LDAP stands for Lightweight Directory Access Protocol. In
one line, LDAP is a lightweight protocol for accessing directory servers or in
other words, for accessing existing online directory services. The advantage of
LDAP over the previous leading standards for directory services is that it can
use the simpler TCP/IP networking stack where as previous leading standards
like X.500 was more complicated and required use of OSI network stack rather
than TCP/IP.
What is LDAP?
Before going deep into LDAP, let me explain what directory
servers really mean. In technical words, directory servers can be referred to as
a hierarchical object oriented database. A directory is similar to a database
in the way that it can store data in a structural way, but it tends to be
normally more descriptive. The difference is that it does not involve the
complicated activities done on a database like transactions or rollback.
Normally, a directory is mostly used to read information from it rather than
writing information to it. In actual practice, those are tuned to return a
quick response to search operations performed on them.
Conceptually, a directory is a collection of objects which
are derived from a particular class. It is the class which defines what
attributes can be present within an object. Programmers acquainted with object
oriented programming may easily understand it. Similar to object oriented
concept, classes here also can inherit form other classes, and the attributes
of the class from which the second class gets inherited, get added to the
attribute of an object derived form the first class. Every object in LDAP can
contain sub-objects resulting in a tree like structure.
The objects in LDAP can have more than one class. This is
where LDAP deviates from OO concept. Classes are assigned to objects using the
"objectClass" attribute. Classes can be defined as three types.
Structural class - Structural classes tend to map to
physical objects. An object can have only one structural class and it must have
the structural class. Once the structural class for an object has been defined,
the structural class cannot be changed for that particular object unless and
until the object is destroyed and created again.
Auxiliary class - These normally define the additional
attributes for the structural class. Objects can have many auxiliary classes
and these auxiliary classes, unlike structural classes, can be added and
removed after the object has been created.
Abstract classes -These classes cannot be used directly by
objects. These can be used by other classes through inheritance.