LDAP : Basic of Open LDAP: Introduction to LDAP

What is LDAP?

LDAP stands for Lightweight Directory Access Protocol. As the name suggests, it is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services. LDAP runs over TCP/IP or other connection oriented transfer services.

X.500 is a model for Directory Services in the OSI concept. It contains namespace definitions and the protocols for querying and updating the directory. However, X.500 has been found to be overkill in many situations. Enter LDAP. Like X.500 it provides a data/namespace model for the directory and a protocol. However, LDAP is designed to run directly over the TCP/IP stack.

In plain and simple terms, its a database whereby it has all the details of all of organizations, individuals, and other resources such as files and devices in a network, whether on the Internet or on corporate intranet and whether or not you know the domain name, IP address, or geographic whereabouts. An LDAP directory can be distributed among many servers on a network, then replicated and synchronized regularly. An LDAP server is also known as a Directory System Agent (DSA). Its a not a relational database. Outlook and other email programs uses LDAP to search for a recipient in an organization.

Why its a directory?

A directory is similar to a database, but tends to contain more descriptive, attribute-based information. The information in a directory is generally read much more often than it is written. Directories are tuned to give quick-response to high-volume lookup or search operations. They may have the ability to replicate information widely in order to increase availability and reliability, while reducing response time.

A directory is a specialized database designed for frequent queries but infrequent updates. Unlike general databases they don’t contain transaction support or roll-back functionality. Directories are easily replicated to increase availability and reliability. When directories are replicated, temporary inconsistencies are allowed as long as they get synchronized eventually.

Information is structured

All information inside a directory is structured hierarchically. Even more, if you want to enter data inside a directory, the directory must know how to store this data inside a tree. Lets take a look at a fictional company and an Internet-like tree.

To name nodes, LDAP uses a naming scheme. Most LDAP distributions (including OpenLDAP) already contain quite a number of predefined (and general approved) schemas, such as the inetOrgPerson, or a frequently used schema to define users which Unix/Linux boxes can use, called posixAccount. Note there are GUI web based tools to make managing LDAP painless.


The main benefit of using LDAP is that information for an entire organization can be consolidated into a central repository.

For example, rather than managing user lists for each group within an organization, LDAP can be used as a central directory accessible from anywhere on the network. And because LDAP supports Secure Sockets Layer (SSL) and Transport Layer Security (TLS), sensitive data can be protected from prying eyes.

LDAP also supports a number of back-end databases in which to store directories. This allows administrators the flexibility to deploy the database best suited for the type of information the server is to disseminate. Because LDAP also has a well-defined client Application Programming Interface (API), the number of LDAP-enabled applications are numerous and increasing in quantity and quality.

  • LDAP is an open standard: 
  • LDAP is a network protocol.

  • LDAP is ubiquitous.

  • Directory databases include accounts.

  • LDAP data is object-oriented and encourages heavy reuse.

  • LDAP servers are small, simple, and easy to maintain.

  • LDAP is optimized for rapid search and retrieval.

  • LDAP databases can be massive and secure.

  • LDAP enables the internationalization of data.


Why LDAP is called lightweight?

LDAP is called lightweight because it is a smaller and easier protocol which was derived from the X.500 DAP (Directory Access Protocol) defined in the OSI network protocol stack.

Is there Graphical editors for LDAP ?

Yes, There are many GUI based tool for LDAP.

Some of them are :

–  GQ
– Java LDAP Browser/Editor
– Softerra LDAP Browser

For step by step LDAP installation and configuration Click here 


Satya Prakash

VOIP Expert: More than 8 years of experience in Asterisk Development and Call Center operation Management. Unique Combination of Skill Set as IT, Analytics and operation management.

30 thoughts on “LDAP : Basic of Open LDAP: Introduction to LDAP

  • Pingback: Open LDAP step by step installation and configuration | Eduguru - Good Blogging

  • March 7, 2015 at 8:27 pm

    I have been previously browsing on-line greater than 3 hours currently, however Irrrve never discovered any kind of exciting article including your own house. It can be lovely well worth sufficient for me personally PrimeBlog.us. In my view, in the event all web owners and blog owners designed good articles when you did, websites will most likely be additional useful than before.

