Lightweight Directory Access Protocol or LDAP is a communication protocol. LDAP is defining as the transport format of messages used by a client to access data in X.500 -like directory. LDAP does not define the directory service itself. It stores information and can be retrieved by the LDAP protocol. (IBM Understanding LDAP Design and Implementation, June 2004)
Information such as users, applications, files, printers other resources that available from a network is frequently stored into a special database also known as directory. As the number of different networks and applications has grown-up, the number of specialized directories of information has grown-up, causing in over loaded of information that are hard to share and manage. (IBM Understanding LDAP Design and Implementation, June 2004)
LDAP is not only for large installations but it is also can be used to manage user account in small installations just as simply and since the source is freely available and easily get. Hence, the capital costs can be minimal for those who want to roll their own directory. It has even been used for printer queue applications. (Beth Cohen, Aug 12, 2002)
1.2 Problem Statement
All information that easily reached from a network such as information of users, printers, files and applications is often stored into a special database also known as directory. As the number of different networks and applications has grown, the number of specialized directories of information has also grown which resulting in over loaded of information that is difficult to share and manage. (IBM Understanding LDAP Design and Implementation, June 2004) If all of this information could be maintained and accessed in a consistent and controlled manner, it would provide a focal point for integrating a distributed environment into a consistent and seamless system. A directory usually contains entries that are static or change infrequently. This is because it is designed to provide very fast response to searches and lookups. Meanwhile a database often contains entries that can change frequently. Besides, directories are really specialized data storage. (How LDAP Works, January 2003)
1.3 Project's Aim/Goal
Our project's aim is to create a Lightweight Directories Access Protocol (LDAP) directory as Network Information Service (NIS).
1.4 Objective
Our main objective for this project is to create a Lightweight Directory Access Protocol (LDAP) directory. Next, to store information about the data in the LDAP directory created and lastly to visualize the information that has been stored in the directory through a web pages.
1.5 Project Scope
This project is conducted in order to create LDAP directory that will stores all the CISCO network devices information. Hence it will involve CISCO network devices used in UiTM. Free open LDAP software will be used in developing the directory and Adobe Dreamweaver software will be used in developing the webpage.
1.6 Project Significant
This project will ease UiTM administrator where they can see updated CISCO network devices information that has been visualized through a web page.
2.0 Literature Review
2.1 Capture packet data of Cisco Network Device
As we want to store Cisco network device information, we need to capture the packet data before storing it into the directory. We will capture Cisco Discovery Protocol (CDP) packet to get all the information based on the CDP packet format. CDP packet consists of information about Cisco device on the network. . It includes of a header and a set of variable-length fields.
http://www.cisco.com/univercd/illus/1/70/10570.gif
Figure 2.1: CDP Packet Format
2.1.2 How to capture the CDP packet
We will use Cisco Discovery Protocol Reporter (CDPR) tools to capture and decode CDP packet. It will report device ID, IP address of the device and port number by default. Besides, CDPR also will decode the whole entire CDP packet optionally.
2.2 LDAP Directory
2.2.1 How to create LDAP directory
2.3 Visualization of Cisco Network Device Information through Webpage
Web design comprises many diverse skills and restraints in the production and maintenance of websites. (Web Design Definition, Troy Philis, January 23rd, 2007) Web design is used as a general term to describe any of the various tasks involved in creating a web page. More precisely, it refers to jobs focused on building the front-end of a web page. The web consists of numerous pages, presenting information using different technologies and linked together with hyperlinks. There are two basic aspects to any web page found on the Internet. The first is a presentation that the user interacts with, usually visually, while the second is a back-end that includes information for non-human browsers. The basic markup language used to tell a browser how to present information is called the HyperText Markup Language (HTML).
