MSc Practical UNIX Security ''LDAP'' Essay Example | Topics and Well Written Essays - 2000 words

MSc Practical UNIX Security ''LDAP'' - Essay Example The Light Weight Directory Access Protocol is a communication standard that provides a communication channel for the clients within a directory service. A comprehensive definition of LDAP is defined as â€Å"Lightweight Directory Access Protocol, a protocol which helps find people, computers and other resources on a network. Designed to work with existing address-book standards and improve compatibility between widely differing systems, the ldap standard was adopted by the ietf in 1997 and now forms the basis of many white-page directories on the web. It has also been incorporated directly into some software programs and operating systems, making it possible to find e-mail addresses without visiting a directory site† (Ldap. 2003). LDAP was established after X.500 protocol, which was also a directory service standard protocol. ... Active directory is â€Å"an implementation of LDAP directory services by Microsoft for use in Windows environments. Active Directory allows administrators to assign enterprise-wide policies, deploy programs to many computers, and apply critical updates to an entire organization. An Active Directory stores information and settings relating to an organization in a central, organized, accessible database. Active Directory networks can vary from a small installation with a few hundred objects, to a large installation with millions of objects† (Active Directory. 2007). Few checklists are applicable including the network connectivity testing and raising the Active directory domain functional level to Windows 2003. Moreover, for Linux / UNIX, ‘identity management module’ installation is required on the domain controller along with the configuration of NIS server. LDAP Account Management In order to manage account in the UNIX network environment, the Unix systems are con figured with Microsoft Active directory for centralized management of user accounts. Moreover, it also solidify network security by integrating role based access and Kereberized authentication. Consequently, the operational cost is minimized, for the management of UNIX accounts. Moreover, UNIX contains various features for authentication and authorization. The authentication is concerned with user authenticity and authorization is related to ensure that users have been granted to perform tasks. However, there are some issues associated with UNIX account management: Synchronization is not properly conducted Vulnerabilities related to NIS Operating on LDAP services without multiple platform support Standardized management for