LDAP and Directory Service Enumeration

The Lightweight Directory Access Protocol (LDAP) is used to interact with and organize databases. LDAP is very widely used due to the fact that it is an open standard that is used by a number of vendors in their own products—in many cases a directory service like Microsoft’s Active Directory.

A directory is a database, but the data is organized in a hierarchical or logical format. Another way of looking at this design is to think of the organization of data much like the files and folders on a hard drive. To make this data easier and more efficient to access, you can use DNS alongside the service to speed up queries.

Directory services that make use of LDAP include:
■ Active Directory
■ Novell eDirectory
■ OpenLDAP
■ Open Directory
■ Oracle iPlanet

Tools that allow for the enumeration of LDAP-enabled systems and services include the following:
■ JXplorer
■ LDAP Admin Tool
■ LDAP Account Manager
■ LEX (The LDAP Explorer)
■ Active Directory Explorer
■ LDAP Administration Tool
■ LDAP Search
■ Active Directory Domain Services Management Pack
■ LDAP Browser/Editor