A Directory Service is the full-featured electronic version of the white-pages. It allows clients to perform property-based retrieval of information stored in the directory. For example, the directory might store information about users, network services and printers. Types of information about, or properties of users that are maintained in the directory might include their name, department, position, telephone extension, and email address and can include anything else of interest to those who manage the directory (as long as the directory software allows for it).
Directories are used for far more than simple information lookup by the curious. For example, they can be used to distribute public-key information (public keys will be discussed in the Chapter 4), locate the closest server providing a specific network service like electronic mail, authenticate users and control access to resources. Directory servers can also be set up to communicate among themselves and exchange information so that they know about information managed by other directory servers.221
The most common protocol in use today for retrieval of information from directory services is LDAP, discussed below. SSL/TLS is often combined with LDAP to encrypt traffic.
221. Greenblatt, Bruce, Internet Directories: How to Build and Manage Applications for LDAP, DNS, and Other Directories, Prentice-Hall, August, 2000, http://www.nerdbooks.com/item.html?id=0139744525
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.