Theory recomendation about LDAP

Question

Hello

I need to implement application that supports LDAP authentication.

I want to know in detail how such network works. Can you recomend some reading about it, a book perhaps with broader explanation of LDAP authenticated networking or at least some online tutorials. I would like to see step by step guide of creating such network and if possible, cross platform theory with samples in Win and *nx systems.

Thanks.

Answer 1

LDAP System Administration is the book I read when I first started with LDAP.

That and the OpenLDAP Administrators Guide.

Answer 2

In addition to gacrux, I'd suggest looking at

• Lightweight Directory Access Protocol (Wikipedia) for an introdcution
• LDAP Linux HOWTO by Luiz Ernesto Pinheiro Malère
• Understanding LDAP (part 1) and Understanding LDAP (part 2) on devshed.com
• LDAP and OpenLDAP (on the Linux Platform) slides

Answer 3

Are you looking to build new LDAP server infrastructure, or are you looking to use an existing service?

If you're building infrastructure, then Understanding and Deploying Directory Services has long been the book to get. It clearly explains what LDAP is, how to design your schema and directory information tree layout, and how to choose an appropriate directory topology.

If you're trying to authenticate users against an existing LDAP service, you would be best served by reading the library docs for your language. The typical process for authenticating users goes like this:

1. Take the user's user id and search against LDAP for that user to obtain the disinguished name (or DN, a unique name for each entry in the LDAP tree).
2. Use the retrieved DN and the password the user provided to "bind", or authenticate against the LDAP server as that user.
3. Check the return code from the server to determine whether the bind was successful.
4. Based on the results of the previous step, allow or disallow the user.