LDAP central directory (Lightweight Directory Access Protocol) is an application protocol for searching information directories distributed over IP networks. Based on these directory services, it is possible to organize the information into recordsets, eventually structured hierarchically, which can be lists of users and their privileges, e-mail lists, telephone directories.
Introducing LDAP in Técnico
Most organizations use LDAP as a centralized repository of information for their users. In the particular case of Técnico, most of this information is found in the Fénix academic information management system. Historically, since the Fénix came before LDAP, at the time of the introduction of the latter, it was decided to double the information of the users for reasons of efficiency.
Current architecture
The preferred approach was based on a minimalist design that mainly aims to avoid overlapping of information, which translated into an LDAP schema that contained the minimum information so that users would authenticate as they do via the Fénix, if the posixAccount schema exists by default in the protocol.
In addition, the remaining information (e.g. of the degree or Department of origin) that resides only in the Fénix can be requested, whenever it is considered useful or necessary, through appropriate interfaces through webservices of the academic system itself. By way of example, Técnico’s central authorization system adopts this same solution.