Lightweight Directory Access Protocol (LDAP) overview
Lightweight Directory Access Protocol (LDAP) is an industry standard access method to directory services. A directory service is a repository of resource information about multiple systems and services within a distributed environment; and it provides client and server access to these resources.
Each database server instance publishes its existence to an LDAP server and provides database information to the LDAP directory when the databases are created. When a client connects to a database, the catalog information for the server can be retrieved from the LDAP directory. Each client is no longer required to store catalog information locally on each machine. Client applications search the LDAP directory for information required to connect to the database.
A caching mechanism exists so that the client only needs to search the LDAP directory server once. After the information is retrieved from the LDAP directory server, it is stored or cached on the local computer based on the values of the dir_cache database manager configuration parameter and the DB2LDAPCACHE registry variable. The dir_cache database manager configuration parameter is used to store database, node, and DCS directory files in a memory cache. The directory cache is used by an application until the application closes. The DB2LDAPCACHE registry variable is used to store database, node, and DCS directory files in a local disk cache.
- If DB2LDAPCACHE=NO and dir_cache=NO, then always read the information from LDAP.
- If DB2LDAPCACHE=NO and dir_cache=YES, then read the information from LDAP once and insert it into the Db2® cache.
- If DB2LDAPCACHE=YES or is not set, then read the information from LDAP once and cache it into the local database, node, and DCS directories.