LDAP is a directory protocol that enables you to communicate with servers that use a directory service.
iFolder uses LDAP for user authentication. It uses Novell eDirectory™ or Microsoft Active Directory (for Windows 2000 and Windows 2003) as a central location for all of its LDAP objects that are specific to iFolder.
You can have iFolder and LDAP running on the same server or on different servers, but they must exist in the same tree.
iFolder uses two different types of LDAP directories: the Global Settings LDAP directory and the User LDAP directory.
The Global Settings LDAP directory stores information about the iFolder system configuration and has iFolder Settings, iFolder Server, and LDAP Server objects. (For more information on these objects, see Logging In to the iFolder Management Console.)
The User LDAP directory authenticates iFolder users and adds the iFolder Server Name and the Disk Quota attribute to User objects. You must enable User objects for iFolder services in the iFolder Management Console before users can create their iFolder accounts.
Regardless of how many iFolder servers you have, you have only one Global Setting LDAP. However, you can have up to eight User LDAP directories. Multiple LDAP directories benefit companies whose User objects are already divided into different LDAP directories.
For example, if you have an LDAP directory for all of your vendors, another for your full-time employees, and another for your temporary hires, you can set up three User LDAP directories in iFolder to handle the iFolder accounts for each directory. This way, you can maintain your current organization and group management. For information, see Managing User LDAP Servers.