LDAP - PowerPoint PPT Presentation

1 / 23
About This Presentation
Title:

LDAP

Description:

... Win2000 Server with Active Directory, Lotus Notes email server and an Oracle ... g. email, security, white- & yellow-pages directories, collaborative tools, ... – PowerPoint PPT presentation

Number of Views:74
Avg rating:3.0/5.0
Slides: 24
Provided by: jonpo
Category:
Tags: ldap | directory

less

Transcript and Presenter's Notes

Title: LDAP


1
LDAP
  • Jon Porter
  • Joe Medlin

2
Columbus Tech Services Needs Lightweight
Directory Access Protocol (LDAP)
  • Since the acquisition of Central Ohio Tech
    Solutions, CTS now has two divisions, CTS East
    and CTS West. Though both divisions are similar
    in their directory structures an interface is
    needed between them. This is especially
    important between the mail servers as CTS East
    uses Lotus Notes and CTS West is a Microsoft
    Exchange shop.

3
LDAP will give CTS the ability to glue
together the different directory structures.
4
CTS Current Structure
  • CTS East currently has Win2000 Server with Active
    Directory, Lotus Notes email server and an Oracle
    Database on a UNIX platform.
  • CTS West currently has Win2000 Server, Microsoft
    Exchange and Oracle on a UNIX platform.

5
Current CTS Structure Diagram
6
What is Lightweight Directory Access Protocol?
  • A network protocol for accessing information in a
    directory, across platforms, that are vendor
    independent
  • LDAP can store and retrieve data from Win2000
    services such as DHCP and DNS and Email systems
    like Lotus Notes and Microsoft Exchange. (Wilkins
    2001)

7
  • LDAP is an extensible, vendor-independent,
    network protocol standard -- it supports
    hardware, software, and network heterogeneity
  • You can use general-purpose directory technology,
    such as LDAP, to glue together disparate facets
    of cyberspace, e.g. email, security, white-
    yellow-pages directories, collaborative tools,
    etc.

8
The LDAP standard defines
  • A network protocol for accessing information in
    the directory
  • An information model defining the form and
    character of the information
  • A namespace defining how information is
    referenced and organized

9
The LDAP standard also defines
  • An emerging distributed operation model defining
    how data may be distributed and referenced (v3)
  • Both the protocol itself and the information
    model are extensible

10
The LDAP directory can hold any type of data
  • Text
  • Photos
  • URLS
  • Binary
  • Public key certificates

11
Implement LDAP if 3 or more are true
  • The data is relatively static
  • The data needs to be distributed
  • The data be used by more than one application
  • The data multi-valued?
  • The data or application take advantage of a
    hierarchical relationship

12
  • You need flexible security options
  • You need single sign-on
  • You need distributed or delegated administration
    capabilities

13
Two Components of LDAP
  • Client to Server Allows communication with user
    installed applications to make contact with
    Win2000 servers with Active Directory installed
    and create retrieve, modify and delete records
    (Wilkins 2001)

14
Client to Server chart
15
  • Server to Server Allows Servers to share
    Contents of a directory tree and defines how they
    perform updates and replications among themselves
    (Wilkins 2001)

16
Server To Server chart
17
Data Retrieval with LDAP
  • Service Protocol Different applications request
    information or a user creates a query. The query
    is sent to a search engine which is mapped
    against an LDAP server. The LDAP server points
    to where the data is actually located (Wilkins
    2001)

18
  • Application Data Exchange Interface Software
    exchanges data with another. The relevant
    example for CTS is Notes can store data onto the
    LDAP server so that Microsoft Exchange can
    retrieve it. (Wilkins 2001)
  • System Service Protocol Operating systems can
    communicate between different components. Ex
    LDAP server can contain access rights of a user
    that are referenced by the Login system and by
    the File system. (Wilkins 2001)

19
Security
  • LDAP V3 Works with Kerberos security deployed in
    Win2000 as well as Secure Sockets Layer (SSL) and
    Transaction Layer Security (TLS).
  • Kerberos security is essential because it sets up
    two-way trusts between domains.

20
Kerberos Security
  • The advantage to Kerberos is that it allows the
    use of open networks by creating unique
    encryption keys between the domains in the LDAP
    environment.
  • Single Sign On with Kerberos provides simplicity
    for the user.

21
Solution Summary
  • We want shared email access between CTS East and
    CTS West for ease of administration. By
    implementing an LDAP server, we consolidate to
    one point of access between East and West to
    share the directory structure and data. The
    scalability of the LDAP solution allows CTS to
    move beyond the email solution to any platform we
    choose in the future.

22
LDAP Server
23
Sources
  • Administering Active Directory Mark Wilkins,
    McGraw-Hill, 2001
  • http//www.stanford.edu/hodges/talks/mactivity.ld
    ap.97/index2.html
  • http//networking.earthweb.com/netsp/article/0,,12
    090_1444871,00.html
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "LDAP" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!