by Jason Zandri
Welcome to the sixth installment of Learn Active Directory Design and Administration in 15 Minutes a Week, a weekly series aimed
at current IT professionals preparing to write the new Windows Active Directory Design and Administration exams (70-219 and 70-217 respectively), as well as newcomers to the field who are trying to get a solid grasp on this new and emerging directory service from Microsoft. This installment is going to discuss the Lightweight Directory Access Protocol (LDAP), a tiny bit of its history and for the most part, how it is used within Windows 2000 and Active Directory.
Jason Zandri’s latest article in the Learn Active Directory Design and Administration in 15 Minutes a Week discusses the Lightweight Directory Access Protocol (LDAP) and how it’s used within Windows 2000 and Active Directory.
The Lightweight Directory Access
Protocol (LDAP) is an Internet standard protocol that was
originally put into use at the University of Michigan.
Developers wanted to free clients from the Directory Access
Protocol (DAP) that was in use at the time for X.500
Directory Service access. This was
often resource intensive on the client side and required the
Open Systems Interconnection (OSI) protocol to be used.
The Open Systems Interconnection
protocol was poised as the likely replacement for TCP/IP at
one point in its history as many governments around the
world as well as educational institutions made the OSI
protocol the preferred protocol on their systems. Due mainly
to incompatibility issues across different systems and the
insurgence of the internet, TCP/IP overtook the OSI protocol
as the preferred protocol and became the defacto standard
due to its popularity and cross platform functionality.
X.500 Directory Service
database is stored in a hierarchical
design and uses the Directory System
Agent (DSA) which provides fast searches and retrieval of
The Directory User Agent (DUA) can be implemented in
different user interfaces via dedicated clients. E-mail
applications that utilize this framework is just one
example of this.
The Directory Access Protocol (DAP) is used in X.500
Directory Services for controlling communications between
the Directory User Agent and the
Directory System Agent.
The X.500 Directory Services run as processes at the OSI
application layer and are used to provide a universally
unified naming service for all elements in a single network
while providing the structure for unique names for all
objects in the Directory. X.500 also serves as a
translator between different networks.
[NOTES FROM THE FIELD] – Much
of this historical information is not an Exam Requirement for
either of the
70-217 or the
70-219 exams. Knowing the background information may
help you, though, on questions relating to the Lightweight Directory Access Protocol
(LDAP) and how it is used within Windows 2000 and Active
Directory. LDAP and Active Directory are two big pieces of