LDAP refers to Lightweight Directory Access Protocol. This is an Internet protocol that e-mail applications and other Web-based programs use to locate a specific piece of information from a server. LDAP was developed to provide a more “lightweight” protocol based on a complex directory system known as X.500.
The main purpose of LDAP is to give client programs the ability to ask servers to look up information through several means. To do so, however, the server should first be able to support the LDAP technology.
In finding a certain piece of information, the server first makes an index of the data found in its entries. It then uses filters to select only the piece of information required by the client program. Once the information has been identified and selected, it will then be sent to the program that requested it.
LDAP allows a user to look up e-mail addresses of individuals who have never sent him e-mail, even if the e-mail addresses are not included in his address book. This protocol also enables companies to have one centralized and updated address book that all members can access.
Apart from supplying contact information, LDAP is used by systems to locate pointers for printers, encryption certificates, and other similar network services. In addition to this, LDAP provides single sign-on. This is a feature that allows a user to have one password, which he can utilize for several services. LDAP does not include features for encryption or security, so systems using LDAP require additional protection such as an encrypted SSL connection.
LDAP is also used to define network permissions. This is a set of statements created by the administrator to give certain users access to the LDAP database.