LDAP Directory Service

A directory is a specialized database that is designed to optimize performance for searches as opposed to modifications. It can store a wide variety of information and provides a mechanism for extending the types of information that can be stored.

An LDAP directory service is based on a client-server model. One or more LDAP servers contain the data elements that form the directory tree. The LDAP client connects to the LDAP server to obtain a set of information or to request the server to perform an operation. The server performs the operation or provides the requested information. If the server is unable to fulfill the client request, it refers the client to another LDAP server that might be able to perform the requested tasks. A global directory service enables the LDAP client to connect to any available LDAP server when accessing a specific LDAP directory tree; a name presented to one LDAP server references the same object that it would reference at another LDAP server.

Because LDAP is message-based, a client can issue multiple requests to a server at once. To submit multiple requests, the client generates a unique message identifier for each request before sending the requests to the server. The server processes all of the requests and then returns the requested results with a tag that contains the message identifier. The message identifier allows the client to sort out multiple responses to different requests arriving out of order or at the same time.

See Also

LDAP Schema Model | LDAP Distinguished Names | LDAP Security Model | LDAP Client

 Last updated on Friday, April 09, 2004

© 1992-2003 Microsoft Corporation. All rights reserved.