LDAP (Lightweight Directory Access Protocol) is a protocol that provides access to a hierarchical and distributed directory service to search for different types of information in a network environment.
This protocol has a LDAP server and a LDAP directory associated to it. The relationship between them is the same that exists between a DBMS and a DB.
LDAP directory can be considered a database (although it can have a different storage system) that can be queried through the protocol. The advantage of this protocol is that it supports TCP/IP and the directory information can be accessed from any platform. (It’s a standard, so interacting with any LDAP server involves the same protocol, client connection package and query commands).
LDAP allows you to securely delegate read and modification authority based on the company’s needs, using access control lists, so that you needn’t worry about making security checks at the user application level.
It is particular useful for storing information that you wish to read from many locations but don’t update frequently. For example, a company could store all of the following data in a LDAP directory:
- The company employee phone book and organizational chart.
- External customer contact information.
- Public certificates and security keys.
- Infrastructure services information, including NIS maps, email aliases, and so on.
- Configuration information for distributed software packages.
In short, LDAP (lightweight directory access protocol) is a unified access protocol to a set of data on a network.
GeneXus provides the possibility to solve LDAP Authentication using GAM as well as the LDAPClient Data Type for working with LDAP servers using the protocol.