LDAP Directories Explained An Introduction and Analysis

Product Description

Provides technical managers and those new to directory services with a fundamental introduction to LDAP. This concise guide examines how the technology works and gives an overview of the most successful directory products in an easy to reference format. Softcover.
Product Details

* Amazon Sales Rank: #253165 in Books
* Published on: 2003-03-02
* Original language: English
* Number of items: 1
* Binding: Paperback
* 432 pages

Editorial Reviews

From the Back Cover

Directory technology promises to solve the problem of decentralized information that has arisen with the explosion of distributed computing. Lightweight Directory Access Protocol (LDAP) is a set of protocols that has become the Internet standard for accessing information directories. Until now, however, those curious about LDAP had no introductory source to learn how the technology can help them centrally manage information and reduce the cost of computing services.

LDAP Directories Explained provides technical managers and those new to directory services with a fundamental introduction to LDAP. This concise guide examines how the technology works and gives an overview of the most successful directory products in an easy-to-reference format.

Key topics include:

* An overview of LDAP, including how directories differ from databases
* The LDAP namespace, with an overview of DNS, LDAP object structure, and LDAP object naming
* Client LDAP operations, including directory-enabled services and applications, searches, and the LDAP protocol
* LDAP schema, including object classes, attributes, syntaxes, matching rules, and more
* Directory management, including directory integration strategies, metadirectories, security, and more
* LDAP vendors OpenLDAP, Microsoft Active Directory, and Directory Server
* A case study of Stanford University's directory architecture, which illustrates how integral an LDAP directory can become to a business

If you are an information technology manager, LDAP Directories Explained will provide the technical foundation you need to make sound business decisions about LDAP. If you're a developer, this straightforward reference will bring you quickly up to speed on LDAP and directories.


020178792XB01292003

About the Author

Brian Arkills works as a software engineer at the University of Washington, where he performs systems administration, analysis, and project management. While at Stanford University, Brian used LDAP technology to extend Stanford's existing Netscape Directory Services to Microsoft clients via Microsoft Active Directory. In doing so, he found that there were no quality books that provided a basic introduction to the technology. He wrote this guide to fill that need.

020178792XAB01292003

Excerpt. © Reprinted by permission. All rights reserved.

Lightweight Directory Access Protocol (LDAP) is the predominant protocol used to communicate with directories. These days, directories are everywhere. Many enterprise software packages require a directory, for example, and companies seeking to reduce costs and streamline their business also implement a directory.

Not so long ago, I knew nothing about LDAP. Because Stanford University, my employer, was implementing and integrating Active Directory with its existing directory, I needed to understand LDAP and how directories worked. However, I found that the resources for a novice were sparse and hard to find, and that none of the books on the subject took me from novice to competency. During the course of the Stanford project, I met David Chappell and worked closely with him. This led to an invitation from Addison-Wesley, and I embarked on writing this book. I hope it fills the gap I found.Audience

This book is part of the Independent Technology Guide series, which focuses on providing an independent look at a technology combined with a no-nonsense approach. David Chappell, the series editor, likes to say that the series should be called "Big Pictures TRU Us." Each of the books in the series explains how the technology fits into the larger world. Technical managers turn to this series for explanations of all the acronyms and buzzwords they hear.

This book is also appropriate for someone who is more technically savvy, but looking to break into LDAP and directories. Almost every LDAP book on the market is written for developers, and those who donUt write code are left in the dark. This book takes a different approach by providing a thorough introduction for newcomers regardless of their orientation or technical background. Once youUve finished this book, you might turn to Understanding and Deploying LDAP Directory Services by Tim Howes, Mark Smith, and Gordon Good to continue learning about LDAP, especially in the context of developing LDAP code.About the Book

The book is divided into two parts. Part I explores how LDAP and directories work in general. This book is unique in its approach to the topic from a standards-based, non-product-centric perspective. Part II explores three products to highlight how LDAP is used. If you donUt have a lot of time to do research, this overview of the most popular LDAP products will help you compare existing products.Appendixes

There are also several appendixes to augment the material presented in the chapters. When additional material is available, I have included references in the relevant chapter. IUd like to call your attention to two of the appendixes in particular. Appendix C is a case study of Stanford UniversityUs directory architecture. It is intended to give you a real-world sense of how integral an LDAP directory can become to your business. Appendix G contains URLs for all the online reference material that I used while writing this book. Many people have indicated to me how invaluable this compilation of online resources was to their research.

