- Evolution of Solaris Naming Services
- NIS and Files Coexistence
- NIS and DNS Coexistence
- Solaris Naming Service Switch
- Solaris Naming Service Switch Architecture
- NIS Architecture Overview
- NIS Client Server Architecture
- How NIS Clients Bind to the NIS Server
- NIS Maps
- NIS High Availability Architecture Features
- NIS+ Architecture Overview
- NIS+ Client Server Architecture
- How NIS+ Clients Bind to the NIS+ Server
- NIS+ Tables
- NIS+ Interaction with DNS
- NIS+ High Availability Architecture Features
- Solaris DNS Architecture Overview
- DNS Client Architecture
- DNS Server Architecture
- DNS High Availability Features
- LDAP Architecture Overview
- LDAP Information Model
- LDAP Naming Model
- LDAP Functional Model
- LDAP Security Model
- LDAP Replication
- Comparison with Legacy Naming Services
LDAP Functional Model
Clients needing to access data on an LDAP server must begin by performing a bind operation. The bind operation requires, at a minimum, the DN of the user account entry the client wishes to bind as. If the entry has a password, then it is passed along with the DN. Alternatively, the client can perform an anonymous bind, which does not require a particular user name or password.
The type of authentication the directory server requires is specified as part of the bind request. The default is simple authentication, which compares the password sent with the password stored for the specified DN. Other authentication methods such as secure socket layer (SSL), CRAM-MD5, or Kerberos can be invoked instead by addition of another parameter to the bind operation call.
If the bind operation is successful, the client is considered authenticated. All subsequent client requests made on the connection established as a result of the bind are performed as the authenticated user. After the LDAP client requests are complete, an unbind operation is performed to release the connection. Chapter 5, "Solaris 8 Native LDAP Configuration" describes how the Solaris LDAP client binds to an LDAP server.
If an LDAP bind operation is made with a DN, with no password, the bind is successful, but is considered an anonymous bind.