|
|
1
|
|
Directory Services in Networks
|
|
|
1.1
|
|
What is a Directory Service?
|
|
|
1.2
|
|
Fields of Application for Directory Services
|
|
|
1.2.1
|
|
Administration of Personal Data
|
|
|
1.2.2
|
|
E-Commerce
|
|
|
1.2.3
|
|
Resource Management
|
|
|
1.2.4
|
|
Bandwidth Administration
|
|
|
1.2.5
|
|
User Administration (Single Sign On)
|
|
|
1.3
|
|
X.500—A Standardized Directory Service
|
|
|
1.3.1
|
|
The Standards
|
|
|
1.3.2
|
|
Directory User Agent
|
|
|
1.3.3
|
|
Directory System Agents
|
|
|
1.4
|
|
DA Service and DIXIE—Predecessors of LDAP
|
|
|
1.4.1
|
|
First Steps to LDAP
|
|
|
1.4.2
|
|
The Development of LDAP
|
|
|
1.4.3
|
|
LDAP and X.500
|
|
|
1.4.4
|
|
Request for Comments
|
|
|
1.5
|
|
Active Directory and DNS
|
|
|
1.5.1
|
|
A New Name Service Replaces WINS
|
|
|
1.5.2
|
|
User Administration and Authentication
|
|
|
|
|
|
|
|
2
|
|
LDAP—The Concept
|
|
|
2.1
|
|
The LDAP Architecture
|
|
|
2.1.1
|
|
Directory Information Tree
|
|
|
2.1.2
|
|
Objects, Object Classes, and Attributes
|
|
|
2.1.3
|
|
The Database Scheme
|
|
|
2.2
|
|
LDAP—The Access Protocol
|
|
|
2.2.1
|
|
LDAP URLs
|
|
|
2.2.2
|
|
LDAP Browsers
|
|
|
2.2.3
|
|
Searching in the Directory Tree
|
|
|
2.2.4
|
|
Further Functions and Commands
|
|
|
2.3
|
|
LDIF—The LDAP Data Interchange Format
|
|
|
2.4
|
|
Application Programming Interface
|
|
|
2.4.1
|
|
Software Development Kits
|
|
|
2.4.2
|
|
Gateway Services
|
|
|
|
|
|
|
|
3
|
|
The LDAP Security Concept
|
|
|
3.1
|
|
Server and Data Protection
|
|
|
3.2
|
|
Access Rights
|
|
|
3.2.1
|
|
Simple Authentication
|
|
|
3.2.2
|
|
Simple Authentication and Security Layer
|
|
|
3.2.3
|
|
Secure Socket Layer and Transport Layer Security
|
|
|
3.2.4
|
|
Kerberos—Your Ticket, Please!
|
|
|
3.2.5
|
|
MD5—Security by Means of Hash Values
|
|
|
|
|
|
|
|
4
|
|
Planning the Directory Service
|
|
|
4.1
|
|
Basic Considerations
|
|
|
4.1.1
|
|
The Directory Tree—Preplanning
|
|
|
4.1.2
|
|
The Security Concept
|
|
|
4.1.3
|
|
Physical Implementation
|
|
|
4.2
|
|
Migration of Existing Directory Services
|
|
|
|
|
|
|
|
5
|
|
Configuration of an LDAP Server
|
|
|
5.1
|
|
Server Types
|
|
|
5.2
|
|
Configuration—OpenLDAP as an Example
|
|
|
5.2.1
|
|
The Configuration File
|
|
|
5.2.2
|
|
Access Control
|
|
|
5.2.3
|
|
Exercise: Configuration of a Directory via LDIF
|
|
|
|
|
|
|
|
6
|
|
Active Directory—The Concept:
|
|
|
6.1
|
|
Server Architecture with Windows 2000
|
|
|
6.2
|
|
Migration of Windows NT 4.0
|
|
|
6.3
|
|
The Domain Concept
|
|
|
6.3.1
|
|
Organizational Units and Containers
|
|
|
6.3.2
|
|
The Active Directory Schema
|
|
|
6.4
|
|
Procedures under Active Directory
|
|
|
6.5
|
|
Interoperability with LDAP
|
|
|
6.6
|
|
DNS in Windows 2000
|
|
|
6.6.1
|
|
DDNS and Active Directory
|
|
|
6.6.2
|
|
DHCP and DDNS
|
|
|
|
|
|
|
|
7
|
|
Security with Windows 2000
|
|
|
7.1
|
|
The Encrypting File System
|
|
|
7.2
|
|
User Authentication
|
|
|
7.2.1
|
|
Registration Process via NTLM
|
|
|
7.2.2
|
|
Windows 2000 and Kerberos
|
|
|
|
|
|
|
|
8
|
|
Hands-On Exercises on the Active Directory Service
|
|
|
8.1
|
|
Exercise: Creation of a Domain
|
|
|
8.1.1
|
|
Exercise: Creation of Organizational Units
|
|
|
8.1.2
|
|
Exercise: Creation of Users
|
|
|
8.2
|
|
Exercises on DDNS
|
|
|
|
|
|
|
|
9
|
|
Trends—The Future of LDAP and Active Directory
|
|
|
9.1
|
|
IETF—LDAP Roadmap
|
|
|
9.2
|
|
The Distributed Computing Environment—DCE
|
|
|
9.3
|
|
The DEN Initiative
|
|
|
|
|
|
|
|
A
|
|
Product and Information Materials
|
|
|
A.1
|
|
Server Products
|
|
|
A.2
|
|
Client Products
|
|
|
A.3
|
|
Literature
|
|
|
A.4
|
|
Links
|
|
|
|
|
|
|
