RFC 2307 (rfc2307) - Page 2 of 21


An Approach for Using LDAP as a Network Information Service



Alternative Format: Original Text Document



RFC 2307      Using LDAP as a Network Information Service     March 1998


   netgroups, booting information (boot parameters and MAC address
   mappings), filesystem mounts, IP hosts and networks, and RFC 822 mail
   aliases.

   Resolution requests are made through a set of C functions, provided
   in the UNIX system's C library. For example, the UNIX system utility
   "ls", which enumerates the contents of a filesystem directory, uses
   the C library function getpwuid() in order to map user IDs to login
   names. Once the request is made, it is resolved using a "nameservice"
   which is supported by the client library. The nameservice may be, at
   its simplest, a collection of files in the local filesystem which are
   opened and searched by the C library. Other common nameservices
   include the Network Information Service (NIS) and the Domain Name
   System (DNS). (The latter is typically used for resolving hosts,
   services and networks.) Both these nameservices have the advantage of
   being distributed and thus permitting a common set of entities to be
   shared amongst many clients.

   LDAP is a distributed, hierarchical directory service access protocol
   which is used to access repositories of users and other network-
   related entities. Because LDAP is often not tightly integrated with
   the host operating system, information such as users may need to be
   kept both in LDAP and in an operating system supported nameservice
   such as NIS. By using LDAP as the the primary means of resolving
   these entities, these redundancy issues are minimized and the
   scalability of LDAP can be exploited. (By comparison, NIS services
   based on flat files do not have the scalability or extensibility of
   LDAP or X.500.)

   The object classes and attributes defined below are suitable for
   representing the aforementioned entities in a form compatible with
   LDAP and X.500 directory services.

2. General Issues

2.1. Terminology

   The key words "MUST", "SHOULD", and "MAY" used in this document are
   to be interpreted as described in [RFC 2119].

   For the purposes of this document, the term "nameservice" refers to a
   service, such as NIS or flat files, that is used by the operating
   system to resolve entities within a single, local naming context.
   Contrast this with a "directory service" such as LDAP, which supports
   extensible schema and multiple naming contexts.






Howard                        Experimental