Linux - EnterpriseThis forum is for all items relating to using Linux in the Enterprise.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Can someone in the enterprise explain to me (who has never worked in a large enterprise) what LDAP actually accomplishes and why its better anything else? According to wikipedia:
Quote:
An LDAP directory tree often reflects various political, geographic, and/or organizational boundaries, depending on the model chosen. LDAP deployments today tend to use Domain name system (DNS) names for structuring the topmost levels of the hierarchy. Deeper inside the directory might appear entries representing people, organizational units, printers, documents, groups of people or anything else that represents a given tree entry (or multiple entries).
Soo.... LDAP keeps track of phone numbers, contact info, corpate hierarchy info, and similar "stuff"? Wouldn't such data be better stored in (an extremely simple) database, flat text file with NIS, etc? Why are there 750 page books on LDAP 'programming'? Someone enlighten me.
LDAP is a world-wide directory system - or at least that was one of the original claims...
No one I know operates a public LDAP server, but corporations often have LDAP servers distributed across the globe and sharing information between different offices - well, sharing information that particular individuals may have rights to see that is. Don't expect to see the sales department's customer lists when you're in the "new kid" class.
A lot of time people tend to think of LDAP as a database. It is /not/ a database. It's a /protocol/ for accessing a database.
Linux comes with an openldap /database/ that you can install.
I make this distinction because I use ldap to access an active directory server and to access the openldap database.
Many identity management programs use ldap to communicate with a directory. For instance, when you login to your mortgage account, you give it a name + password. That name + password are then forwarded over to an identity management server. That server will then use ldap to connect to a Sun Directory server to verify the password. If the password is good, then it notifies the web server to allow you proceed and gives the web server information to put in a cookie for your browser so you don't have to type it in again as long as you stay on the web page.
Because there are many different types of back end databases, ldap is generally supported by those databases so that the database manufacturer doesn't have to write connectors for every single application that wants to access the database. If they make ldap available, then anyone with credentials can access and change data in the database.
Microsoft, Sun, Novell, and God knows who else all provide ldap connectivity.
Well said, i'm connecting my linux to a windoze domain, and one of the requirements in ldap to access the AD, and the other is Kerberos to authenticate.
Well said, i am connecting my linux box to my windoze domain, and one of the requirements is ldap to access AD and the other is Kerberos for authentication, and not to mention Tylenol also.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.