InformationWeek
Defining The Business Value Of Technology
June 22, 1998
Manage Custom Apps With LDAP
continued...page 3 of 3
Windows Sockets Resolution for name resolution; RPC OLEDB for querying directory data; and ADSI for directory object manipulation. If you need lower-level access to LDAP or other directory services with an API, you can call those, too.
ADSI provides a rich object model to access directory services programatically. ADSI provides two groups of objects, directory service leaf objects and directory service container objects.
Novell Making A Comeback
Novell has long been a leader in directory services with its Network Directory Services product, part of its network operating system. NDS didn't become a de facto industry standard, but Novell is making a comeback and has introduced its LDAP Services for NDS to extend NDS capabilities.
LDAP Services is a server-side NetWare Loadable Module, making NDS an LDAP-compatible directory server. It's not an application development toolkit as such. Instead, the NDS API is the application interface to directory services. This means applications developed with the NDS API and LDAP extensions can't access any LDAP server, but other LDAP-enabled applications can access NDS directory information. This lets users on the Internet or an intranet read and write NDS information and gives applications secure access to information in the NDS database.
IBM takes another tack in providing LDAP services. Its DSSeries LDAP Client for Java and its LDAP Java/C Tool-kit build upon Sun's JNDI toolkit, providing essentially all LDAP version 3 features to applications. IBM has added directory support across its product line, and made a commitment both to the LDAP protocol and to X.500 directory services.
The DSSeries set of services is IBM's integrated infrastructure for building e-Business applications, based on the IBM Network Computing Framework. DSSeries consists of an integrated set of directory, security, and availability technologies that facilitate the evolution of Internet-based infrastructure.
The LDAP Java/C Toolkit provides C-language APIs, header files, documentation, sample programs, and executable versions of the sample programs to allow custom applications access to any LDAP-compliant directory. At the time I reviewed the beta release, the SSL-related functions and the LDAP_OPT_ REBIND_FN option for the ldap_set_option API were not yet supported, though they should be in the final release.
There are some major differences in the ways these vendors implement directory services in custom apps. For now, Netscape has the most mature toolkit, operating on a variety of platforms and enjoying wide acceptance. Sun dominates the Java-only market, and is fighting Netscape for leadership in having its toolkit incorporated into other development tools.
Novell has extended its mature NDS with LDAP so client software can access the NDS directory, using the NDS API for custom development. IBM builds upon Sun's JNDI toolkit to provide its own directory extensions. And Microsoft is likely to dominate the Windows market for directory services when it releases Windows NT 5.0.
The LDAP toolkit market is wide open at this stage, with some vendors using LDAP to promote other products and technologies. This bodes well for continuing innovation for directory services, but the inevitable shakeout means that developers must choose their tools carefully.
Don Kiely is the director of technology for SkyFire Group, an application development firm in Fairbanks, Alaska. He can be reached at donkiely@computer.org.
return to page 1, 2
View a list of "LDAP Toolkit Feature Comparison" in a PDF file.
To view a PDF file,download the
Adobe Acrobat Reader.
Back to Labs
Send Us Your Feedback
Top of the Page
Featured Microsite
