| Platform SDK: Active Directory, ADSI, and Directory Services |
A directory is similar to a database, but typically contains more descriptive, attribute-based information — information that is generally read more often than it is written. Also, directories are designed to contain data that is concise and strictly relevant to the entry. By contrast, databases are designed to hold large amounts of data per entry that may or may not be directly relevant to the entry. For this reason, directories don't usually implement the transaction or roll-back schemes that regular databases require. If they are permitted at all, directory updates are typically simple all-or-nothing changes. Directories are tuned to respond quickly to high-volume lookup or search operations.
A lookup is an operation that targets a specific, unique entry, such as a domain name. A search is an operation that targets data common to multiple entries, such as the information collected by an Internet search engine on a topic.
Directories may replicate information widely, in order to increase availability and reliability, and thus reduce response time. When directory information is replicated, temporary inconsistencies between the replicas may be acceptable — as long as all the replicas are updated eventually — depending on the particular application of the directory. These applications can only be defined by the specific directory design and are irrelevant to the deployment of LDAP.
There are many different ways to provide a directory service. Different methods allow various kinds of information to be stored in a directory, require the information to be referenced, queried, updated, and protected in different ways, and so forth. Some directory services are local, providing service to a restricted context (such as the finger service on a single machine). Other services are global, providing service to a much broader context (for example, the entire Internet). Global services are usually distributed, meaning that the data they contain is spread across many machines, which cooperate to provide the directory service. Typically a global service defines a uniform name space which gives the same view of the data no matter where the machine is in relation to the data.