2.3.1 How to visualize
In developing a web for this project, Adobe Dreamweaver will be use. Adobe Dreamweaver (formerly Macromedia Dreamweaver) is a web development application originally created by Macromedia. Adobe's Dreamweaver is far more than a simple HTML editor. With its support for a great number of scripting languages (PHP, ASP, CSS and more), Dreamweaver is the most powerful, most fully featured web developer tool. It is also a great time-saving feature, which can help the professionals avoid errors and which allows them to easily experiment with different sets of code. Furthermore, Dreamweaver is an industry standard for a web development environment which consents any type of users, from beginners to professionals, from designers to developers, creates simple or complex dynamic websites. (Retrieved from http://www.ntchosting.com/web-design/dreamweaver.html)
2.4 Comparison of related work
Below are all the related works to the project
2.4.1 An Introduction to LDAP (Michael Donelly)
This article is explained about the introduction of the Lightweight Directory Access Protocol (LDAP) and how to understand the concept for the beginner without any knowledge. The problem from this journal is how to design, implement, and integrate an LDAP environment. For an introduction, Lightweight Directory Access Protocol, which is known as LDAP, is rely on the X.500 standard, but it is simpler and more readily adapted to meet institution needs. Unlike X.500, LDAP supports TCP/IP, which is necessity for Internet access. Other than that, LDAP is similar as a Database Management System (DBMS) from Sybase, Oracle, Informix, or Microsoft which is purpose to process queries and updates to a relational database, an LDAP server is sense to process queries and updates to an LDAP information directory. In other words, an LDAP information directory is a type of database, but it's not a relational database. Next, using an LDAP we can get more advantages than using another system database because it is easy to update the company's internal applications to add LDAP support and do not have to pay for either client connection software or for licensing unlike many relational databases. Besides, most LDAP servers are easy to install, easily maintained, and easily optimized. The similarities with our project is we will store a lot of data using LDAP and the differences is we do not use an Oracle, Sybase, Informix, or Microsoft SQL database to store the data. For the conclusion, the strength of this article is we can access the LDAP directory from majority any computing platform, from any one of the increasing number of readily available, LDAP-aware applications.
2.4.2 A Distributed Data Integration Framework Based on Web Services and LDAP (Zhang Feng, Chen Xin, Wei Yongshan, 2009)
This journal is described about a distributed data integration framework based on Web services and Lightweight Directory Access Protocol. The problem from this journal that I realized is distributed data integration is the problem of distributed computing. From this journal, it is supply a framework for distributed data integration. In this framework, Web services, which are used to supply the interface for data sources, are recorded into the distributed and dynamic resource directories based on LDAP. All the Web services in the record are described with the Web Services description model named WSDM, which is apply to save metadata of the data that a Web service can spend. By this means, the system can refer the Web services needed to response to the user, thus the efficiency can be increased. In addition, the distributed registries can work even if one registry breaks down. The similarities from this journal with our project are we use web services for data integration and we didn't found any differences from this journal with our project. As a conclusion, Web Service is a new form of distributed computing, which uses a series of open protocol to form a platform independent and loosely coupled distributed computing environment.
2.4.3 LDAP Framework, Practice and Trends (Vassiliki Koutsonikola, Athena Vakali)
This journal described about LDAP framework which is it is based on the client-server model. Each LDAP client uses the LDAP protocol, which runs over TCP/IP, to fetch data stored in a directory server's database. LDAP clients are either straightaway controlled by an LDAP-installed server or handle by an LDAP-collaborating application.
Figure 2.4.3: The LDAP framework. Devices and servers use the LDAP protocol to access data stored in LDAP server databases.
The problem from the journal is how to retrieve to the information organized under a variety of frameworks and applications and the similarities with our project is it fixed core schema that controls the directory hierarchy in LDAP. The differences with our project is user determine the schema in relational databases. For the conclusion, LDAP operations are based on the client-server model and relational databases expeditiously support complex relationships between objects, in LDAP directories, it can be troublesome to represent nonhierarchical relationships between objects.
2.4.4 Multimedia Learning System (MMLS): Valuing the Significance of Cognitive Task Analysis Technique and User Interface Design (Nor'ain Mohd Yusoff, Wong Chui Yin, 2010)
This paper presents a development of e-Learning System and substantial contributions of user interface design elements and task analysis for the deployment of a novel Multimedia Learning System (MMLS). An overview of MMLS starting from the content development flow to the implementation stage. This project is currently being developed at the Multimedia University (MMU) Malaysia. Adobe Dreamweaver and Adobe Flash were applied by the teaching staff to develop the interactive learning environment within the two campuses in MMU. Cognitive Task Analysis (CTA) is present as a means of capturing the psychological complexity of tasks that involved significant cognitive activities such as planning, diagnosis and decision-making during the human-system interaction design process. The conclusion is MMLS are able to empowers a geographically , and increase efficiency and temporally dissipate group of educators, administrators, and students to take part in a dynamic learning organization.
