LDAP Security Overview

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hello Cybrarians, and welcome back
00:00
>> to the Linux plus course here at Cybrary.
00:00
>> I'm your instructor Rob Goelz.
00:00
In today's lesson,
00:00
>> we're going to have an overview of LDAP.
00:00
>> Upon completion of today's lesson,
00:00
you are going to be able to explain
00:00
how LDAP is structured and
00:00
then also talk about the benefits
00:00
of using LDAP for authentication.
00:00
LDAP is actually the Lightweight
00:00
Directory Access Protocol
00:00
>> and it's just a protocol that's used
00:00
>> for providing directory services.
00:00
It uses the hierarchical
00:00
>> or tree-like database structure.
00:00
>> We can see that over on the right-hand side.
00:00
But LDAP is just an implementation of a X.500
00:00
directory service standard that has been
00:00
around for a very long time.
00:00
It specifically defines database objects
00:00
such as usernames and passwords, that makes sense.
00:00
We're using it for access.
00:00
But it also defines things like devices,
00:00
computers, networks and printers.
00:00
Now X.500 itself specifies
00:00
the structure and attributes schema for the objects.
00:00
Object entries are held in what is called
00:00
the directory information base
00:00
>> and the DIB entries are arranged in
00:00
>> the tree structure that
00:00
we've see over on the right-hand side.
00:00
That tree structure is actually referred to as
00:00
the directory information tree or DIT.
00:00
Now there are several benefits of using LDAP,
00:00
>> first of all, a huge benefit of LDAP is that
00:00
>> you can distribute or replicate
00:00
>> the database between servers
00:00
>> and that way you can eliminate
00:00
>> a single point of failure
00:00
>> in each one of the servers where this
00:00
is cloned or distributed to.
00:00
It can contain either part of the database
00:00
>> or a copy of the entire thing
00:00
>> and then database changes do get replicated
00:00
>> generally from the primary database
00:00
>> or primary LDAP server to the secondary servers.
00:00
>> Another benefit of LDAP is that administrators
00:00
can control permissions for multiple resources,
00:00
lots of different users, lots of different things,
00:00
and then the servers where
00:00
the users are trying to access,
00:00
go back to the LDAP database
00:00
>> and verify the user access to the requested resources.
00:00
>> LDAP itself is vendor neutral,
00:00
it operates in both Linux and Windows environments,
00:00
and LDAP is sometimes called
00:00
Open Source Active Directory
00:00
because they're very similar.
00:00
They both use the X.500 standard.
00:00
Now, LDAP's version 3 is the most secure version
00:00
>> and that's because it implements TLS.
00:00
>> The thing to remember about LDAP
00:00
>> is that it has two ports in use.
00:00
>> If it's using Port 389, it's unsecured,
00:00
just regular, you know all that but no TLS setup.
00:00
But if you're using TLS to secure your LDAP,
00:00
you're going to be using Port 636,
00:00
so 389 for not secure
00:00
or 636 for a secured LDAP connection.
00:00
With that, we've reached the end of this lesson,
00:00
and in this lesson we talked about
00:00
>> how LDAP is structured
00:00
>> and the benefits of using LDAP for authentication.
00:00
>> Thanks so much for being here
00:00
>> and I look forward to seeing you in our next lesson.
Up Next