The question surrounding what is OpenLDAP™ has a number of different answers to it. Of course, there is the factual, historical context of OpenLDAP that can easily be found using Wikipedia. The answer we’re looking for is a bit more practical in nature, however. What we’re after is the more interesting aspects of the questions surrounding the query of what is OpenLDAP. Specifically, what does OpenLDAP enable IT organizations to do, and when is LDAP most useful?
First, Some LDAP History
OpenLDAP built on the success of the LDAP protocol, which was created by Tim Howes and his colleagues at the University of Michigan. In fact, LDAP was so popular that it became the internet’s standard authentication protocol in the late 90s and early 2000s. That popularity drove OpenLDAP to become the most widely used instantiation of the LDAP server available, despite the recent announcement from RedHat and SUSE that they will discontinue including OpenLDAP in their products. Instead, RedHat and SUSE will shift from OpenLDAP to the 389 Directory Server, which RedHat owns. The reason for this move is simple, RedHat will charge for technical support. Regardless, LDAP remains an incredibly important authentication protocol for many organizations.
OpenLDAP Uses and Identity Management
Many of the organizations that require OpenLDAP need it for mostly technical solutions. That includes Linux® servers and Linux-based applications. For that reason, historically, OpenLDAP has been favored by the ops crowd and those that are generally in favor of open source solutions. From that open source nature springs OpenLDAP’s incredible flexibility, which is a function of its design. Due to its flexibility, IT and DevOps engineers are free to use it in a variety of ways.
What we will focus on is OpenLDAP’s usage as an identity provider (IdP). It has been widely implemented within data centers for access to technical solutions. But, when you throw Windows® machines into the mix, organizations generally favor using Microsoft® Active Directory® to authenticate and manage their Windows-based systems and applications. The reason being is that Microsoft specifically tuned these two resources to work (Read more...)