LDAP Directories Explained: An Introduction and Analysis View Larger Image | Brian Arkills
Addison-Wesley, Paperback, Published February 2003, 405 pages, ISBN 020178792X | List Price: $54.99
Our Price: $34.50
You Save: $20.49 (37% Off)
| | | Availability: Out-Of-Stock |
Customer Reviews: 1 Average Customer Rating:   Write a Review and tell the world about this title! People who purchase this book frequently purchase: - LDAP System Administration; Gerald Carter, $23.95, 40% Off!
- Understanding and Deploying LDAP Directory Services; Tim Howes, et al, $50.50, 22% Off!
- Inside Active Directory: A System Administrator's Guide; Sakari Kouti, et al, $38.95, 36% Off!
- Active Directory, 3rd Edition; Robbie Allen, et al, $29.95, 40% Off!
Books on similar topics, in best-seller order:Books from the same publisher, in best-seller order:
Directory technology promises to solve the problem of decentralized information
that has arisen with the explosion of distributed computing. Lightweight Directory
Access Protocol (LDAP) is a set of protocols that has become the Internet standard
for accessing information directories. Until now, however, those curious about
LDAP had no introductory source to learn how the technology can help them centrally
manage information and reduce the cost of computing services.
LDAP Directories Explained provides technical managers and those
new to directory services with a fundamental introduction to LDAP. This concise
guide examines how the technology works and gives an overview of the most successful
directory products in an easy-to-reference format.
Key topics include:
- An overview of LDAP, including how directories differ from databases
- The LDAP namespace, with an overview of DNS, LDAP object structure, and
LDAP object naming
- Client LDAP operations, including directory-enabled services and applications,
searches, and the LDAP protocol
- LDAP schema, including object classes, attributes, syntaxes, matching rules,
and more
- Directory management, including directory integration strategies, metadirectories,
security, and more
- LDAP vendors OpenLDAP, Microsoft Active Directory, and Directory Server
- A case study of Stanford University's directory architecture, which illustrates
how integral an LDAP directory can become to a business
If you are an information technology manager, LDAP Directories Explained
will provide the technical foundation you need to make sound business decisions
about LDAP. If you're a developer, this straightforward reference will bring
you quickly up to speed on LDAP and directories.
Table of Contents
Preface.
Acknowledgments.
I. HOW LDAP WORKS.
1. An Overview of LDAP.
Introducing Directories.
Structure.
Content and Usefulness.
Benefits of a Directory.
Introducing LDAP.
Mycompany.com.
Namespace.
Protocol.
Schema.
ManagementVendor LDAP Products.
Why Choose LDAP?
2. The LDAP Namespace.
DNS.
DNS Hierarchy.
DNS Resolution.
Basic DNS Record Types.
How LDAP Uses DNS.
LDAP Object Structure.
Allowed Structures.
LDAP Containers.
Structural Rules.
Naming Context.
LDAP Object Naming.
Relative Distinguished Name (RDN).
Naming Attributes.
Distinguished Name (DN).
Naming Special Characters.
URL Naming.
LDAPv2 Naming Conventions.
Special LDAP Structural Concepts.
Summary.
3. Client LDAP Operations.
Directory Enabled Services and Applications.
Search.
Mandatory Search Parameters.
Optional Search Parameters.
Search Filters.
The LDAP Protocol.
The LDAP Operations.
LDAP Controls.
LDAP Client Options.
APIs.
Summary.
Appendix Material.
4. The LDAP Schema.
Object Classes.
Elements of an Object Class.
Creating the Entry You Want.
Attributes.
Elements of an Attribute Type.
Attribute Subtypes.
Attribute Options.
Operational Attributes.
Syntaxes.
Matching Rules.
OIDs.
Schema Checking.
Extended Schema Definitions.
DNS Extensions.
extensibleObject Object Class.
dynamicObject Object Class.
Java.
inetOrgPerson Object Class.
Still in Development.
Summary.
Appendix Material.
5. Directory Management.
Replication.
Partitions.
Replicas.
Referrals.
Referral Resolution.
Referral Syntax.
Referral Examples.
Chaining.
Aliases.
Distributed Directory.
Reliability.
Replication Topology.
Maintenance.
Integrating Independent Directories.
Data Architecture Management.
Metadirectories: Glue Together Your Directories.
Master Directory.
Directory Synchronization.
Loose Directory Interconnection.
Harvesting Data (Connectors).
Moving Data Between Directories.
LDIF.
DSML.
Directory Security.
Authentication.
Authorization.
Encryption.
Administrative Server Parameters.
Other Directory Management Tasks.
Summary.
II. HOW VENDORS HAVE IMPLEMENTED LDAP.
6. OpenLDAP.
Namespace.
Naming Contexts and Partitions.
