What is LDAP? First LDAP is a lightweight product (lightweight), is a directory (D), Access Protocol (Access Protocol).
I would like to emphasize that LDAP is a database, but not a database. Said he was a database, because he was a data store thing. But said he is not a database, because his role is not so powerful database, but a directory.
To understand, give an example is the phone book (Yellow Pages). The purpose of our phone book is to find a phone number for a company, which is accompanied by some basic information about the company, such as address, business scope, contact details, etc.
In fact, this example is a manifestation of LDAP in real life. The structure of the phone book is a piece of information, the information is classified according to industry and analogy. Each record is divided into a number of areas, which cover the information we want. This is a directory. A tree-like structure in which each leaf is recorded by a section of a piece. LDAP is such a thing.
Conceptually, LDAP is divided into DN, OUs, and so on. An OU is a tree, and a DN can be understood as a leaf, and a leaf can have a smaller leaf. But the largest tiering of LDAP is based on IBM's 4-tier documentation.
Or the example above, the phone book is maintained by the telephone company, so it is written by them to write, to organize. Finished, organized, finished, write later, the number of organizations is limited. And its role is to find. LDAP is similar, not intended to write, mainly to find. This answers a comrade to ask, someone wants to write someone to read the concurrency how to solve the problem. The purpose of LDAP is not designed for this, if you have such a need, the solution should be a database, not LDAP. This is another example of access and SQL Server. Access is a database product, but it is primarily for the home, with weaker functionality and performance. SQL Server is a professional database system, powerful. LDAP is a lightweight product, the main purpose is to check, so the architecture and optimization are primarily for reading, not writing. But it is not that LDAP is not satisfied, but that strength is not here.
LDAP as a unified authentication solution, the main advantage is to be able to quickly respond to the user's search requirements. such as user authentication, this may have a lot of concurrency. If you use a database to achieve, because the database structure into each table, to meet the very simple requirements of authentication, each need to search the database, synthetic filtration, inefficient and no benefit. Although there can be cache, but still a bit wasteful. LDAP is a table that requires only a username and password, plus something else, very simple. The need for certification can be met both in terms of efficiency and structure. That's why LDAP is the advantage of today's unified, certified solution.
Of course, LDAP also has data written on the pretext that can meet the requirements of input. There's not much to say here.
I think the largest LDAP Server now, should still be Microsoft AD. Although not necessarily standard, it is indeed the most used LDAP Server. Every company that uses a domain is sure to use it.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.