[printer friendly]

What is LDAP?

LDAP stands for Lightweight Directory Access Protocol. It provides a large amount of directory information, without requiring a large amount of resources. Many types of data can be stored in a LDAP database. Typically, information about people makes up the bulk of the data. However, objects like printers, hosts, network mounts, etc are also stored. At some level, anything that can be thought of as stored in a directory format can be stored in LDAP. Many objects have well-defined sets of rules that the internet community have come to a consensus on. This allows us to expect reasonably similar information out of LDAP, no matter where we go.

What do we store in LDAP?

NC State University stores information about people, network mounts, printers, hosts, and groups in its LDAP database. Most of this information is available anonymously. However, folk with privacy blocks enabled are hidden from anyone except themselves, and certain administrative accounts. Due to the nature of our environment, we have a few extensions in place. This means that if you look up a person on our campus, you may find slightly more information than at other locations. This information is always stored in custom attribute fields and should not conflict with any standards in place.

What LDAP server product do we use?

Our servers run OpenLDAP, an open source implementation of LDAP based on work done at the University of Michigan. You can find more information on OpenLDAP at

This documentation is maintained by OIT <>
Last Modified: 11/05/2018