Week 4 - LDAP Flashcards
What does LDAP stand for?
Lightweight Directory Access Protocol
What does LDAP do?
LDAP is used to access information in directory services (like over a network)
What are 2 of the most popular services that use LDAP?
- Active Directory
- OpenLDAP
Besides the add, remove, modify entries operations you can do with LDAP, what else can you do?
the bind operation
What is the bind operation?
authenticates clients to the directory server
What are the 3 common ways to authenticate? (during the binding operation when using LDAP)
- Anonymous
- Simple
- SASL (Simple Authentication & Security Layer)
What does SASL authentication stand for?
Simple Authentication & Security Layer
What does SASL authentication require?
the client and directory server to authenticate using some method (like Kerberos, most common)
What is Kerberos?
a network authentication protocol that’s used to authenticate user identity, secure the transfer of user credentials, etc
Which are the most insecure ways to authenticate? (2)
Anonymous and Simple, anonymous is like a public phone book access-wise
Simple just needs the directory entry name and password usually sent in plain text
What is the most secure authentication method?
Simple Authentication & Security Layer (SASL)
requires client -and- directory server to authenticate somehow usually with Kerberos