Lightweight Directory Access Protocol

Lightweight Directory Access Protocol
Communication protocol
Purpose	Directory service
Based on	X.500
Port(s)	389 (ldap), 636 (ldaps)
RFC(s)	RFC 4510, RFC 4511

The Lightweight Directory Access Protocol (LDAP /ˈɛldæp/) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.^[1] Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about users, systems, networks, services, and applications throughout the network.^[2] As examples, directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory. Similarly, a telephone directory is a list of subscribers with an address and a phone number.

LDAP is specified in a series of Internet Engineering Task Force (IETF) Standard Track publications known as Request for Comments (RFCs), using the description language ASN.1. The latest specification is Version 3, published as RFC 4511^[3] (a road map to the technical specifications is provided by RFC4510).

A common use of LDAP is to provide a central place to store usernames and passwords. This allows many different applications and services to connect to the LDAP server to validate users.^[4]

LDAP is a simpler ("lightweight") subset of the standards in the X.500 series, particularly the X.511 Directory Access Protocol.^[5]^[6] Because of this relationship, LDAP is sometimes called X.500 Lite.^[7]

^ "Network Working Group RFC 4511". IETF.org. 2006-06-01. Retrieved 2014-04-04.
^ "Directory Services LDAP". Oracle.com. Retrieved 2014-04-04.
^ What is LDAP?. Gracion.com. Retrieved on 2013-07-17.
^ "Introduction to OpenLDAP Directory Services". OpenLDAP. Retrieved 1 February 2016.
^ J. Sermersheim (June 2006). Lightweight Directory Access Protocol (LDAP): The Protocol. Network Working Group. doi:10.17487/RFC4511. RFC 4511. Proposed Standard. Obsoletes RFC 3771, 2830 and 2251. The core protocol operations defined in this document can be mapped to a subset of the X.500 (1993) Directory Abstract Service [X.511]. However, there is not a one-to-one mapping between LDAP operations and X.500 Directory Access Protocol (DAP) operations.
^ "What is lightweight directory access protocol (LDAP) authentication?". Red Hat. 3 June 2022.
^ "LDAP - Lightweight Directory Access Protocol". Webopedia.com. 4 December 1996. Retrieved 2014-04-05.

[1] "Network Working Group RFC 4511". IETF.org. 2006-06-01. Retrieved 2014-04-04.

[2] "Directory Services LDAP". Oracle.com. Retrieved 2014-04-04.

[gracion-3] What is LDAP?. Gracion.com. Retrieved on 2013-07-17.

[4] "Introduction to OpenLDAP Directory Services". OpenLDAP. Retrieved 1 February 2016.

[5] J. Sermersheim (June 2006). Lightweight Directory Access Protocol (LDAP): The Protocol. Network Working Group. doi:10.17487/RFC4511. RFC 4511. Proposed Standard. Obsoletes RFC 3771, 2830 and 2251. The core protocol operations defined in this document can be mapped to a subset of the X.500 (1993) Directory Abstract Service [X.511]. However, there is not a one-to-one mapping between LDAP operations and X.500 Directory Access Protocol (DAP) operations.

[6] "What is lightweight directory access protocol (LDAP) authentication?". Red Hat. 3 June 2022.

[7] "LDAP - Lightweight Directory Access Protocol". Webopedia.com. 4 December 1996. Retrieved 2014-04-05.

[1]

[2]

[3]

[4]

[5]

[6]

[7]