A Story of LDAP


One day Minnie was was in the library when she saw Mickey

Minnie – Hey Mickey

Mickey – Hi Minnie, How are you

Minnie – I am good, where have you been all week

Mickey – I was here, at the library

Minnie – Wow, doing some research?

Mickey – Not really, I just wanted to know about LDAP

Minnie – Oh that’s easy

Mickey – You know it, will you teach me?

Minnie – Sure, let’s go


Minnie – Let’s go to the good olden days. What would you do if you need to get your TV repaired?

Mickey – I will call a TV repair shop

Minnie – Right, but how will you get the number of the TV shop

Mickey – I can check in a Telephone Directory

Minnie – Exactly, to find a service in your area, you look up a Telephone directory

In the same way, LDAP helps to look up information from a directory or services running on a server

Mickey – I need examples

Minnie – Okay going back to the TV shop examples, What information will you look up in the telephone directory

Mickey – Well, I will see the name, address, phone number, cost per hour, experience, etc

Minnie – Yes, similarly LDAP can hold information on different properties of the records or services

Mickey – Tell me more

MinnieLDAP is short for Lightweight Directory Access Protocol and was developed at the University of Michigan around 1993, by Tim HowesSteve KilleColin Robbins, and Wengyik Yeong.

Mickey – Wow

Minnie – In short, LDAP is an internet-ready version of an earlier protocol called X.500, which was developed back in the 80s by the International Telecommunications Union (ITU) for managing telephone directories and directory services.

Mickey – More

Minnie – Okay so just remember this

• LDAP stands for Lightweight Directory Access Protocol.
• It is an internet protocol for accessing distributed directory services

Mickey – What is directory Services

Minnie – 

  • A directory is a tree of entries
  • Every entry has a unique name in the tree.
  • An entry is a set of attributes.
  • An attribute is a key/value pairing 

Let’s visualize:

o: organization
ou: stands for organizational unit – are objects act as containers that hold other objects
cn: is short for common name. An example would be “John Smith”
sn: short for surname.

Let’s say we wanted to look at the record cn=john:

Mickey – What is dn

Minnie – All names in a directory tree are actually referred to as a distinguished name, or dn for short. A dn is comprised of attributes that lead to that node in the tree, as shown above.

Mickey – Okay so this directory service is available online and LDAP helps to find or access any of the directory services

Minnie – You got it

So LDAP is a protocol to allow easy, efficient and safe access to directories and records online

  • Performing more complicated searches
  • Accessing records
  • Inserting records
  • Moving records
  • Making secure connections (Authentication)

Mickey – I feel so good now

Minnie – Great wanna go for some shopping

Mickey – No let’s go to the beach and watch the sunset

Minnie – Good plan

Mickey – You are my best friend Minnie

Minnie – I am always here for you 🙂


about the author more stories

References
https://serverfault.com/questions/23685/what-is-ldap
https://www.sitepoint.com/essentials-ldap-php/
http://ldapjs.org/guide.html

24