LDAP: The first step to making SaaS practical

By: Jewel Hossain

LDAP, Lightweight Directory Access Protocol, is an Internet protocol that email and other programs use to look up information from a server.

Every email program has a personal address book, but how do you look up an address for someone who's never sent you email? How can an organization keep one centralized up-to-date phone book that everybody has access to?

That question led software companies such as Microsoft, IBM, Lotus, and Netscape to support a standard called LDAP. "LDAP-aware" client programs can ask LDAP servers to look up entries in a wide variety of ways. LDAP servers index all the data in their entries, and "filters" may be used to select just the person or group you want, and return just the information you want. For example, here's an LDAP search translated into plain English: "Search for all people located in Chicago whose name contains "Fred" that have an email address. Please return their full name, email, title, and description."

LDAP is not limited to contact information, or even information about people. LDAP is used to look up encryption certificates, pointers to printers and other services on a network, and provide "single signon" where one password for a user is shared between many services. LDAP is appropriate for any kind of directory-like information, where fast lookups and less-frequent updates are the norm.

As a protocol, LDAP does not define how programs work on either the client or server side. It defines the "language" used for client programs to talk to servers (and servers to servers, too). On the client side, a client may be an email program, a printer browser, or an address book. The server may speak only LDAP, or have other methods of sending and receiving data—LDAP may just be an add-on method.

If you have an email program (as opposed to web-based email), it probably supports LDAP. Most LDAP clients can only read from a server. Search abilities of clients (as seen in email programs) vary widely. A few can write or update information, but LDAP does not include security or encryption, so updates usually requre additional protection such as an encrypted SSL connection to the LDAP server.

LDAP also defines: Permissions, set by the administrator to allow only certain people to access the LDAP database, and optionally keep certain data private. Schema: a way to describe the format and attributes of data in the server. For example: a schema entered in an LDAP server might define a "groovyPerson" entry type, which has attributes of "instantMessageAddress", and "coffeeRoastPreference". The normal attributes of name, email address, etc., would be inherited from one of the standard schemas, which are rooted in X.500 (see below).

LDAP was designed at the University of Michigan to adapt a complex enterprise directory system (called X.500) to the modern Internet. X.500 is too complex to support on desktops and over the Internet, so LDAP was created to provide this service "for the rest of us."

LDAP servers exist at three levels: There are big public servers, large organizational servers at universities and corporations, and smaller LDAP servers for workgroups. Most public servers from around year 2000 have disappeared, although directory.verisign.com exists for looking up X.509 certificates. The idea of publicly listing your email address for the world to see, of course, has been crushed by spam.

While LDAP didn't bring us the worldwide email address book, it continues to be a popular standard for communicating record-based, directory-like data between programs.
Let’s start with the basics. LDAP is a single repository of user data that serves as your corporate directory. Most cloud connected services interface with LDAP, so you only have to go to one place to add, delete, or change the password of your users.
Similarly, a telephone directory is a list of subscribers with an address and a phone number.LDAP is specified in a series of Internet Engineering Task Force (IETF) Standard Track Request for Comments (RFCs), using the description language.
It’s been a long time since we used to go to the store when new software came out. When a new version of Microsoft Office or Lotus came out, people used to wait in line and hope that there was still a box on the shelf to take home. We have come a long way since then. Today software is hosted by the developer and accessed over the web. It makes life simpler for the user and eliminates those expensive one time perpetual licenses.
However, it can become a nightmare for the person in the small business that got stuck being the IT guy. When a business starts using more and more apps, every new employee needs to be created as a user in 10 different systems. Once your business is operational, users always forget the password they created for one application or another. From our experience nothing good can come of administering a hodge-podge of user accounts across different packages.
LDAP or LightweightDirectory Access Protocol is an ambiguous acronym that means company directory. While the basics of LDAP go as far back as the movie War Games, it has a new important role in the cloud. It is now a single user repository for all of your SaaS programs, your email system, Windows, and your data shares.
In practice, your IT company – or your de facto IT guy in the office – can go to one place to add and delete users for all of your different platforms as well as change passwords across the board. It saves countless hours of unnecessary duplication and triplication of steps to do simple things.
All development of future cloud capabilities start with an LDAP implementation. As we are still writing the history of the cloud revolution, written standards are hard to come by. However if you ask all of your software providers, they will all explain that they do interface with LDAP. In fact, LDAP is the single method chosen by Google. If you look in your Android account settings, you will find it there too.
Cloud Support is a cloud solution provider, and we have extensive experience putting this tool to work. Contact our team and let explain LDAP in more detail. If your company uses Google Apps, or any combination of web software, we can help make your life more manageable.

Server Migration, IT Project Management, Server Hosting, LDAP, SIP Asterisk VOIP, EC2 aws deployment management ami instance, EC2 AWS Support, EC2 AWS global network vpc vpn, AWS EC2 free tier help support, private cloud vpc virtual private support, dd-wrt support, vpn deployment support network,network hardware sales support provisioning,remote network on demand support small business smb, network IT support equipment asset management, remote monitoring network online computer workstation server support, remote network support data entry clerical lists merge help, workstation computer online on demand network support.

Article Directory: http://www.articletrunk.com

| More

Cloud Support www.cloudsupport.us.com 2360 Corporate Circle Suite 400 Henderson, NV 89074 [email protected]

Please Rate this Article


Not yet Rated

Click the XML Icon Above to Receive Software Articles Articles Via RSS!

Powered by Article Dashboard