h2. LDAP in a few words

h3. Introduction

*LDAP* is not a new technology. It has been around since the mid 1990's as a way to mitigate the complexity of the *X.500*-based server access. Its name is an acronym for _Lightweight Directory Access Protocol_. Soon after the first standard had been issued, the first complete *LDAP* server was written (ie, X.500 was pushed out of the equation).

We will now use the term *LDAP* and *LDAP* server for the protocol and the server, respectively.

h3. Features
A *LDAP* server provides access to entries stored in a backend. It offers an interrogation mechanism allowing for fast retrieval of entries. The data structure is hierarchical, and it uses a schema to manage the content of entries, plus the organization of data.

A *LDAP* client first has to connect to the server, and disconnect at the end. Some operations can be done on data, such as searches, modification and deletion.

*LDAP* servers are extensible, but they all use a common protocol which makes it easy for users to use them. This API is an example of what *LDAP* is very good at: access data in a fast way across servers.

h3. Characteristics
*LDAP* servers are fast for retrievals since they have been designed for this purpose. On the other hand, modifications can be costly. This has to be understood when writing an application that uses a *LDAP* server as a backend.

Each entry is identified by its position in the hierarchy, and it uses what is called a _Distinguished Name_ (or *[Dn]*) to describe this position in the tree. The base is also named the *DIT*, or _Directory Information Tree_.

h3. Programming 

Nowadays, *LDAP* is a part of the *IT* and it is difficult to avoid having to deal with it. *LDAP* servers are used to manage not only authentication, but also authorization, and more. It is very likely that you will have to write some code to access such a *LDAP* server, and the existing *API* are a bit cumbersome. This new *LDAP API* has been defined to facilitate this kind of tasks.

h3. Going further

This was a very short introduction, you can find more literature about *LDAP* on the web : [Wikipedia|http://en.wikipedia.org/wiki/LDAP] gives you a good starting point with many valid pointers.