Page 355 - StudyBook.pdf
P. 355

Communication Security: Web Based Services • Chapter 5  339

                 organized to allow people to retrieve properties like the customer’s name, phone
                 number and address.
                    Directory services shouldn’t be confused with the directory itself.The directory
                 is a database that stores data on the objects managed through directory services.To
                 use our telephone directory example again, consider that the information on cus-
                 tomer accounts can be stored in a phonebook or electronically in a database.
                 Regardless of whether the information is accessed through an operator or viewed
                 online using a 411 service, the directory service is the process of how the data is
                 accessed.The directory service is the interface or process of accessing information,
                 while the directory itself is the repository for that data.
                    Directory services are used by many different network OSes to organize and
                 manage the users, computers, printers, and other objects making up the network.
                 Some of the directory services that are produced by vendors include:

                      ■  Active Directory, which was developed by Microsoft for networks running
                         Windows 2000 Server,Windows 2003 Server, or higher
                      ■  eDirectory, which was developed by Novell for Novell NetWare networks.
                         Previous versions for Novell NetWare 4.x and 5.x were called Novell
                         Directory Services (NDS)
                      ■  NT Directory Services, which was developed by Microsoft for Windows
                         NT networks
                      ■  Open Directory, which was developed by Apple for networks running
                         Mac OS X Servers

                    To query and modify the directory on TCP/IP networks, the LDAP can be
                 used. LDAP is a protocol that enables clients to access information within a direc-
                 tory service, allowing the directory to be searched and objects to be added, modi-
                 fied, and deleted. LDAP was created after the X.500 directory specification that
                 uses the Directory Access Protocol (DAP).Although DAP is a directory service
                 standard protocol, it is slow and somewhat complex. LDAP was developed as an
                 alternative protocol for TCP/IP networks because of the high overhead and subse-
                 quent slow response of heavy X.500 clients, hence the name lightweight. Due to the
                 popularity of TCP/IP and the speed of LDAP, the LDAP has become a standard
                 protocol used in directory services.










                                                                              www.syngress.com
   350   351   352   353   354   355   356   357   358   359   360