File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes EJB and other Java EE Technologies and the fly likes LDAP & Active Directory Explained (please) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of JavaScript Promises Essentials this week in the JavaScript forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "LDAP & Active Directory Explained (please)" Watch "LDAP & Active Directory Explained (please)" New topic
Author

LDAP & Active Directory Explained (please)

Garry Garrson
Greenhorn

Joined: Nov 24, 2004
Posts: 5
Hi all,

I have a few simple questions I am hoping someone can assist with. I am going to take a stab at my questions so as to help direct your answers if that makes any sense.


1.) What is Active Directory (is active directory the repository for user name, PWD other confidential information like access rights and what groups this user belongs to ?)if so why not just keep the information in a regaulr DB, with a common (web services)was of sharing the authentication data?

2.) What is LDAP (is L D A P - a standard if so, for what?)

3.) How do they relate to each other ?


If someone could help me understand these concepts (for the purpose of a single user sign on to more than one application from differnt vendors better I would much appreciate it.

Thanks,

Gary
Frank Pernio
Greenhorn

Joined: Dec 02, 2004
Posts: 2
Microsoft's hierarchical Directory Service that is part of Windows 2000 architecture designed to centralize and standardize the automation of user data, security, and distributed resources network management.

it uses Kerberos authentication, as well as allows policies in various groups to do all sorts of magic. Rights, scripts, softwares can all be managed thru AD. I think the real strong point of AD is not only its range of abilities for a whole network, but that its a secure and proven environment. And has been developed for yrs. DOes that help?

LDAP
Last modified: Thursday, March 04, 2004



Short for Lightweight Directory Access Protocol, a set of protocols for accessing information directories. LDAP is based on the standards contained within the X.500 standard, but is significantly simpler. And unlike X.500, LDAP supports TCP/IP, which is necessary for any type of Internet access. Because it's a simpler version of X.500, LDAP is sometimes called X.500-lite.

Although not yet widely implemented, LDAP should eventually make it possible for almost any application running on virtually any computer platform to obtain directory information, such as email addresses and public keys. Because LDAP is an open protocol, applications need not worry about the type of server hosting the directory.

http://groups.google.com/groups?selm=3e3176ee%240%24226%24cc9e4d1f%40news.dial.pipex.com

So i think its often used w Linux/unix Google on if you still want more hands on explanations
hope it helps

Originally posted by Garry Garrson:
Hi all,

I have a few simple questions I am hoping someone can assist with. I am going to take a stab at my questions so as to help direct your answers if that makes any sense.


1.) What is Active Directory (is active directory the repository for user name, PWD other confidential information like access rights and what groups this user belongs to ?)if so why not just keep the information in a regaulr DB, with a common (web services)was of sharing the authentication data?

2.) What is LDAP (is L D A P - a standard if so, for what?)

3.) How do they relate to each other ?


If someone could help me understand these concepts (for the purpose of a single user sign on to more than one application from differnt vendors better I would much appreciate it.

Thanks,

Gary
Stan James
(instanceof Sidekick)
Ranch Hand

Joined: Jan 29, 2003
Posts: 8791
There is a big overlap between what databases and LDAP could do. LDAP is especially good at cross-platform, high speed, high volume read-only access. It's often used for userid-password authentication and function authorization because of the speed advantages. Because it is language and platform agnostic it's nice in enterprise integration situations.

Data is more hierarchical than relational, it doesn't do SQL, it doesn't do heavy updates as well as a regular db engine.

For a while lots of people talked about it like magic - wave a little LDAP at a problem and it goes away. It's more like a database in many places - a technology option, not a solution.



A good question is never answered. It is not a bolt to be tightened into place but a seed to be planted and to bear more seed toward the hope of greening the landscape of the idea. John Ciardi
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: LDAP & Active Directory Explained (please)