Home > Articles > Networking

  • Print
  • + Share This
This chapter is from the book

LDAP's Role in Active Directory

LDAP is the core protocol behind Active Directory. All directory access is performed through LDAP. Even the Active Directory Service Interfaces (ADSI), which will be discussed in Chapter 4, "Active Directory Service Interfaces (ADSI)," uses LDAP under the covers to access and modify the directory. Also, any time a client performs a search for an object in Active Directory, such as for users, computers, or printers, LDAP is being used in one form or another to perform the search and return the results.

Another very important role for LDAP in Active Directory is that of cross-platform access interface. LDAP is not tied to a particular platform as is ADSI, which is COM-based and therefore tied to Windows. That means applications and scripts can be written to access and manage Active Directory from virtually any platform. This is a huge improvement over Windows NT4 where access was limited to the Win32 API, which for the most part can only be used from the Windows platform. LDAP allows companies that have a non–Windows-based enterprise management infrastructure the ability to populate, maintain, and monitor Active Directory from the platform of choice.

Because Active Directory is an LDAP-compliant directory, it uses an X.500-based data model. Having a firm foundation in LDAP concepts and terminology is essential before delving into important areas of Active Directory such as schema (Chapter 10), replication (Chapter 9), and namespace design (Chapters 7 and 8). An understanding of entries/objects, classes, and naming hierarchy as discussed later in the chapter is essential knowledge for Active Directory administrators.

  • + Share This
  • 🔖 Save To Your Account