LDAP directory service is based on a client-server model. One or more LDAP servers contain the data making up the LDAP directory tree or LDAP backend database. An LDAP client connects to an LDAP server and asks it a question. The server responds with the answer, or with a pointer to where the client can get more information (typically, another LDAP server). No matter which LDAP server a client connects to, it sees the same view of the directory; a name presented to one LDAP server references the same entry it would at another LDAP server. This is an important feature of a global directory service, like LDAP.
The LDAP server daemon is called Slapd. Slapd supports a variety of different database backends which you can use.
They include the primary choice BDB, a high-performance transactional database backend; LDBM, a lightweight DBM based backend; SHELL, a backend interface to arbitrary shell scripts and PASSWD, a simple backend interface to the passwd(5) file.
BDB utilizes Sleepycat Berkeley DB 4. LDBM utilizes either Berkeley DB or GDBM. BDB transactional backend is suited for multi-user read/write database access, with any mix of read and write operations. BDB is used in applications that require:
Transactions, including making multiple changes to the database atomically and rolling back uncommitted changes when necessary.
Ability to recover from systems crashes and hardware failures without losing any committed transactions.
To import and export directory information between LDAP-based directory servers, or to describe a set of changes which are to be applied to a directory, the file format known as LDIF, for LDAP Data Interchange Format, is typically used. A LDIF file stores information in object-oriented hierarchies of entries.
