LDAP, What is Lightweight Directory Access Protocol?

Part of the You Can Learn ASP.Net and C# series.
By Ken Brown
Editor, YouCanLearnSeries.com
Updated:
October 26, 2004

Download the Source Code

This is a three part article on building an LDAP web service.
LDAP, What is Lightweight Directory Access Protocol
Reading Information from the LDAP Server
Converting LDAP to Web Service

This article is to teach you how to build a web service to access your LDAP server. Businesses are reaching the conclusion that they have too many repositories of information and they need to create a single login for all their applications. They are turning to LDAP servers to meet that need.

If you have three applications running your business, maybe you want to enable a service so that each user in your network can access each application by logging in only once. A sample of this type of technology is Microsoft's Passport service where you log in once and have access to multiple web sites. You are automatically logged into MSN Messanger, the email service and potentially hundreds of websites around the world.

This is the direction business wants to go. A single login enables each user to remember fewer login ids and passwords. They only need to remember one. The LDAP technology is available on multiple operating systems, including Sun One, Microsoft's Directory Server, IBM and even open source LDAP servers. In the strictest sense LDAP is really not a server at all, but an interface to talk with a Directory Server.

In this sample, I will create a web service (asmx file), and a class to talk with the directory server using C# and ASP.Net. The C# class will be called LDAPComLink.cs and the web service's name will be LDAPWebServ.asmx. I am making the assumption that you know a little about web services and you have access to an LDAP server.

For starters, create a Web Application project. Add a class called "LDAPComLink" and a web service called "LDAPWebServ". To talk with the LDAP object you will need to add a reference to System.DirectoryServices. Right click on the References folder, choose Add Reference and arrow down until you find System.DirectoryServices.dll. Double-click on the DLL, choose OK and the file will be added to your project.

Now open up the LDAPComLink file and add a using statement to the Directory services dll, "using System.DirectoryServices;. It should show up under Intellisense. We will be returning the data back to the WebService through an XML file, so add a using System.Xml and for stringBuilder objects add a using System.Text;.

In the LDAPComLink file create a method that gets the LDAP info and returns it in an XmlDocument. For filtering the information you need, pass in a string to the method, which will represent a filter that is relevant in the LDAP language.

LDAP is similar to all new technology because they have their own language. It is similar to a database language in that it requires connectivity and querying for information. But after that all similarity ends. To understand LDAP you have to visualize a directory tree of information. At the top you have your Root directory, which is the server name or an IP address. Below the Root Directory is the Directory Suffix which represents the organization name or domain component. Itiswrittenlike:"dc=abc_de,dc=com".

Then next on the tree comes the organization unit and is written like "ou=people" or "ou=group". You can have multiple organization units within a Directory suffix. Most companies have a "people" or "person" organization, where they store their company's database of users. Then within the organization unit, you store multiple pieces of information such as usernames, surnames, email address, and their groups.

An example of an LDAP hierarchy structure

The filter we will pass to the GetLDAPInfo method will allow us to view information at the organization unit level or to filter information at the user level.

To connect to the LDAP we will need 4 important pieces of information.

  1. The domain and username expressed as a weblink "LDAP://myLDAP/cn=Users,dc=myLDAP"; This connection mentions the name of the server, cn= the level you want to access on the server and the directory suffix information. It can also be expressed as:"LDAP://123.12.12.123/dc=youcanlearnseries,dc=abc.us,dc=com"; Where the number is the ip address of the server. **** Neither of these addresses are valid addresses, you need to get the connectivity information for your own directory server.
  2. You need the username to connect to the server that you are accessing.
  3. You need the password necessary to connect to the server.
  4. Finally, you need the authentication type to connect to the LDAP interface. The AuthenticationTypes is part of the System.DirectoryServices dll from Microsoft.Net. AuthenticationTypes come in a wide variety of flavors,
    • Anonymous
    • Delegation
    • Encryption
    • FastBind
    • None
    • ReadOnlyServer
    • Sealing
    • Secure
    • SecureSocketsLayer
    • Server Bind
    • Signing
    Check with Visual Studio Help or the Microsoft site for specific information about the different AuthenticationTypes.
Go To Page  1 / 2 / 3

Home| About Us | NewsLetters | Contact Us |

Copyright © 2004-2014 You Can Learn Series

You Can Learn Series Home Page You Can Learn Series
You Can Learn Series Home Page Home            About the creators of YouCanLearnSeriesAbout Us      Contact YouCanLearnSeriesContact Us      Site map of YouCanLearnSeriesSite Map      Privacy Policy of You Can Learn SeriesPrivacy Policy       Terms of Use of You Can Learn Series web siteTerms of Use       YouCanLearnSeries RSS feed for C# tips and tutorials     
C# and ASP.Net Programming TipsC# and ASP.Net      SQL Tutorial, tips and tricks for DBA'sSQL       Landscaping Tips for Home GardenersLandscaping       WeightLifting Tips for the Young and OldWeightLifting       Kennos BlogBlog       Good health TipsGoodHealth       Learn about Great Travel DestinationsTravel     Web Business TipsWeb Business            You Can Learn Series' Online StoreStore



You Can Learn C# and ASP.Net SeriesC# and ASP.Net
  Using Client Side Code with C# and ASP.NetClient Side Code
  Using Client Side State Management with C# and ASP.NetClient Side State Management
  Create a C# Class in Visual StudioCreate A Class
  Use A Class in C#Use A Class
  Create a Solution in Visual StudioCreate a Solution
  Create a Project in Visual StudioCreate a Project
  Create an RSS feed for your Web SiteCreate an RSS Feed
  Create an RSS feed for your Web SiteListItemCollection
  Set Events in ASP.NetSet Events ASP.Net
  Set Events in C#Set Events C#
  What is Session State and How to Use it.Session State
  Creating and Using the C# SortedList ObjectSortedList Object
  Stylesheet Tips for Visual Studio .Net and ASP.NetStyleSheet Tricks
  Using C# MethodsUsing Methods
  Pass Objects to MethodsPass Objects to Methods
  Pass Objects from MethodsPass Objects from Methods
  Using Client side State management like ViewState and Hidden fieldsView State
  LDAP, What is Lightweight Directory Access ProtocolWhat is LDAP
  Build an LDAP ReaderBuild an LDAP Reader
  Convert information from LDAP to a Web ServiceLDAP To Web Service
  Question of the dayQuestion of the Day

You Can Learn SQL SeriesSQL
You Can Learn Landscaping and Gardening SeriesLandscape Tips
You Can Learn WeightLifting SeriesWeightLift Tips
Kenno's BlogBlog
You Can Learn Good Health SeriesGood Health Tips
You Can Learn Good Series NewslettersNewsletters
Learn about Great Travel DestinationsTravel
You Can Learn Series Web Business TipsWeb Business Tips
Merchandise Available from You Can Learn SeriesMerchandise

Sara A Mason - Sci-Fi Author of Renegades




Americas Public Schools