Ldap Server Interview Questions

Lightweight Directory Access Protocol (LDAP) is a light weighted client-server protocol used for accessing the directory services particularly the X. 500 based directory services. It runs over the TCP/IP or the other connection-oriented transfer services.

This protocol is mainly used for querying and modification purposes and it is used in places such as Microsoft Active Directory, OPEN LDAP, and many more.

The LDIF (LDAP Data Interchange Files) are used to exchange data between the LDAP directory servers. This plain text data interchange format was designed by Tim Howes in the early 1990s for representing LDAP directory content and update requests. The content in this file is represented as a group of attributes. Here, the records are separated from one another by blank lines while the attributes of the record itself are represented as single logical lines.

There are many tools that deploy LDIF such as Microsoft Windows 2000 Server, Windows 2003 Server, JXplorer, Netscape Communicator, and OpenLDAP.

LDAP uses CLDAP as its transport protocol. The Default Port no. LDAP is on Http is 389 and 636 over SSL.

There are three object class types present in LDAP. They are,

Structural - It is used to define the primary entry type.

Auxiliary - It is used to define the characteristics of an LDAP entry.

Abstract - This type is not used to create entries directly but is subclassed by the Auxiliary class.

JNDI (Java Naming and Directory Interface) is a Java API for directory service. It allows Java software clients to discover data and resources. It also specifies a service provider interface to allow directory service implementations to be plugged into the framework.

The main use of this interface is to connect a Java application to an external directory service and to allow a Java Servlet to lookup configuration information provided by the hosting web container.

SLAPD (Standalone LDAP Daemon) listens for the LDAP connection on any number of ports and responds to the LDAP operations it receives over these connections. This daemon is invoked at the boot time out of /etc/rc.local. Upon the invoking, the slapd forks and disassociates itself from the invoking tty. You have a lot of options that you can specify with this daemon to do the different processes.

An open-source implementation of the LDAP (Lightweight Directory Access Protocol),

OpenLDAP is a platform-independent protocol developed by the OpenLDAP project. Released in 1998, the OpenLDAP has support for macOS, Solaris, Microsoft Windows, and other Linux & BSD variants.

Some of the main advantages of using OpenLDAP are,

• It has support for Simple Authentication, Security Layer, and Transport Layer Security.
• It also has support for the Internet Protocol version 6 so it is future proof.
• It can be used to consolidate data of an entire organization into a central repository.
• It provides full compliance with (LDIF)LDAP Data Interchange Format version 1.

Posix group is an object class type that is used to represent the POSIX Database group Posix systems. Defined as an auxiliary, the POSIX group is used to extend the groupOfNames objectClass.

A base dn is the point where the server usually searches for the users. It is the starting point to search for user authentication within a directory.

The LDAP DSA (Directory System Agent) is a direct mode data source adaptor that runs in-process with the Netcool/Impact. You do not have to start or stop DSA as it is automatically loaded during application run time. To use LDAP DSA, create an LDAP DSA data model and write one or more LDAP DSA policies to retrieve data from the LDAP server.