Lightweight Directory Access protocol ( LDAP ) : Basic layman style introduction

LDAP – Lightweight Directory Access Protocol


 Think of it as a Tree… “Say Apple tree” . It has leaves , Apple etc..,

Apple has property like Cover, color, seeds etc.

Similarly, Leave has properties like It’s Green , It’s soft etc….

Let’s look closely @ Apple,

We can view Apple as “class” in java and it’s occurrence in the tree as instances of Apple Object…. –> In LDAP, it’s exactly same, Apple is ObjectClass and Instances of it on tree are called Objects or. entries.

Properties of Apple ..Color , Cover , Seeds are property that defines Apple… in LDAP , These can be viewed as attribute that defined the  Objectclass “Apple”.

Similarly you can think of other entries on Apple Tree ..i.e. Leaves , stem etc.

 Now, coming back to LDAP, LDAP is a Database which holds data like any other database, but in Hierarchically fashion and are defined by Objectclasses.

The data/objects could be user , Computer, Server, Customer and everything that needs to be represented as data.

Ex: One of the popular used object class is “user” in Active Directory.

     If you look into the schema, it is defined as an object class which must hold attributes like “CN (common Name)” and SN (surname) . It may additionally hold attribute like UID, UserPassword,photo , member (group membership) , title, Supervisor, etc.

Schema , which defines ldapSyntax, Attribute, Objectlass and extensions , are key which defines the data that is stored in an LDAP Server along with access capabilities. We’ll take deep dive into them later.

Below is Sample LDIF file to create a user in LDAP.


dn: cn=user1,cn=users,dc=domainname,dc=com

change type: Add

Objectclass: inetOrgperson

sn: user1

userpassword: password

uid: user1