2.4.5 Design and Implementation of Secure Web-based LDAP Management System (C.S. Yang et.al, 2001)
More and more services are full of the Internet, as the Internet rapidly grows up. How to supply high quality, convenient, and personalized services to the users are the serious issues for Internet service providers to keep customers to connect to their web sites. Directory is a crucial part of Internet technology to sustain such needs. Directory exists in a multitude of applications ranging from operating systems, asset management systems, security systems, etc. In directory industry field, we can split up the products into 3 fields: directory server, management system, and directory application. One of the important parts of directory services is management system. Now directory management system focused on non-web-based system. While it is necessary to provide web-based management interface for directory services applied on Internet services. Web-based management interface will provide advantages of ubiquity, cross platform, thin client, and reduced TCO (total cost of ownership). In this paper, we proposed and implemented a web-based LDAP management architecture to provide such benefits and to manage multiple LDAP servers. To build the system, so the system is easy to be ported and minimized change of original system, we used the standard protocol and popular software of Internet technology usually used. From the journal, the problem is on how to provide high quality, convenient, and personalized services to users and the similarities with our project is LDAP is specialized databases that are designed to make it quickly and easy to look up information. The difference is we do not provide a mechanism to identify security problems. As a conclusion, it is good to implement a web-based LDAP management architecture to provide such benefits and to manage multiple LDAP servers.
*2.4.6 Key Concepts and Services of a Grid Information Service (Beth Plale et.al, 2002)
For an introduction the Grid denotes a middleware infrastructure for wide-area scientific and engineering computing characterized by multiple administrative domains and geographically broad distribution of resources and users. Current research is directed toward establishing the key services that make up the Grid. Though the grid community agrees that IPv4/IPv6 is a good current and immediate future choice for the underlying network protocol, there is ongoing discussion about middleware services such as global naming, remote process execution, authentication, and security. Solutions implementing multiple key services exist in the Condor, Globus, and Legion systems. While Globus currently enjoys broad support in the European community, no one solution has emerged as the standard. The problem from this journal is Key services as the grid information service and the similarities with our project is that we use LDAP service but this journal use MDS-1 and MDS-2. For the conclusion, grid resource information is best served by a hierarchical representation and we should not implement middleware services such as global naming, remote process execution, authentication, and security.
2.4.7 LDAP: Replacing Exchange Revisited (http://www.linuxjournal.com/node/1000174)
LDAP can use up numerous places in an IT infrastructure. For example, you can migrate Network Information Services (NIS) to LDAP. While many others exist, the NIS migration model serves as one excellent example. NIS is client-server directory service protocol for distributing system configuration information such as user and host names between computers on a computer network. LDAP uses a hierarchical structure while NIS uses a flat database structure. From the article, it is show that it did not find a stretch to duplicate those LDAP objects. The similarity with our project us is we use Open LDAP to implement the project but this article use Fedora Directory Server. As a conclusion, it is plain and simple; the Open Source Community has had the makings of products widely used in enterprises today.
2.4.8 Integrating Web Server Applications With LDAP Authentication: Case Study on Human Resources Information System of Ul (Riri Fitri Sari, Syarif Hidayat,2006)
This journal is discussed about Lightweight Directory Access Protocol (LDAP) by using authentication method for user. This method adapts the need of high level of security, single sign-on, and centralized user management which gives services of security and integrated directory especially with capability of storing and managing user information in a directory. Therefore at the same time the user can determine application, service and server that wants to be accessed and his/her privilege. The user can accessed every application easily without having to remember more than one username or password as well as privilege to users according to the existing information on the LDAP server. The problem state that we found from this journal is user will have a lot of username and password to remember, it will complicate the user so to resolve it by authenticate method by using LDAP. As a conclusion, authentication method by using LDAP, each web-based application can be united using single identification of user information stored in the directory of LDAP server.
2.4.9 LDAP 101- Glue Your Network's Pieces Together (Beth Cohen, 2002)
This article is discussed about the introduction to LDAP and applications and protocols you need to understand and support. Forgotten passwords, disabled passwords, mistyped passwords and the others have been heard all of these requests and more. According to the Giga Information Group, problems with passwords represent 30% of all helpdesk calls. Cutting down on even 50% of these routine calls is an enormous savings since call-center contacts cost lots of time and money. Your boss has just told you that you need to create an application to cognize of all your user accounts, their computers and anything else about them that are connected to the network to minimize these calls. It needs to be easy to use and easy to implement. The problem statement from this article is user's always forgotten passwords, disabled passwords, and mistyped passwords. As a conclusion, we need to understand the basic concept to create LDAP directory and how planning to use it.
