LDAP (Lightweight Directory Access Protocol) has been around for some time. The LDAP specification (RFC 2251, www.ietf.org) can be employed, as an exemplary application, to implement read-heavy databases or directories, wherein stored directory entries can be looked up quickly.
An example of a typical LDAP directory is a human resource (HR) directory wherein each entry may represent an employee record. LDAP entry objects have attributes. In the case of the HR directory example, the employee's last name, first name, email address, salary, home address, and phone number may represent various attributes of an entry. Each LDAP entry is uniquely identified by a distinguished name (DN), which is a unique identifier for each LDAP entry. Generally speaking, the distinguished name (DN) can be any string of characters. For example, the employee's email address may be employed as a DN since no two employees can validly have the same email address.
LDAP systems are typically accessed using a directory client, which is a front-end program for furnishing information to the LDAP server in order to enable the LDAP server to perform the LDAP operations. Through the use of a directory client, a user may, for example, add an entry, remove an entry, or modify an entry. The aforementioned three LDAP operations (e.g., add, remove, and modify) tend to constitute the bulk of the operations required in LDAP directory update and maintenance (referred to herein generically as LDAP update). These three LDAP operations are also operations most frequently involved in LDAP server provisioning (i.e., automated activities with an LDAP server to perform LDAP directory update and maintenance). With respect to the HR example above, a directory client may be employed to communicate with the LDAP server to add a batch of new employee entries into the LDAP directory, to remove one or more employees from the LDAP directory, or to modify information pertaining to one or more employees.
To allow the front-end directory client to exchange information with the LDAP server, there is a need to transform the directory client data into data conformant to the LDAP protocol, which may then be employed by the LDAP server to perform the necessary LDAP operations.
Some implementations of the LDAP specification employ LDIF (LDAP directory information format) as a directory update mechanism. Generally speaking, LDIF is a file format for representing LDAP directory information. Using LDAP server specific commands from the UNIX command line that refers to LDIF text files, for example, certain automation of LDAP server provisioning (e.g., populating a directory) may be achieved. LDIF is defined in RFC 2849 (www.ietf.org).
The LDIF format, however, is specifically designed for the LDAP protocol and is not widely used by front-end directory client programs. For example, it is believed that there are no customer relationship management (CRM) programs in existence that employs LDIF to represent data. Accordingly, there tends to be a substantial amount of work involved in interfacing LDAP servers to directory front-end programs when LDIF is employed as an intermediary.