389 Directory Server
Status: Scaffold — content in progress
389 Directory Server (389-DS) is the open-source LDAP server developed by Red Hat that serves as the core backend for both FreeIPA and Red Hat Directory Server. It implements LDAP v3 (RFC 4510) with enterprise extensions for replication, access control, and password policy.
Relation to FreeIPA and RHDS
| Product | 389-DS role |
|---|---|
| FreeIPA | Core identity store + plugins for Kerberos principal storage |
| Red Hat Directory Server (RHDS) | Supported enterprise version of 389-DS |
| Standalone | Can run without FreeIPA as a general-purpose LDAP server |
Key Features
- Multi-supplier replication (multiple writeable replicas)
- Retro changelog plugin (tracks all changes — useful for SIEM integration)
- Password sync plugin (sync passwords to AD in hybrid scenarios)
- Role-based access controls (ACI language)
Cross-Links
| Topic | Link |
|---|---|
| FreeIPA | freeipa |
| OpenLDAP | openldap |