LDAP Series Part III - The Historical Secrets
The origins of LDAP begin with the International Telecommunication Union (ITU) based in Geneva. ITU began setting email standards which required a directory of names (and other information) that could be accessed across networks in a hierarchical fashion not dissimilar to DNS. The result of their work resulted in the X.500 series of standards which defined DAP (Directory Access Protocol), the protocol for accessing a networked directory service.
Tim Howes, Steve Kille and Wengyik Yeong saw a better way to achieve the aims of ITU and published a proposal entitled X.500 Lightweight Directory Access Protocol in RFC 1487 during July 1993. Their abstract read as follows:
The protocol described in this document is designed to provide access to the Directory while not incurring the resource requirements of the Directory Access Protocol (DAP). This protocol is specifically targeted at simple management applications and browser applications that provide simple read/write interactive access to the Directory, and is intended to be a complement to the DAP itself.
Tim Howes of the University of Michigan led the development of LDAP supported by the National Science Foundation. From 1993 to 1997, the Internet Engineering Task Force (IETF) published 13 RFCs related to LDAP and dozens since. In essence, the University of Michigan invented and created LDAP. Two open source projects resulted from the work at the University of Michigan – OpenLDAP and the Fedora Directory Server.
On April 22, 1996, in a press release, the University of Michigan announced that "Netscape (would) incorporate Lightweight Directory Access Protocol (LDAP) directory service technology developed at the U-M into its World-Wide Web software." The University felt they had taken "a giant step toward having (a) global directory service on the Internet."
Netscape and the University partnered to create the Netscape Directory Server (NDS), which became the leading LDAP application in commercial use. Interestingly enough, Red Hat purchased NDS from AOL and open sourced its code. That resulted in delivery of Fedora Directory Server (FDS) to the Linux community.
The OpenLDAP Project was started in 1998 by Kurt Zeilenga. The project started by cloning the LDAP source code from the University Of Michigan. When attempting to access the original LDAP project, the page redirects you to the OpenLDAP project.
In essence, one could speculate that the OpenLDAP project became the successor of the University of Michigan project.
Subsequent Internet protocols have their origins in LDAP including the XML Enabled Directory (XED), Directory Services Markup Language (DSML), the Service Location Protocol (SLP) and the Service Provisioning Markup Language (SPML).
Of course, this short discussion requires mention of one other subsequent development - Active Directory (AD). Redmond utilized LDAP protocols to create AD, which demonstrates the remarkable potential of the founders' (Tim Howes, Steve Kille and Wengyik Yeong) work, which began back in 1993.
If you haven't delved into AD, you owe it to yourself to do so. The Linux community could use the AD blueprint to manage enterprises. That could extend the historical discussion of LDAP even further.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- The Humble Hacker?
- Server Hardening
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
- Varnish Software's Hitch
- Tech Tip: Really Simple HTTP Server with Python
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide