Skip main navigation

What is a Directory Service?

In this video, you will learn about directory services, which can be thought of as a database.
6.3
We’ve referenced directory services a few times through the course and again in this section. A directory service, one way to think of a directory service is that it is a database. But it is a heavily read-optimized database. And the difference typically is that it is network-addressable. So like a database, it’s used for storing information. It helps us find information.
34.4
And this is tightly linked for this reason to identity and access management because the most frequent purpose for a directory service is to manage user objects and the logon process for network operating systems. So typical things we might find within a directory could include users, computer, servers, any kind of object. Directory services are typically based around the LDAP standard. This is the most popular directory service standard. And LDAP in turn was based on the predecessor to that, the X500 standard. Directory services require DNS as an integral aspect because they use domain names. They have a canonical naming format.
85.2
And they have a domain component that we’ll see on the next slide that requires DNS to help resolve addresses to the domain component. So some well-known directory service implementations based around the LDAP standard include Redhat. It’s called 389 Server. It’s called 389 Server because 389 is the port that LDAP users.
110.5
Active Directory: far and away the most popular in terms of user take up. This is a development upon the LDAP standard, and it is proprietary. So a lot of these organizations have modified the basic LDAP standard and implemented them in a proprietary format. We have the Oracle Internet Directory, OID, Sun Java’s directory server, IBM Tivoli, and others, so lots of different approaches. So LDAP was published under RFC4511, and it relies on the fact that we have this canonical naming format that is network addressable. At the bottom there, you can see the reference to a URI. This is a Unique Resource Indicator. This is a way of addressing something unique across the network. We can either query whether something exists.
163.8
We can request lists of information. We can change information.
169.5
We have different acronyms there: DNR, DN, DC. DC we’ve mentioned already. This denotes the domain component. CN stands for Common Name. This is the name that we may want to present. This is a form of attributes. We can support many different types of attributes. So most directory services let you customize the attributes you can have. But common ones include mail for email addresses, SN for surname. We have the distinguished name. This has the full path to the resource. And an object may have a different distinguished name over its lifetime as it moves between different domains or it moves within the LDAP repository. The relative distinguished name is less likely to change. This is the object identity that is relative.
230.3
And so this is something that will not change as it moves between the different elements of the different areas within the LDAP structure.

In this video, you will learn about directory services, which can be thought of as a database.

The most frequent use of directory services is to manage user objects and the login process for network operating systems. The directory service will help you store and find information, and is usually structured according to the Lightweight Directory Access Protocol (LDAP) standard.

This article is from the free online

Cyber Security Foundations: Reinforcing Identity and Access Management

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education