1.2 - Network Layer

This layer is the part the user connects to when he wants to obtain some data from the server. This is not a mandatory part of the server : we don't need to use it when the server is embedded.

We offer more than just LDAP protocol, the server also include various protocols :

  • Kerberos
  • NTP
  • DHCP
  • DNS
  • ChangePassword

Not all of them are implemented in the current version, but at least the Kerberos server is available. The other protocols have been developed as a proof of concept : as they are all depending upon a storage database, we have used the LDAP server as a storage.

It's perfectly possible to imagine more protocols being implemented in the near future...

Server startup

This chapter title is a bit misleading. We don't start a server, we start a DirectoryService, then we start various servers on top of it. The DirectoryService is the part responsible for the management of data (retrieval, storage, etc). All the servers can access this storage if needed.

So when the DirectoryService has been started and is operational, we can start the various servers, which will accept incoming requests from remote peers.


We allow connection through the definition of transports. A Transport is a TCP or an UDP socket capable of absorbing a request and to send a response. Depending on the type of server, we may declare one or more TCP Transports, or a TCP and a UDP Transports, or an UDP Transport only.

Ldap Server

The LDAP server needs one or two TCP Transport. We have the standard LDAP port (defaulting to 10389 for ApacheDS, but the well know port is usually 389), and one can also declare the LDAPS port (defaulting to 10636 for ApacheDS, but the well know port is usually 636).

Note that *LDAPS* is considered as deprecated.

Kerberos Server

The Kerberos Server uses one TCP Transport (defaulting to 60088, but the well know port is 88 ) and one UDP _transport (same value for both ports). The idea is that the communication starts on TCP and continues on UDP.

ChangePassword Server

The ChangePassword Server uses one TCP Transport and one UDP transport, too. The default value is 60464, but the well known port is 464.

Http Server

We have a HttpServer running too, it's used for management. The declared ports are both TCP port, one is for HTTP and its default value is 8080, the other one is for HTTPS and its default value is 8443.