Brian Arkills, October 2002

020178792XP01292003
Customer Reviews

considered harmful. 1
I was painfully underwhelmed when I sat down at the bookstore for about an hour with a coffee and this book. Basically, it's a semi-unrelated series of whitepapers very pointedly aimed at management types. If you're looking for persuasive essays about how directories can increase your ROI, by jingo, this is your book. You may also be introduced to some new buzzwords while you're at it. Unfortunately, if you want either the big picture of how an LDAP directory works or the nuts-and-bolts of LDAP administration, this isn't your book.

I guess I'm missing it too.2
I was looking for a book that would tie together the bits and pieces of LDAP knowledge that I had gathered from the internet for a thorough overview of LDAP. But after reading this book, I still don't have a clear understanding of basic concepts such as namespaces. One section led me to believe that a DNS-based namespace was the same as an LDAP hierarchical namespace, but then I had my doubts after reading another section. Are cn, ou, dc, and uid all object classes? I have heard that LDAP does not respond to a client with a pass/fail response, but there is a discussion of result codes in response to such operations. What are theses codes? When and how are they issued? Walk the reader through from beginning to end with an example of connecting to an LDAP server with a query or an authentication request and show the messages that are passed back to the client (if any). In a discussion of public key encryption, the author states: "the public key is published for anyone to know, whereas the private key is kept secret from everyone but the user....it doesn't matter who knows your public key, because the public key can't be used to impersonate you." Please explain this apparent paradox; if I need the public key to decrypt your message, and anyone can have the public key, then how is the data secure? Couldn't anyone tapping into our communication decrypt it if they have the public key too? Including some actual PERL, or JSP, or VB.NET with ASP.NET scripts for connecting to and querying an LDAP server would have been a plus.

It is difficult to write a technical book that doesn't merely present a collection of technical facts (which I will take on faith as being accurate). It is important to be able to state the facts plainly and connect them to form a coherent idea. For example: "A workgroup is just a group of workstations that share a browse list." I had read volumes about workgroups, workstations and browse lists in other books before finding this concise line (and many more like it) in a book by Mark Minasi. There is nothing for the reader to ponder or second-guess with such a line - it is short and to the point. As is, I didn't find a similar style in this book, nor did I find much information that isn't already freely available on the internet.

Perfect Introduction to LDAP5
Suppose you were an administrator who is asked to run an LDAP-Server, but the only thing you know about LDAP is, that it is a fashionable IT-buzzword. Then this book is for you! If your task is to create a directory infrastructure for a whole company or organization, "LDAP Directories Explained" could be a perfect first read, but after it you will want to turn to a more comprehensive book. This book also does not claim to contain installation guides for any specific LDAP server implementation (though it has some links on this topic in one of its appendixes).

"LDAP Directories Explained" is well organized, specialized terms are being defined before they are used, there are no obvious typos and no useless digressions. Brian Arkills does a perfect job to make you understand the basic concepts of LDAP. He also makes you feel, that the LDIF-syntax which looks so deterring and obscure at the first look is in fact quite simple and he teaches you how to query an LDAP server. This is exactly the knowledge that is sufficent for 90% of the IT staff concerned with LDAP. Brain Arkill conveys it on only 200 pages. In the second half of the book he assesses three major LDAP-implementations: OpenLDAP, Microsoft Active Directory and Netscape Directory Server. We use neither of these, but the book was invaluable to me though.

I remember from my last job that the basic concepts of LDAP never were adequately explained in the Microsoft curricula, so I can also heartily recommend this book to Windows sysadmins.