ABSTRACT
Lightweight Directory Access Protocol (LDAP), the lightweight counterpart of the X.500 DAP, was first used as a front-end process to access X.500 via a gateway. If LDAP is to function as a well-behaved repository, it must have rules specifying how information is to be stored. The collection of these rules is called a “schema,” and the schema information is kept in the configuration files. The information model describes the basic units that LDAP uses to store information. The naming model describes the structure of the directory. The entries are accessed via an index called “distinguished name”. The functional model defines the functions that LDAP offers to help in accessing, maintaining, and managing the directory. There are functions that make it possible to search, compare, add, modify, and delete entries in the directory. The security model describes two processes: authentication and authorization. Authentication verifies the identity of the user before granting access to the system.
