Talk With an Expert

Secure use of LDAP for Naming Services with Solaris

Secure use of LDAP for Naming Services with Solaris (PDF, 2.41MB)Published: 15 Mar, 2007
Created by
Raymond Scott

LDAP is a protocol for communications between LDAP servers and LDAP clients. LDAP servers store data in hierarchical 'directories' (databases) which are accessed by LDAP clients. LDAP is lightweight because it is a smaller and easier to use protocol derived from the X.500 Directory Access Protocol (DAP) defined in the OSI network protocol stack (Tech-Faq 2006). LDAP is frequently being used as a replacement for older naming services like NIS and NIS+ due to some of the limitations of those products (Frisch 2002). While LDAP can be a good replacement it is important to understand how it works and configure it to avoid security vulnerabilities and minimize performance problems. LDAP is a protocol for communications between LDAP servers and LDAP clients. LDAP servers store data in hierarchical 'directories' (databases) which are accessed by LDAP clients. LDAP is lightweight because it is a smaller and easier to use protocol derived from the X.500 Directory Access Protocol (DAP) defined in the OSI network protocol stack (Tech-Faq 2006). LDAP is frequently being used as a replacement for older naming services like NIS and NIS+ due to some of the limitations of those products (Frisch 2002). While LDAP can be a good replacement it is important to understand how it works and configure it to avoid security vulnerabilities and minimize performance problems.