What is Active Directory?
Active Directory (AD) is a directory service that Microsoft developed for Windows
domain networks. It is included in most Windows Server operating systems as a
set of processes and services.
A server running Active Directory Domain Services (AD DS) is called a domain
controller. It authenticates and authorizes all users and computers in a Windows
domain type network assigning and enforcing security policies for all computers
and installing or updating software. For example, when a user logs into a computer
that is part of a Windows domain, Active Directory checks the submitted password
and determines whether the user is a system administrator or normal user.
Also, it allows management and storage of information, provides authentication and
authorization mechanisms, and establishes a framework to deploy other related
services: Certificate Services, Federated Services, Lightweight Directory Services
and Rights Management Services
What is LDAP?
The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral,
industry standard application protocol for accessing and maintaining distributed
directory information services over an Internet Protocol (IP) network. Directory
services play an important role in developing intranet and Internet applications by
allowing the sharing of information about users, systems, networks, services, and
applications throughout the network. As examples, directory services may provide
any organized set of records, often with a hierarchical structure, such as a corporate
email directory.
A common use of LDAP is to provide a central place to store usernames and passwords.
This allows many different applications and services to connect to the LDAP server to
validate users
Available Active Directory servers
1. Microsoft Active Directory - by Windows:
Active Directory is Microsoft's trademarked directory service, an integral part
of the Windows 2000 architecture. Active Directory is a centralized and
standardized system that automates network management of user data, security,
and distributed resources, and enables interoperation with other directories.
Active Directory is designed especially for distributed networking environments.
2. OpenLDAP - by community developed(OpenLDAP foundation)
OpenLDAP is a free, open source implementation of the Lightweight Directory
Access Protocol (LDAP) developed by the OpenLDAP Project. It is released
under its own BSD-style license called the OpenLDAP Public License.
LDAP is a platform-independent protocol. Several common Linux distributions
include OpenLDAP Software for LDAP support. The software also runs on
BSD-variants, as well as AIX, Android, HP-UX, macOS, Solaris, Microsoft
Windows (NT and derivatives, e.g. 2000, XP, Vista, Windows 7, etc.), and z/OS.
3. FreeIPA - an upstream open-source project for Red Hat Identity Manager
FreeIPA is an Identity management system. It aims to provide an easily managed
Identity, Policy, and Audit (IPA). Its features are Integrated security information
management solution combining Linux (Fedora), 389 Directory Server, MIT
Kerberos, NTP, DNS, Dogtag certificate system, SSSD and others, built on
top of well known Open Source components and standard protocols, strong
focus on ease of management and automation of installation and configuration
tasks, full multi master replication for higher redundancy and scalability,
extensible management interfaces (CLI, Web UI, XMLRPC and JSONRPC
API) and Python SDK
4. ApacheDS - by Apache
ApacheDS™ is an extensible and embeddable directory server entirely written
in Java, which has been certified LDAPv3 compatible by the Open Group.
Besides LDAP it supports Kerberos 5 and the Change Password Protocol.
It has been designed to introduce triggers, stored procedures, queues and
views to the world of LDAP which has lacked these rich constructs.
5. OpenDJ - by Oracle, ForgeRock
OpenDJ is a directory server which implements a wide range of Lightweight
Directory Access Protocol and related standards, including full compliance with
LDAPv3 but also support for Directory Service Markup Language (DSMLv2).
Written in Java, OpenDJ offers multi-master replication, access control, and
many extensions.
6. 389 Directory - by Red Hat
The enterprise-class Open Source LDAP server for Linux. It is hardened by
real-world use, is full-featured, supports multi-master replication, and already
handles many of the largest LDAP deployments in the world.
The 389 Directory Server can be downloaded for free, and set up in less
than an hour.
Open Source LDAP Directory Servers
1. OpenLDAP based on LDAP
2. FreeIPA based on 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag, LDAPv3
3. ApacheDS based on LDAP and Kerberos
4. OpenDJ based on LDAPv3
5. 389 Directory - based on LDAP
Licensed Open Source LDAP Directory Server
1. OpenLDAP - OpenLdap Public Licence
2. ApacheDS - under Apache License
3. OpenDJ - under the CDDL(Common Development and Distribution License)
4. FreeIPA - under the GNU General Public License v3
5. 389 Directory Server - GPL License
No comments:
Post a Comment