Important: |
---|
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
A directory is a specialized database that is designed to optimize performance for searches as opposed to modifications. It can store a wide variety of information and provides a mechanism for extending the types of information that can be stored.
An LDAP directory service is based on a client-server model. One or more LDAP servers contain the data elements that form the directory tree. The LDAP client connects to the LDAP server to obtain a set of information or to request the server to perform an operation. The server performs the operation or provides the requested information. If the server is unable to fulfill the client request, it refers the client to another LDAP server that might be able to perform the requested tasks. A global directory service enables the LDAP client to connect to any available LDAP server when accessing a specific LDAP directory tree; a name presented to one LDAP server references the same object that it would reference at another LDAP server.
Because LDAP is message-based, a client can issue multiple requests to a server at once. To submit multiple requests, the client generates a unique message identifier for each request before sending the requests to the server. The server processes all of the requests and then returns the requested results with a tag that contains the message identifier. The message identifier allows the client to sort out multiple responses to different requests arriving out of order or at the same time.
See Also
Concepts
LDAP Schema ModelLDAP Distinguished Names
LDAP Security Model