Friday, October 5, 2007


Differences Between LDAPv2 and LDAPv3 :

LDAPv3 supports the following implementations that were not supported in LDAPv2:

•The use of UTF-8 for all text string attributes to support extended character sets. Active Directory sends all responses in UTF-8 encoded form.

•Operational attributes that the directory maintains for its own use (for example, to log the date and time when another attribute is modified).

•Referrals, which allow a server to direct a client to another server that might have the information the client is requesting. An LDAP server can return a referral to an LDAP client when the operation presented by the client cannot be serviced locally and the LDAP server has knowledge of other LDAP servers that can handle the operation.

•Schema publishing with the directory, which allows a client to discover what object classes and attributes a server supports.

•Extended searching operations that allow paging and sorting of results and client-defined searching and sorting controls.

•Stronger security through an SASL-based authentication mechanism.

•Extended operations, which provide additional functionality without changing the protocol version.

LDAPv3 is backward compatible with LDAPv2. A requirement of an LDAPv3 server is that an

LDAPv2 client be able to connect to it.


Colbuddy said...

Hi Kamal,

nice efforts in getting the interview questions and details provided in you Blog :)


Kanthu said...

Hi Kamal,

Nice post from you. I am a newbie in LDAP. We have a situation where one of the softwares are using using apache DS which is LDAP V3 compliant. Now we have to migrate the LDIF file from that to weblogic 10 embedded LDAP Server. Weblogic supports LDAP V2 only.

When we try to dump the LDIF file from LDAP V3 to LDAP V2 it is throwing the following error.

LDAP: error code 53 - Unwilling To Perform

Can you please throw some light on this please!!

Best Regards,