LDAP¡ÊLightweight Directory Access Protocol¡Ë¤Ç¤¹¡£
ǧ¾Ú¤Î¥×¥í¥È¥³¥ë¤Ç¤Ï¡¢Radius¥×¥í¥È¥³¥ë¡¢ActiveDirectory¡¢LDAP¤Î3¤Ä¤¬¤è¤¯ÍøÍѤµ¤ì¤Þ¤¹¡£
¥Í¥Ã¥È¥ï¡¼¥¯¥¹¥Ú¥·¥ã¥ê¥¹¥È¤òÌܻؤ¹½÷À­SE¤¢¤ì¡©

Radius¥µ¡¼¥Ð¤âAD¥µ¡¼¥Ð¤â¡¢¤É¤Á¤é¤â¥æ¡¼¥¶¾ðÊó¤ò»ý¤Ã¤¿Ç§¾Ú¥µ¡¼¥Ð¤Ç¤¹¤è¤Í¡£
LDAP¤âƱ¤¸¤Ç¤¹¤«¡©
¤Ï¤¤¡¢¤½¤¦¹Í¤¨¤Æ¤¯¤À¤µ¤¤¡£Radius¤Ë¤·¤Æ¤â¤½¤¦¤Ç¤¹¤¬¡¢Radius¤Ï¥×¥í¥È¥³¥ë¤Ç¤¢¤ê¡¢Ç§¾Ú¥µ¡¼¥Ð¤ÏRadius¥µ¡¼¥Ð¤È¸Æ¤Ð¤ì¤Þ¤¹¡£LDAP¤âƱ¤¸¤Ç¡¢LDAP¤Ï¥×¥í¥È¥³¥ë¤Ç¤¹¤¬¡¢LDAP¥µ¡¼¥Ð¤È¤¤¤¦¤È¡¢¥æ¡¼¥¶¾ðÊó¤ò»ý¤Ã¤¿Ç§¾Ú¥µ¡¼¥Ð¤ò»Ø¤·¤Þ¤¹¡£
¢¨AD¤Ë´Ø¤·¤Æ¤Ï¡¢¥×¥í¥È¥³¥ë¤ÏNTLMv2¤Ê¤É¤ò»È¤¤¤Þ¤¹¡£
¥Í¥Ã¥È¥ï¡¼¥¯¥¹¥Ú¥·¥ã¥ê¥¹¥È¤òÌܻؤ¹½÷À­SE¥Ï¥Æ¥Ê 

RADIUS¥µ¡¼¥Ð¤ÈLDAP¥µ¡¼¥Ð¤Î»È¤¤Ê¬¤±¤Ï¤É¤¦¤¹¤ë¤Î¤Ç¤¹¤«¡©
³°Éô¤«¤é¤Î¥ê¥â¡¼¥È¥¢¥¯¥»¥¹¤ä̵ÀþLAN¤Îǧ¾Ú¤Ê¤É¤Î¥æ¡¼¥¶Ç§¾Ú¤Ç¤ÏRADIUS¤¬ÍøÍѤµ¤ì¤Þ¤¹¡£°ìÊý¡¢LDAP¥µ¡¼¥Ð¤Ï¡¢¥Ç¥£¥ì¥¯¥È¥ê¥µ¡¼¥Ó¥¹¤ÇÍøÍѤµ¤ì¤Þ¤¹¡£¥Ç¥£¥ì¥¯¥È¥ê¥µ¡¼¥Ó¥¹¤Ç¤¹¤«¤é¡¢³¬Áع½Â¤¤Ç´ÉÍý¤µ¤ì¤ë¼Ò°÷¤Î¾ðÊ󤪤è¤ÓÉô½ð¤ä¥¢¥¯¥»¥¹¸¢¤Ê¤É¡¢Â¿¤¯¤Î¾ðÊó¤ò´ÉÍý¤Ç¤­¤Þ¤¹¡£¤½¤ì¤é¤ÎÊ£»¨¤Ê¼Ò°÷¤Î°À­¾ðÊó¤ò´ÉÍý¤¹¤ë¾ì¹ç¤Ë¡¢LDAP¥µ¡¼¥Ð¤ª¤è¤ÓLDAP¤Î¥×¥í¥È¥³¥ë¤¬ÍøÍѤµ¤ì¤Þ¤¹¡£

