Manualshelf

Datasheet

ManualsBrandsNovell ManualsSoftware00662644465449-OEM
501502503504505506507508509510
“main” (Installation and Administration) 2004/6/25 13:29 page 478 #504
i
i
i
i
i
i
i
i
LDAP, meanwhile, has evolved and is increasingly employed as a stand-
alone solution without X.500 support. LDAP supports referrals with
LDAPv3 (the protocol version in package openldap2), making it possible
to realize distributed databases. The usage of SASL (simple authentication
and security layer) is also new.
LDAP is not limited to querying data from X.500 servers, as it was origi-
nally planned. There is an open source server slapd, which can store object
information in a local database. There is also an extension called slurpd,
which is responsible for replicating multiple LDAP servers.
The openldap2 package consists of:
slapd A stand-alone LDAPv3 server that administers object information
in a BerkeleyDB-based database.
slurpd This program enables the replication of modifications to data on
the local LDAP server to other LDAP servers installed on the net-
work.
additional tools for system maintenance
slapcat, slapadd, slapindex
21.8.1 LDAP versus NIS
The Unix system administrator traditionally uses the NIS service for name
resolution and data distribution in a network. The configuration data con-
tained in the files in /etc/ and the directories group/, hosts/, mail/,
netgroup/, networks/, passwd/, printcap/, protocols/, rpc/,
and services/ are distributed by clients all over the network. These files
can be maintained without major effort because they are simple text files.
The handling of larger amounts of data, however, becomes increasingly
difficult due to nonexistent structuring. NIS is only designed for Unix plat-
forms, which makes its employment as a central data administrator in a
heterogeneous network impossible.
Unlike NIS, the LDAP service is not restricted to pure Unix networks. Win-
dows servers (from 2000) support LDAP as a directory service. Novell also
offers an LDAP service. Application tasks mentioned above are addition-
ally supported in non-Unix systems.
478 21.8. LDAP — A Directory Service