Understanding LDAP Design and Implementation

Understanding LDAP Design and Implementation

Front cover Understanding LDAP Design and Implementation LDAP concepts and architecture Designing and maintaining LDAP Step-by-step approach for directory Steven Tuttle Ami Ehlenberger Ramakrishna Gorthi Jay Leiserson Richard Macbeth Nathan Owen Sunil Ranahandola Michael Storrs Chunhui Yang ibm.com/redbooks International Technical Support Organization Understanding LDAP Design and Implementation June 2004 SG24-4986-01 Note: Before using this information and the product it supports, read the information in “Notices” on page xv. Second Edition (June 2004) This edition applies to Version 5, Release 2 of IBM Tivoli Directory Server. © Copyright International Business Machines Corporation 1998, 2004. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . xv Trademarks . xvi Preface . xvii The team that wrote this redbook. xvii Become a published author . xix Comments welcome. xx Summary of changes . xxi June 2004, Second Edition . xxi Part 1. Directories and LDAP . 1 Chapter 1. Introduction to LDAP . 3 1.1 Directories . 5 1.1.1 Directory versus database . 5 1.1.2 LDAP: Protocol or directory. 7 1.1.3 Directory clients and servers. 8 1.1.4 Distributed directories . 9 1.2 Advantages of using a directory . 10 1.3 LDAP history and standards . 12 1.3.1 OSI and the Internet . 12 1.3.2 X.500 the Directory Server Standard . 13 1.3.3 Lightweight Access to X.500 . 14 1.3.4 Beyond LDAPv3 . 15 1.4 Directory components . 16 1.5 LDAP standards . 20 1.6 IBM’s Directory-enabled offerings . 21 1.7 Directory resources on the Web . 23 Chapter 2. LDAP concepts and architecture. 27 2.1 Overview of LDAP architecture . 28 2.2 The informational model . 32 2.2.1 LDIF . 35 2.2.2 LDAP schema . 37 2.3 The naming model. 42 2.3.1 LDAP distinguished name syntax (DNs) . 43 2.3.2 String form. 46 2.3.3 URL form. 47 © Copyright IBM Corp. 1998, 2004. All rights reserved. iii 2.4 Functional model . 47 2.4.1 Query . 48 2.4.2 Referrals and continuation references . 49 2.4.3 Search filter syntax . 50 2.4.4 Compare . 51 2.4.5 Update operations. 51 2.4.6 Authentication operations . 52 2.4.7 Controls and extended operations . 52 2.5 Security model. 53 2.6 Directory security. 53 2.6.1 No authentication . 54 2.6.2 Basic authentication . 54 2.6.3 SASL . 55 2.6.4 SSL and TLS. 55 Chapter 3. Planning your directory . 57 3.1 Defining the directory content . 60 3.1.1 Defining directory requirements . 60 3.2 Data design . 60 3.2.1 Sources for data . 61 3.2.2 Characteristics of data elements. 62 3.2.3 Related data . 62 3.3 Organizing your directory . 63 3.3.1 Schema design . 63 3.3.2 Namespace design . 64 3.3.3 Naming style . 67 3.4 Securing directory entries . 68 3.4.1 Purpose. 68 3.4.2 Analysis of security requirements . 68 3.4.3 Design overview . 68 3.4.4 Authentication design . 69 3.4.5 Authorization design . 70 3.4.6 Non-directory security considerations . 71 3.5 Designing your server and network infrastructure. 72 3.5.1 Availability, scalability, and manageability requirements . 72 3.5.2 Topology design . 73 3.5.3 Replication design. 75 3.5.4 Administration . 79 Part 2. IBM Tivoli Directory Server overview and installation . 81 Chapter 4. IBM Tivoli Directory Server overview . 83 4.1 Definition of ITDS . 84 4.2 ITDS 5.2 . 87 iv Understanding LDAP Design and Implementation 4.3 Resources on ITDS . 92 4.4 Summary of ITDS-related chapters. 92 Chapter 5. ITDS installation and basic configuration - Windows . 95 5.1 Installable components . 97 5.2 Installation and configuration checklist . 98 5.3 System and software requirements. 99 5.3.1 ITDS Client . 99 5.3.2 ITDS Server (including client) . 100 5.3.3 Web Administration Tool . ..

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    774 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us