15.0 Understanding LDAP Services for NetIQ eDirectory

The Lightweight Directory Access Protocol (LDAP) is an Internet communications protocol that lets client applications access directory information. It is based on the X.500 Directory Access Protocol (DAP) but is less complex than a traditional client and can be used with any other directory service that follows the X.500 standard.

LDAP is used most often as the simplest directory access protocol.

Lightweight Directory Access Protocol (LDAP) Services for NetIQ eDirectory is a server application that lets LDAP clients access information stored in eDirectory.

LDAP Services includes eDirectory features that are available through LDAP:

  • Provisioning

  • Account Management

  • Authentication

  • Authorization

  • Identity Management

  • Notification

  • Reporting

  • Qualification

  • Segmentation

You can give different clients different levels of directory access, and you can access the directory over a secure connection. These security mechanisms let you make some types of directory information available to the public, other types available to your organization, and certain types available only to specified groups or individuals.

The directory features available to LDAP clients depend on the functionality built into the LDAP client and the LDAP server. For example, LDAP Services for eDirectory lets LDAP clients read and write data in the eDirectory database if the client has the necessary permissions. Some clients have the capability to read and write directory data, while others can only read it.

Some typical client features let clients do one or more of the following:

  • Look up information about a specific person, such as an e-mail address or phone number.

  • Look up information for all people with a given last name, or a last name that begins with a certain letter.

  • Look up information about any eDirectory object or entry.

  • Retrieve a name, e-mail address, business phone number, and home phone number.

  • Retrieve a company name and city name.

The following sections provide information about LDAP Services for eDirectory:

For more information on LDAP, see the following Web sites: