LDAP (lightweight directory access protocol) has been a mainstay in the IT industry because it serves as a great tool for authenticating and authorizing users via credentials like a usernames and passwords. But, on-prem LDAP implementations remain difficult to configure and manage. Plus, they take up a valuable real estate in the office. Now, a new generation of identity management capability — sometimes called cloud LDAP — is emerging to make using LDAP easier than ever.
Brief LDAP History
The LDAP protocol was created by our friend and advisor, Tim Howes, and his colleagues at the University of Michigan in the early 90s. Mr. Howes sought a lightweight alternative to DAP (directory access protocol)—the tool originally created for accessing the directory services protocol X.500. X.500 was one of the first directories out there, and DAP allowed users to Bind, Read, List, Search, Compare, Modify, Add, Delete, and ModifyRDN the contents of the directory. But, DAP was troublesome because of its considerable overhead and bandwidth-intensive nature.
So, Howes and his team saw an opportunity to create a lightweight version of DAP that could execute the same functions from less powerful systems while utilizing less bandwidth. From this we got LDAP. It could perform the functions of DAP from lesser systems (read: early 1990 PCs) because LDAP was a limited subset of X.500’s DAP standards. Its efficiency would allow it to become the internet standard for directory services in 1997. From this success, LDAP would go on to become a launchpad for a wide range of identity management solutions and authentication protocols. Identity management solutions such as Microsoft® Active Directory and OpenLDAP™ (which we will talk about below) as well as protocols like SAML, OAuth, and OpenID all trace their roots back to LDAP and Tim Howes.
Identity Management with OpenLDAP
Historically, the challenge with LDAP has been the difficult implementation of OpenLDAP (LDAP’s most popular open source iteration) and the integration between a system or application and the LDAP server itself. Resulting, IT admins have to spend a tremendous amount of time working through (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: https://jumpcloud.com/blog/identity-management-capability-cloud-ldap/