Lightweight Directory Access Protocol (LDAP) is an industry standard for accessing directory services. Directory services allow components to look up information by a distinguished name (DN) from an LDAP server that stores and manages server, user, and software information that is used throughout the enterprise or over a network.
The LDAP server can be located on a different platform from the one on which Adaptive Server or the clients are running. LDAP defines the communication protocol and the contents of messages exchanged between clients and servers. Messages are operators, such as client requests for read, write and query, and server responses, including data-format information.
The LDAP server stores and retrieves information about:
Adaptive Server, such as IP address, port number, and network protocol
Security mechanisms and filters
High availability companion server name
The LDAP server can be configured with these access restrictions:
Anonymous authentication – all data is visible to any user.
User name and password authentication – Adaptive Server uses the default user name and password from the file:
UNIX, 32-bit – $SYBASE/$SYBASE_OCS/config/libtcl.cfg
UNIX, 64-bit – $SYBASE/$SYBASE_OCS/config/libtcl64.cfg
User name and password authentication properties establish and end a session connection to an LDAP server.
The user name and password that are passed to the LDAP server for user authentication purposes are distinct and different from those used to access Adaptive Server.
When an LDAP server is specified in the libtcl.cfg or libtcl64.cfg file (collectively libtcl*.cfg file), the server information is accessible only from the LDAP server. Adaptive Server ignores the interfaces file.
If multiple directory services are supported in a server, then the order in which they are searched is specified in libtcl*.cfg. You cannot specify the search order with the dataserver command-line option. See “Multiple directory services”.