A directory service is a central point in a computer or a computer network where network services, security services, applications, and the like can inform other entities in the computer or network about their services, thus forming an integrated distributed computing environment. The current use of directory services may be classified into several categories. A “naming service” uses a directory as a source to locate an Internet host address or the location of a given server. A “user registry” stores information of all users in a system composed of a number of interconnected machines. The central repository of user information enables a system administrator to administer the distributed system as a single system image. Still another directory service is the MICROSOFT ACTIVE DIRECTORY directory service, a product of Microsoft Corp. of Redmond, Wash., which allows a system administrator to manage users, computers, printers, and other objects.
Conventional access to a directory service, such as a MICROSOFT ACTIVE DIRECTORY directory service is typically achieved by way of a Lightweight Directory Access Protocol (LDAP) query string. For example, a MICROSOFT ACTIVE DIRECTORY directory service can be accessed using LDAP application programming interfaces (APIs). However, using such APIs requires an intimate knowledge of the APIs and requires programming to call the APIs.
An MICROSOFT ACTIVE DIRECTORY directory service may also be accessed using ACTIVE DIRECTORY Service Interfaces (ADSI). However, using ADSI also requires programming.
Another method of accessing a directory service is the use of an LDAP query string formatted as a Universal Resource Locator (URL) query string (i.e., an LDAP URL) that is mapped to the directory service. The LDAP URL includes portions referencing a host port, a scope, an attribute, a query filter, and optional extension mechanisms. The LDAP URL host port portion references a particular directory server. The scope portion defines a search scope for the query. The search scope limits the objects that are searched during a request for information from a directory service. The attribute portion determines the attribute value to return based on the query. The query filter portion operates in a manner similar to commonly known filters, such as the wildcard “*”. The optional extension mechanisms are implemented with APIs. This method also assumes that LDAP protocol will be used to for communication.
Importantly, the use of an LDAP URL to access information in a directory service behind a firewall is limited for the reason that many directory service owners (corporations, typically) are unwilling to allow external access to LDAP ports on a firewall, mainly for reasons of security, resource utilization, and overhead issues. Nevertheless, such owners are more likely willing to allow external access to Hyper Text Transport Protocol (HTTP) ports on the firewall.
Therefore, there is a need for access to a directory service via an HTTP port. More particularly, a need exists for a system and method for accessing a directory service by way of an HTTP URL.