This website is no longer maintained. Its content may be obsolete. Please visit http://home.cern/ for current CERN information.
Ray Jackson , IT/IA
LDAP stands for "Lightweight Directory Access
Protocol" and is a software protocol for enabling
applications to look up information on objects across the
Internet in a standard way. LDAP originated from the
University of Michigan and was created to provide a "lightweight"
(reduced code and network traffic) version of DAP (Directory
Access Protocol), which is part of X.500, a standard for
directory services in a network. LDAP is an Open Standard
protocol (such as HTTP, FTP
etc.) and is the
official IETF standard for directory access across the
Internet. It is not surprising then that all the
leading Internet companies including
Microsoft, Sun/Netscape and Novell
are providing extensive support for the LDAP protocol in their
Directory Service products in order that they may in turn operate
with each other and integrate with the Internet.
In fact, LDAP has already been implemented by leading
Internet browsers and Mail products which are
already using the protocol in their shared address books.
Furthermore, LDAP also has the ability to link together distributed
directories in a transparent way to the user, which is an important
feature when building a global directory service.
LDAP was first deployed at CERN over a year ago to enable
Netscape users to search for people in the CERN address book
and to help auto-complete e-mail addresses when composing a
message. However, the new LDAP service means that users now
have an even richer and more powerful search tool which allows them
to search for other users by specifying more than just their
name. For example, with the new service one can search for a
person's e-mail address, telephone number, organisational group,
home institute, office number and so on. It is also possible
to combine a number of search criteria to help limit the number of
possible matches. For example, you may want to get in touch
with a person called 'Peter'
but you have forgotten
his surname. However, you also know that Peter is in LHC
division and works in building 30. The new LDAP search
enables you to enter all the information you know about a person or
group to focus your search and help you find exactly what you
need.
Another important addition to the LDAP search is the inclusion
of mailing lists to the CERN address book. The new service
enables users to search for a mailing list address by specifying a
simple 'keyword'
such as 'Java'
or
'Beam'
. Not only will this show users the mailing list
address they require it will also tell them who to contact if they
wish to find out more information about the list. Another
addition is the 'Services & Support'
directory which enables users to search for appropriate entries
when it is not a person they wish to contact but a support line or
a specific service. Another important change is the inclusion
of a new 'HEP'
directory. In
collaboration with laboratories (currently IN2P3 and DESY), we have
started to build a global address book which will help users search
for people across the whole particle physics community. This
global address book is achieved by sending search requests in
parallel to other LDAP servers being deployed at other
laboratories.
As LDAP services start to be implemented at different laboratories we hope this will bring the whole particle physics community together into one common global address book.
Screenshot of the Netscape Address Book
However, LDAP is far more than just a tool for looking up a person's e-mail address. Here in the IT division there are a number of planned projects which will benefit from the flexibility and platform-independent nature of the LDAP protocol, such as Roaming, Calendaring and other Web applications. Furthermore, all of the major Operating System vendors have also given their support to the LDAP protocol, including Windows 2000 Active Directory, Solaris and Linux. This could mean that in the near future a number of interoperability issues between different systems could be resolved in a standardised way, opening up a whole host of opportunities here at CERN and across the HEP community in general.