Light Weight Directory Access Protocol

LDAP is a set of open protocols used to access information over a network which is centrally stored. LDAP stand for Light Weight Directory Access Protocol.

Now a directory is a specialized database designed for searching and browsing and normally has added support for basic lookup and update functions. LDAP was first designed to take advantage of the complex X.500 directory services for light weight activities. Initially, it was seen as a very good tool for email addresses lookup in the net but owing to the problem of spam, this idea was dropped. LDAP got the new life with the advent of GRID COMPUTING which is set to change the whole scenario of resource sharing over the network. The LDAP information model is based on entries which is a collection of attributes that has a globally-unique Distinguished Name(DN).

The DN is used to refer to an entry unambiguously. Each entry further has a type which are mnemonic strings, like ‘mail’ for email or ‘cn’ for common name. In LDAP, directory entries are arranged in a hierarchical tree-like structure and this structure typically reflects the geographical and organizational boundaries over which the whole grid is spread. LDAP is optimized for read access which makes it suitable for a grid environment as more often than the operations are read than write. LDAP defines operations for interrogating,adding,renaming and deleting entries and updating the directory.The LDAP search operation allows certain parts of the directory to be searched for entries matching some required criteria. It also provides mechanism for a client to authenticate, paving the road to access control to protect the information contained in the server.