Distributed Directory Functionality.
Database Functionality.
Indexing.
Operations and Clients.
Clients.
Controls.
Schema.
Classes.
Attributes.
Management.
Special Configuration Parameters.
Security.
Authentication.
Authorization.
Privacy.
Why OpenLDAP?
7. Microsoft Active Directory.
Namespace.
DNS.
Directory Namespace.
Sites.
Naming Contexts and Partitions.
The Global Catalog.
Operations and Clients.
Clients.
Controls.
Directory Enabled Services.
Schema.
Classes.
Attributes.
Management.
Replication.
Indexing.
Data Architecture.
Special Configuration Parameters.
Security.
Authentication.
Authorization.
Privacy.
Why Active Directory?
8. Directory Server.
Namespace.
Naming Contexts.
Database Functionality.
Indexing.
Referrals.
Chaining.
Operations and Clients.
Clients.
Controls.
Plug-ins.
Schema.
Groups.
Roles.
Class of Service (CoS)Management.
Replication.
Special Configuration Parameters.
Security.
Authentication.
Authorization.
PrivacyWhy Directory Server?
III. APPENDIX MATERIAL.
A. Client LDAP Operations Appendix.
Draft Controls.
Psearch.
Tsearch.
Dirsync.
LCUP.
Chaining.
Virtual List View.
C Language API.
B. Schema Appendix.
Schema Formats.
ASN.1 Object Class Syntax.
ASN.1 Attribute Syntax.
BNF Object Class Syntax.
BNF Attribute Syntax.
Slapd.conf Object Class Syntax.
Slapd.conf Attribute Syntax.
Common Syntaxes.
Common Matching Rules.
C. Stanford University Directory Architecture.
Environment.
Source Systems.
The Stanford Registry.
Privacy Controls.
Directory Harvester.
Event Database.
The Stanford Directory.
Email Service Integration.
Web UI Integration.
Updating Your Personal Information.
Active Directory Harvester.
Privacy Control in AD.
Summary.
D. OpenLDAP Access Control Appendix.
The What Element.
The Who Element.
The Access Element.
Evaluation of Access.
A Comprehensive Example.
E. Active Directory Appendix.
Controls.
F. Directory Server Appendix.
Default Indexes.
Access Control Instructions.
ACI Targets.
ACI Heading.
ACI Permissions.
ACI Bind Rules.
Putting an ACI Together.
Macro ACIsPlug-ins.
G. Online Reference Material.
Chapter 1 Topics.
Articles.
LDAP Supersites.
Chapter 2 Topics.
DNS.
Referrals.
Escaping Special Characters.
Chapter 3 Topics.
Programming Resources.
Encoding Resources.
Directory Integration.
Chapter 4 Topics.
X.500.
ASN.1.
Schema Resources.
Chapter 5 Topics.
Metadirectories.
DSML.
Security.
Stanford University.
Chapter 6 Topics.
Building OpenLDAP.
Chapter 7 Topics.
Chapter 8 Topics.
Server Documentation.
Programming Resources.
Index
Customer Reviews
Customer Reviews: 1 Average Customer Rating: Jun 15, 2004 A review from Martha's Vineyard, MA
Good, in-depth, vendor-neutral survey
Books on LDAP were, for a long time, somewhat paralyzed in their development by the "original" *LDAP Programming* book by Howes. The problem with that book was that it was written too early in the deployment of LDAP to reflect the kinds of programming issues and real world product interface solutions LDAP would encounter.
Arkills' book is one of a few since then that serve an essential purpose. This is *the* starting point for anyone in LDAP who is going to have to install, administer, and happily *use* a LDAP server product. This book *doesn't* cover programming at all, intentionally. I'd say you'll have to get Weltzman's book on LDAP and Java or something to get that aspect of things.
This is, however, an excellent and readable introduction to organization of a LDAP schema and all the concepts that go into that. It then further dives, in about 40 pp. of detail on each, how one might go about implementing the schema in OpenLDAP, Active Directory, and the Sun/Netscape Directory server, pointing out the crucial differences in each product.
In my own task of having to *write* a *client* product that has to interface to multiple LDAP servers, I have found nothing else that serves this need. *LDAP Directories Explained* does explain that, without resorting to the "if you really want to understand this, here's the RFC you need to read" copouts of other LDAP books I've seen. It explains some of the more subtle topics (e.g., referentiality, replication) with clear descriptions *and with clear applications*. It also has these neat little margin annotations that are really good for speed reading a chapter you've already read and forgotten some of to refresh your memory.
Note that the coverage of Active Directory is limited to its role as a LDAP server, with some of the associated tools. The *Inside Active Directory* tome by Kouti (which ironically, gives short service to the LDAP features of AD in my opinion) or something similar is necessary to understand the AD role in the enterprise.
|
