| X.500 specifies that communication between the directory client and the directory server uses the directory access protocol (DAP). However, as an application layer protocol, the DAP requires the entire OSI protocol stack to operate. Supporting the OSI protocol stack require more resources than are available in many small environments. Therefore, LDAP was desired to use TCP/IP protocol stack, and was the standard in Internet in fact. Now LDAPv2 has became the draft standard and been supported by most factory. LDAPv3 has prompted to extend security and international. LDAP is not database but can be seen as a simple database for it has ignore many functions that database supported. The information model describes the structure of information stored in an LDAP directory. Naming model describes how information in an LDAP directory is organized and identified. Function model describes what operations can be performed on the information stored in an LDAP directory. The security model describes how the information in an LDAP directory can be protected from unauthorized access. Many organizations have implemented the LDAP and developed their products such as Netscape's Directory Server, Sun's iPlanet Server and the free software OpenLDAP.'OpenLDAP was based on LDAPv2 and now can support many LDAPv3 extensions cooperated with other free software such as OpenSSL, Berkeley DB and Cyrus. Now OpenLDAP provides LDAP and LDAPs protocol, many authentications as anonymous, simple authentication and SASL authentication.This article researches the LDAP itself and put the main effort on the security of accessing the LDAP server. Unfortunately, OpenLDAP noly provides command line tools to manage directory server, we can uses cross-platform tools, JAVA, to develop a GUI based tools. |
PDF Full Text Request