- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Secure use of LDAP for Naming Services with Solaris
- Abstract
- LDAP is a protocol for communications between LDAP servers and LDAP clients. LDAP servers store data in hierarchical "directories" (databases) which are accessed by LDAP clients. LDAP is lightweight because it is a smaller and easier to use protocol, derived from the X.500 Directory Access Protocol (DAP), defined in the OSI network protocol stack (Tech-Faq, 2006). LDAP is frequently being used as a replacement for older naming services like NIS and NIS+ due to some of the limitations of those products (Frisch, 2002). While LDAP can be a good replacement, it is important to understand how it works and configure it to avoid security vulnerabilities and minimize performance problems. LDAP is a protocol for communications between LDAP servers and LDAP clients. LDAP servers store data in hierarchical "directories" (databases) which are accessed by LDAP clients. LDAP is lightweight because it is a smaller and easier to use protocol, derived from the X.500 Directory Access Protocol (DAP), defined in the OSI network protocol stack (Tech-Faq, 2006). LDAP is frequently being used as a replacement for older naming services like NIS and NIS+ due to some of the limitations of those products (Frisch, 2002). While LDAP can be a good replacement, it is important to understand how it works and configure it to avoid security vulnerabilities and minimize performance problems.