Navigation: v1.2 Build 7992 |
Release Notes |
Install |
Upgrade |
Administration |
Reference |
API |
Glossary |
Archive
LDAP stands for Lightweight Directory Access Protocol. It's a kind of database language that is optimised for handling information look-ups, ideal for an organisational address book, or in this case an authentication directory that controls user access to an organisation's systems, such as SVN repositories.
Lightweight, you say? To the uninitiated, LDAP looks a bit involved, and some question whether it could be described as lightweight. But, compared to its predecessor, X.500, LDAP is in fact much more lightweight. X.500 doesn't use the Internet standard TCP/IP protocol, has very convoluted naming conventions, and requires a lot of resources to implement. LDAP keeps most of X.500's good stuff, but is simpler to setup and use.
LDAP arranges information in the form of a hierarchical tree, made up of entries which are themselves made up of a number of attributes. At the top of the tree are the top level entries such as organisation, country or company with lower level entries dealing with people, products or systems etc. Some LDAP directories use the Internet domain naming system for their arrangement which allows for directory services to be located using the DNS.
LDAP example
The above illustration shows a simple directory for 'thecompany'. Entries are identified using globally-unique Distinguished Name (DN), which allows each entry to be referenced without fear of duplication or ambiguity. The DN of an entry is formed by taking the name of the entry, called the Relative Distinguished Name (RDN) and concatenating the names of the entries that sit above it on the directory tree.
example Chell Glidewell's LDAP entry has an RDN of uid=cglidewell The DN is uid=cglidewell,ou=People,dc=thecompany,dc=com.
Each of the entry's attributes has a type and one or more values. The types are typically mnemonic strings, like "cn" for common name, or "mail" for email address. Different attributes use different syntax. For example, a cn attribute might contain the value Chell Glidewell. A telephoneNumber attribute might contain the value "+1 299 299 8911".
LDAP lets you control which attributes are required for an entry, using a special attribute called objectClass. The values of objectClass determind the schema rule for the entry.
Copyright © 2010-2013 WANdisco plc.
All Rights Reserved
This product is protected by copyright and distributed under
licenses restricting copying, distribution and decompilation.
SVN MultiSite Plus
Last doc build: 17:59am - Tuesday 15th January 2014