What is LDAP?

LDAP is in essence a distributed database. Some of the things you can use it for are: It is clear that LDAP is going to be a very important technology, especially since it is being supported by some of the Big Players. It will be key in building and managing large enterprise networks and integrating systems from different vendors.

However, LDAP is complicated. Partly this derives from its X500 heritage, and partly because it is so flexible: its database structure is table-driven and can be extended at will.

Some of the nice features of LDAP

So why another document about LDAP?

In trying to learn about LDAP, I looked at some of the introductory material on the web. This was fine as far as it went - such as explaining Distinguished Names - but was woefully short on practical information about how to use LDAP in a real world situation. The technical documentation (the RFCs) is very unapproachable, and this is not helped by references to ITU documents which are not RFCs!

As a result, I have had to "reverse engineer" my knowledge by installing packages and playing with them. This document outlines what I have learned in the hope that it will be helpful to others.

This document also acts as my "notepad" of useful commands and things I have discovered. Hence you may find random lines of shell script and the suchlike dotted around. Those bits are here so I don't have to keep working them out from scratch.

Links to other LDAP documentation