KPI Partners Blog

Directory Services - Introduction to LDAP

Posted by KPI Partners News Team on Thu, Apr 12, 2012 @ 09:37 AM

Don't let the name fool you. Lightweight Directory Access Protocol (LDAP) is no lightweight.

To see why, and what it does for you, take the name backwards.

"Protocol" is a word borrowed by computer programmers from the geopolitical world. In international relations, a protocol is a rule which guides how an activity should be performed, sometimes called etiquette. Protocol recognizes the equivalent status of people from different governments and cultures, and spells out how they will deal with each other in correspondence and in personal meetings.

In the communications world, a protocol determines how messages are handled between different computer systems. The Internet links widely varied computer hardware types, operating systems and software, and the communications protocols make it possible for all of them to send each other packets of data.

Like the geopolitical protocol, the communications protocol not only transmits messages but it authenticates the users, detects errors and sometimes corrects errors. When the guy setting up your network and Internet connections mentions ‚"TCP" or "TCP/IP" he's talking about the suite of protocols that are the Internet.

"Directory Access‚" means the LDAP is a protocol that sifts through computer directories.

We often explain how computers work by drawing parallels to a library and how it keep track of books in physical or on-line card files, but computers don't really work that way. You have your documesnts organized into files on your computer, but those file icons and documents are only presentations of data in a way that's convenient to you. The data itself is not stored in discrete units like books in a library.

When you call up and long spreadsheet on your laptop, it may be fetching pieces of that document from several places on the computer disk. Imagine all the pages of all the books in the library stored in a giant bin, and the librarian only finds and assembles them into the pages of "The Complete Works of William Shakespeare" as you're ready to read them.

The computer stores data and it links the data together. This gets more complicated when you go beyond the information on your personal "Contacts" list. When you go looking for all the information you need from a large organization‚'s files of all its employees and activities, you need to use a Directory Access Protocol (DAP) to communication among all the different platforms involved.

An early attempt to unify all these DAPs was developed by the telecommunications industry and called X.500. It was so large and complex that it could not be used on personal computers and across Internet connections, so in the 1990s a team invented the "lightweight"version we can all use.

The LDAP links a "client", which is your e-mail program or web browser, to a server computer that holds the data on the Internet. The LDAP governs who has access to what information, and validates the client's identity.

This has created a whole new world of capabilities, especially as it relates to "business intelligence". When a manager in a large organization wants to know which employees have drivers licenses, or which have commercial licenses with passenger endorsements, they can seek out the right links among the data with sophisticated software tools that create and present the answers.

Business intelligence is exploding in importance today because more and more large organizations are moving data and software from their individual computers onto cloud-based centralized computer services.

The LDAP is now a standard for this work, and the heavyweight X.500 is down for the count.



Tags: Blog

Subscribe to the KPI Blog