  • March 7, 2015 at 11:04 pm

    That may be pretty intriguing, You happen to be an excessively qualified doodlekit. We have became a member of your own rss and crunch to get looking for added of your respective amazing article.. website hosting As well, I’ve distributed your internet-site within my social networks

  • March 10, 2015 at 9:31 pm

    They are just the same as normal sit ups, except the primary concentration is on the oblique muscles, often known as adore handles.
    So I recommend that you simply begin with walking and jogging
    in the beginning, combined with easy ab workouts, including sit-ups.

    I’ve see the truth about abs book and I’m going to share together with you 6 lessons I’ve
    learned from reading the ebook so which you may have a better thought of getting flat abs.

  • March 16, 2015 at 8:32 pm

    When I originally commented I appear to have clicked on the
    -Notify me when new comments are added- checkbox and from now on every time
    a comment is added I receive 4 emails with the exact same
    comment. There has to be a means you are able to remove me
    from that service? Kudos!

  • March 17, 2015 at 1:45 pm

    This is the right website for anybody who really wants
    to find out about this topic. You know a whole lot its almost tough to argue with you (not that
    I really would want to…HaHa). You certainly put a new spin on a topic that’s been written about for many years.
    Excellent stuff, just great!

  • March 17, 2015 at 1:56 pm

    I simply couldn’t depart your website before suggesting that I really enjoyed the standard info an individual provide to your guests?
    Is gonna be back incessantly to check out new posts

  • March 17, 2015 at 6:16 pm

    Thank you a lot for sharing this with all of us you really realize what you’re talking about!
    Bookmarked. Please also consult with my web site =).
    We can have a link alternate agreement among us

  • March 18, 2015 at 2:50 am

    Hello there, You’ve done a great job. I’ll definitely digg it and personally suggest to my friends.
    I’m confident they’ll be benefited from this website.

  • March 18, 2015 at 12:17 pm

    Pretty great post. I just stumbled upon your
    blog and wanted to mention that I’ve truly enjoyed surfing around your weblog
    posts. In any case I will be subscribing on your feed and I hope you
    write once more very soon!

  • March 18, 2015 at 6:04 pm

    I know this if off topic but I’m looking into starting my own weblog and was wondering what
    all is needed to get setup? I’m assuming having a blog like yours would cost a pretty penny?

    I’m not very web savvy so I’m not 100% certain. Any suggestions or advice would be greatly appreciated.

  • March 18, 2015 at 7:22 pm

    I’d like to thank you for the efforts you’ve put in writing this website.

    I am hoping to view the same high-grade blog posts by you later on as well.
    In fact, your creative writing abilities has encouraged me to get my very own site now 😉

  • March 18, 2015 at 9:56 pm

    Nice blog! Is your theme custom made or did you download it from somewhere?
    A design like yours with a few simple tweeks would really make my blog shine.
    Please let me know where you got your design. Kudos

  • March 18, 2015 at 11:21 pm

    It’s appropriate time to make some plans for the future and it’s time to be happy.
    I have read this post and if I could I want to suggest you some interesting things or suggestions.

    Maybe you could write next articles referring to this article.
    I want to read even more things about it!

  • March 19, 2015 at 9:28 am

    Hello! I could have sworn I’ve been to this web site before
    but after browsing through many of the articles I realized it’s
    new to me. Regardless, I’m definitely delighted I discovered it and I’ll be bookmarking it and checking back frequently!

  • March 19, 2015 at 2:10 pm

    Appreciating the commitment you put into your site and detailed information you present.

    It’s good to come across a blog every once in a while that isn’t the same unwanted rehashed information. Fantastic
    read! I’ve bookmarked your site and I’m including your RSS feeds to my Google

  • March 23, 2015 at 9:35 am

    Pretty element of content. I just stumbled upon your website and in accession capital
    to say that I acquire in fact enjoyed account your blog posts.
    Any way I’ll be subscribing to your feeds or
    even I achievement you get entry to persistently quickly.

Leave a Reply