2.4.10 DEN (Directory-Enabled Networking) (http://searchnetworking.techtarget.com/definition/DEN)
Directory-Enabled Networking (DEN) is an industry-standard initiative and specification for how to build and store information about data, network's users, and applications in a central directory. Enable applications to be developed that will automatically learn of user access privileges, bandwidth assignments, and the company's resource policies, and provide services accordingly is a standard way of describing the network's elements in a central repository. The result should enable new services and reduce the cost of running the network. Based on another recent standard initiative, the Common Information Model (CIM) DEN defines an object-oriented information model. Both models are being mapped into the directory defined as part of the Lightweight Directory Access Protocol (LDAP). DEN and CIM are an advance over and can be used with the Simple Network Management Protocol. From this article, the similarity with our project is we will store the information in the central directory and as a conclusion, when the user changes locations or positions and every level of access should not require significant manual assistance to implement because directory enable network provide the user with the proper level of access to its resources without needing manual assistance from a network administrator.
Table 2.1 shows the features, similarities, differences, strengths and weaknesses of all ten journals of our choice.
Table 2.2: Comparison of Related Works.
No
Title /Author/Organization
Problem
Proposed Solution
Strength
Weaknesses
Similarities
Differences
1
An Introduction to LDAP (Michael Donelly)
How to design, implement, and integrate an LDAP environment
- Store a broad range of data
- Using an Oracle, Sybase, Informix, or Microsoft SQL database to store broad data.
Can access the LDAP directory from almost any computing platform, from any one of the increasing number of readily available, LDAP-aware applications.
2
A Distributed Data Integration Framework Based on Web Services and LDAP (Zhang Feng, Chen Xin, Wei Yongshan,2009)
Distributed data integration is an issue of distributed computing.
-Use Web services for data integration
Web Service
is a new form of distributed computing,
which uses a series of open protocol to form a platform
independent and loosely coupled distributed computing
environment
3
LDAP Framework, Practice and Trends (Vassiliki Koutsonikola, Athena Vakali)
How to access to information organized under a variety of frameworks and applications.
- Fixed core schema controls the directory hierarchy in LDAP.
-User defines the schema in relational databases.
LDAP operations are based on the client-server
Model.
Relational databases efficiently
support complex relationships between objects, in
LDAP directories, it can be difficult to represent nonhierarchical relationships between objects.
4
Multimedia Learning System (MMLS):
Valuing the Significance of Cognitive Task
Analysis Technique and User Interface Design (Nor'ain Mohd Yusoff, Wong Chui Yin, 2010)
Development of e-Learning
System and significant contributions of task analysis and user
interface design elements for the deployment of a novel
Multimedia Learning System (MMLS)
-Adobe Dreamweaver.
-Adobe Flash
Capturing the psychological
complexity of tasks that involved significant cognitive activities
such as planning, diagnosis and decision-making during the human-system interaction design process.
5
Design and Implementation of Secure Web-based LDAP Management System (C.S. Yang et.al,2001)
How to provide high
quality, convenient, and personalized services to users are
the important issues for Internet service providers to keep
customers to connect to their web sites
- LDAP is specialized databases that are
designed to make it quickly and easy to look up
information
- Provide a
mechanism to identify security problems including
identity verify: communication secure, access control, error control.
Implemented a web-based LDAP management
architecture to provide such benefits and to manage multiple LDAP servers.
6
Key Concepts and Services of a Grid Information Service (BethPlale et.al,2002)
Key services, the grid information service.
LDAP service
MDS-1 and MDS-2
Grid resource information is best served by a hierarchical representation.
Middleware services such as global naming, remote process execution, authentication, and security.
7
LDAP : Replacing Exchange Revisited (http://www.linuxjournal.com/node/1000174)
Did not find a stretch to duplicate those LDAP objects
-Use Open Source LDAP
-Fedora Directory Server
Plain and simple, the Open Source Community has had the makings of products widely used in enterprises today.
8
Integrating Web Server Applications With
LDAP Authentication:
Case Study on Human Resources Information System of Ul (Riri Fitri Sari, Syarif Hidayat,2006)
-User will
have a lot of username and password to remember, it will complicate the user.
-Authenticate method by using LDAP.
Authentication method by using LDAP, each
web-based application can be united using single
identification of user information stored in the directory of
LDAP server.
9
LDAP 101- Glue Your Network's Pieces Together ( Beth Cohen,2002)
Forgotten passwords, disabled passwords, and mistyped passwords.
-Creating an application provides users with self-help password restoration
Understanding the basic concept to create LDAP directory and how planning to use it.
Allow the user the option to implement the server or let it remain a gateway to an X.500 directory.
10
DEN (Directory-Enabled Networking) (http://searchnetworking.techtarget.com/definition/DEN)
How to construct and store information about a network's users, applications, and data in a central directory.
- Store information in central directory.
Provide the user with the proper level of access to its resources without needing manual assistance from a network administrator when the user changes locations or positions.
Level of access has required significant manual assistance to implement.
3.0 Methodology
