What is LDAP(Lightweight Directory Access Protocol)
Definition
LDAP (Lightweight Directory Access Protocol) is a protocol that provides directory services as part of the internet protocol stack.
LDAP Structure
LDAP inherently follows a tree structure and stores data with specific conditions. Each node is referred to as an entry, and classified information is stored in each entry.
Entry Name Table
| Entry Name | Full Name | Description |
| c | Country Name | Country name |
| st | State Province Name | State or province name |
| l | Locality Name | City or locality name |
| cn | Common Name | Common name |
| sn | Sur Name | Surname |
| givenName | Given Name | Given name |
| street | Street Address | Street address |
| o | Organization Name | Organization (company) name |
| ou | Organization Unit Name | Organization unit name |
| dc | Domain Component | Domain name component |
| E-mail address | ||
| telephoneNumber | Telephone Number | Telephone number |
| dn | Distinguished Name | Identifier |
| rdn | Relative Distinguished Name | Relative identifier |
| uid | User ID | User's name |
Web Application Structure Using LDAP
Purpose
LDAP provides a way to store and retrieve information about users, groups, devices, and more using a hierarchical data structure.
Advantages
Efficient data retrieval is possible due to the hierarchical structure of directory services.
Offers features for authentication and access control, enhancing security.
Widely known standard protocol with support for various platforms and languages.
Disadvantages
LDAP can require complex setup and management.
It might not be suitable for handling large amounts of data.
It's more specialized for retrieval and storage rather than insertion or modification.
Example
import ldap
# Connect to LDAP server
conn = ldap.initialize('ldap://ldap.example.com')
# Binding (Authentication)
conn.simple_bind_s('username', 'password')
# Search
base_dn = 'ou=users,dc=example,dc=com'
filter = '(& (cn=john))'
attributes = ['cn', 'email']
result = conn.search_s(base_dn, ldap.SCOPE_SUBTREE, filter, attributes)
# Print results
for dn, entry in result:
cn = entry['cn'][0].decode('utf-8')
email = entry['email'][0].decode('utf-8')
print(f'CN: {cn}, Email: {email}')
# Unbind (Disconnect)
conn.unbind()
In the Python code, the ldap module is used to connect to the LDAP server, perform binding (authentication), search, handle results, and disconnect. The ldap.initialize function establishes a connection to the LDAP server, conn.simple_bind_s performs authentication, and conn.search_s is used for searching. The results are then processed and printed.