²áµîÌä¡ÊH22½©SC¸á¸å­¶Ìä2¡Ë¤ò¤ß¤Æ¤ß¤Þ¤·¤ç¤¦¡£
 LDAP¤Î¥¢¥«¥¦¥ó¥È¾ðÊó¤Ç¤Ï,  inetOrgPerson¤È¤¤¤Ã¤¿¥ª¥Ö¥¸¥¨¥¯¥È¥¯¥é¥¹¤Ë¤è¤Ã¤ÆÁÈ¿¥¤ÎÍøÍѼԤξðÊó¤ò´ÉÍý¤¹¤ëɸ½àŪ¤Ê[¡¡b¡¡]¤òÍѤ¤¤Æ¤¤¤ë¡£Î㤨¤Ð,À½Éʳ«È¯Éô¤Î¥¹¥º¥­¥¿¥í¥¦»á¤¬¼ÒÆâ¤ÇÍøÍѤ¹¤ëLDAPÍѤΥ¢¥«¥¦¥ó¥È¾ðÊó¤ò[¡¡c¡¡]¤Ë¤è¤Ã¤Æ¥Æ¥­¥¹¥È·Á¼°¤Ç¼¨¤¹¤È,¿Þ7¤È¤Ê¤ë¡£
dn: uid=suzuki,ou=seihin-kaihatsu,dc=a-companyen: Taro Suzuki
sn: Suzuki
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou:À½Éʳ«È¯Éô
teleDhonenumber:03-XXXX-5555
c=com
¿Þ7 LDAP¤Ë¤ª¤±¤ë¥¹¥º¥­¥¿¥í¥¦»á¤Î¥¢¥«¥¦¥ó¥È¾ðÊó(È´¿è)

¤µ¤Æ¡¢¶õÍó¤Ç¤¹¤¬¡¢°Ê²¼¤¬Æþ¤ê¤Þ¤¹¡£
b¡¡¥¹¥­¡¼¥Þ
c¡¡LDIF
¥Í¥Ã¥È¥ï¡¼¥¯¥¹¥Ú¥·¥ã¥ê¥¹¥È¤òÌܻؤ¹½÷À­SE¤¢¤ì¡©¡¡

LDAP¤ÎÄÌ¿®¤Ï°Å¹æ²½¤µ¤ì¤Æ¤¤¤Þ¤¹¤«¡©




¤¤¤¨¡¢¤Ï°Å¹æ²½¤µ¤ì¤Æ¤¤¤Ê¤¤¤Î¤Ç¡¢°Å¹æ²½¤¹¤ë¤Ë¤ÏLDAP over TLS¤ò»È¤¤¤Þ¤¹¡£
²áµîÌä¡ÊH21½ÕSC¸áÁ°­¶¡Ë¤ò¤ß¤Æ¤ß¤Þ¤·¤ç¤¦¡£
Ìä10 ÄÌ¿®¤Î°Å¹æ²½¤Ë´Ø¤¹¤ëµ­½Ò¤Î¤¦¤Á,ŬÀڤʤâ¤Î¤Ï¤É¤ì¤«¡£
¥¢ IPsec¤Î¥È¥é¥ó¥¹¥Ý¡¼¥È¥â¡¼¥É¤Ç¤Ï,¥²¡¼¥È¥¦¥§¥¤´Ö¤ÎÄÌ¿®·ÐÏ©¾å¤À¤±¤Ç¤Ï¤Ê¤¯,ȯ¿®¥Û¥¹¥È¤È¼õ¿®¥Û¥¹¥È¤È¤Î´Ö¤ÎÁ´·ÐÏ©¾å¤Ç¥á¥Ã¥»¡¼¥¸¤¬°Å¹æ²½¤µ¤ì¤ë¡£
¥¤ LDAP ¥¯¥é¥¤¥¢¥ó¥È¤¬LDAP¥µ¡¼¥Ð¤ËÀÜÅý¤¹¤ë¤È¤­,¤½¤ÎÄÌ¿®ÆâÍÆ¤Ï°Å¹æ²½¤¹¤ë¤³¤È¤¬¤Ç¤­¤Ê¤¤¡£
¥¦ S/MME¤Ç°Å¹æ²½¤·¤¿ÅŻҥ᡼¥ë¤Ï,¼õ¿®Â¦¤Î¥á¡¼¥ë¥µ¡¼¥ÐÆâ¤Ë³ÊǼ¤µ¤ì¤Æ¤¤¤ë´Ö¤Ï,¥á¡¼¥ë´ÉÍý¼Ô¤¬Ê¿Ê¸¤È¤·¤Æ¸«¤ë¤³¤È¤¬¤Ç¤­¤ë¡£
¥¨ SSL¤ò»ÈÍѤ¹¤ë¤È,°Å¹æ²½¤µ¤ì¤¿HTMLʸ½ñ¤Ï¥Ö¥é¥¦¥¶¤Ç¥­¥ã¥Ã¥·¥å¤Î̵ͭ¤¬ÀßÄê¤Ç¤­¤º,¥Ç¥£¥¹¥¯Æâ¤Ëɬ¤ºÊݸ¤µ¤ì¤ë¡£
¢ÍÀµ²ò¤Ï¥¢
¥¤¤Ë´Ø¤·¤Æ¤Ï¡¢LDAP over TLS¤ò»È¤¦¤³¤È¤ÇÄÌ¿®ÆâÍÆ¤ò°Å¹æ²½¤¹¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£

¥¹¥Ý¥ó¥µ¡¼¥É¥ê¥ó¥¯