edu/~dirsvcs/ldap/doc/man/
- man.pages:
• www.umich.edu/~dirsvcs/ldap/doc/man/man1.html
- LDAP User Commands (manual section 1) - includes most commoon add,delete,modify
and search:
ldapadd - add
entry
ldapdelete -
delete entry
ldapmodify -
modify entry
ldapmodrdn -
modify entry RDN
ldapsearch -
search utility
ud
LDAP Sys.admin. commands and library functions - pretty much covers
ALL that LDAP can do:
• www.umich.edu/~dirsvcs/ldap/doc/man/man3.html
-
• www.umich.edu/~dirsvcs/ldap/doc/man/man8.html
-
Note:
- LDAP allows different attributes for different nodes. At any
moment you can add or change attributes, modify or delete them.
- There is a text file format (ldif) and commands to import/export
LDAP info from/to those files or LDBM database files.
- The Delete operation will only remove a single entry, and
it does not remove non-leaf entries which have subordinates.
- In v.3 you can search on components of the entry's name?
perl code | home - top of the page - |
• Net::LDAP - main module
• www.perldoc.com/cpan/index.html?N - many modules starting with NET::LDAP, for example:
• Net::LDAP::Control::Paged
- LDAPv3 Paged results control object
(also search here: http://www.perl.com/CPAN-local/README.html )
• www.perldoc.com/cpan/Bundle/Net/LDAP.html
- Bundle::Net::LDAP - A bundle for Net::LDAP
• www.perldoc.com/cpan/Net/LDAPapi.html
- Net::LDAPapi
• www.perldoc.com/cpan/Net/LDAPS.html
- Net::LDAPS - use LDAP over an SSL connection
----------------------------------