RFC 2307 (rfc2307) - Page 2 of 21
An Approach for Using LDAP as a Network Information Service
Alternative Format: Original Text Document
RFC 2307 Using LDAP as a Network Information Service March 1998
netgroups, booting information (boot parameters and MAC address
mappings), filesystem mounts, IP hosts and networks, and RFC 822 mail
aliases.
Resolution requests are made through a set of C functions, provided
in the UNIX system's C library. For example, the UNIX system utility
"ls", which enumerates the contents of a filesystem directory, uses
the C library function getpwuid() in order to map user IDs to login
names. Once the request is made, it is resolved using a "nameservice"
which is supported by the client library. The nameservice may be, at
its simplest, a collection of files in the local filesystem which are
opened and searched by the C library. Other common nameservices
include the Network Information Service (NIS) and the Domain Name
System (DNS). (The latter is typically used for resolving hosts,
services and networks.) Both these nameservices have the advantage of
being distributed and thus permitting a common set of entities to be
shared amongst many clients.
LDAP is a distributed, hierarchical directory service access protocol
which is used to access repositories of users and other network-
related entities. Because LDAP is often not tightly integrated with
the host operating system, information such as users may need to be
kept both in LDAP and in an operating system supported nameservice
such as NIS. By using LDAP as the the primary means of resolving
these entities, these redundancy issues are minimized and the
scalability of LDAP can be exploited. (By comparison, NIS services
based on flat files do not have the scalability or extensibility of
LDAP or X.500.)
The object classes and attributes defined below are suitable for
representing the aforementioned entities in a form compatible with
LDAP and X.500 directory services.
2. General Issues
2.1. Terminology
The key words "MUST", "SHOULD", and "MAY" used in this document are
to be interpreted as described in [RFC 2119].
For the purposes of this document, the term "nameservice" refers to a
service, such as NIS or flat files, that is used by the operating
system to resolve entities within a single, local naming context.
Contrast this with a "directory service" such as LDAP, which supports
extensible schema and multiple naming contexts.
Howard Experimental