LDAP: Difference between revisions
| (9 intermediate revisions by the same user not shown) | |||
| Line 21: | Line 21: | ||
== References == | == References == | ||
{|- | |||
| valign="top" | | |||
* [https://www.youtube.com/watch?v=Ot7nkkq9kpQ Configure Linux Clients for LDAP Authentication] | |||
* [https://www.youtube.com/watch?v=42tFcFFkk-w OpenLDAP Server Configuration on CentOS 7] | |||
* [https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol Lightweight Directory Access Protocol] | |||
* [http://www-eu.apache.org/dist/directory/ Download Apache Directory Studio] | |||
* [https://stackoverflow.com/questions/10483032/ Spring LDAP Embedded Server] | |||
* [https://github.com/osixia/docker-openldap/blob/stable/Makefile Docker OpenLDAP Makefile] | |||
* [https://docs.oracle.com/cd/A97630_01/network.920/a96579/comtools.htm LDAP Command-Line Tools] | |||
* [http://directory.apache.org/studio/ Apache Directory Studio] | |||
* [https://github.com/dinkel/docker-openldap Docker OpenLDAP] | |||
* [http://phpldapadmin.sourceforge.net/wiki/index.php/Main_Page phpLDAPadmin] | * [http://phpldapadmin.sourceforge.net/wiki/index.php/Main_Page phpLDAPadmin] | ||
* [https:// | |||
* [ | | valign="top" | | ||
* [https:// | * [https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-openldap-and-phpldapadmin-on-ubuntu-16-04 Install and Configure OpenLDAP & phpLDAPadmin] | ||
* [ | * [https://github.com/spring-projects/spring-ldap/issues/423 Generalized Date as String to ZonedDateTime] | ||
* [https:// | * [[Build Kerberos Docker Image from Ubuntu]] | ||
* [https:// | * [[Build LDAP Docker Image from Ubuntu]] | ||
* [https://www. | * [https://stackoverflow.com/questions/28566250/ Convert Calendar Date to LDAP Date] | ||
* [https:// | * [https://stackoverflow.com/questions/45260380/ Spring Security Ldap authentication] | ||
* [https://spring.io/guides/gs/authenticating-ldap/ Authenticating a User with LDAP] | |||
* [https://gist.github.com/mahirrudin/9b7754e54f1e8e532049484864beba42 OpenLDAP with MySQL Backend] | |||
* [https://www.baeldung.com/spring-data-ldap Guide to Spring Data LDAP] | |||
* [https://docs.spring.io/spring-ldap/docs/current/reference/ Spring LDAP Reference] | |||
|} | |||
Latest revision as of 23:37, 3 September 2022
The Lightweight Directory Access Protocol (LDAP; /ˈɛldæp/) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about users, systems, networks, services, and applications throughout the network. As examples, directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory. Similarly, a telephone directory is a list of subscribers with an address and a phone number.
Overview
A client starts an LDAP session by connecting to an LDAP server, called a Directory System Agent (DSA), by default on TCP and UDP port 389, or on port 636 for LDAPS (LDAP over SSL, see below). The client then sends an operation request to the server, and the server sends responses in return. With some exceptions, the client does not need to wait for a response before sending the next request, and the server may send the responses in any order. All information is transmitted using Basic Encoding Rules (BER).
The client may request the following operations:
- StartTLS — use the LDAPv3 Transport Layer Security (TLS) extension for a secure connection
- Bind — authenticate and specify LDAP protocol version
- Search — search for and/or retrieve directory entries
- Compare — test if a named entry contains a given attribute value
- Add a new entry
- Delete an entry
- Modify an entry
- Modify Distinguished Name (DN) — move or rename an entry
- Abandon — abort a previous request
- Extended Operation — generic operation used to define other operations
- Unbind — close the connection (not the inverse of Bind)
In addition the server may send "Unsolicited Notifications" that are not responses to any request, e.g. before the connection is timed out.