High-end Directory Server and LDAP Proxy

High-end Directory Server and LDAP Proxy

Evidian DirX Directory provides a standards-compliant, high-performance, highly available, highly reliable, highly scalable, and secure LDAP / X.500 Directory Server and LDAP Proxy. It offers unlimited scalability combined with the latest security features to supports SSL/TLS for LDAP server and strong client authentication, authorization, user access control, encrypted communication, and server-side policies for local security management to manage permissions and access to networked resources. To keep Identity and profile data safe, DirX Directory can act as the secure identity store for employees, customers, citizens, partners, subscribers, and other IoT entities.

Evidian DirX Directory server benefits

  • Standards-based LDAP v3 and X.500 directory server
  • Integrated LDAP Proxy
  • Rich security features including X.509 support
  • Excellent robustness, scalability and high availability
  • Outstanding read and write performance
  • 100+ million entries in one single server
  • Support of very large groups and attributes with very many values
  • Easy-to-use graphical and scriptable administration tools
  • Comprehensive auditing and monitoring - integrated with Nagios
  • No downtime for administration and backup

Standards and compatibility

  • Implements LDAPv3 and X.500 directory standards
  • Permits third-party LDAP-enabled applications to manage the directory schema over LDAP
  • Runs on the most popular operating systems (Linux and Windows Server)

High performance

  • Based on the innovative Directory Basic Access Method (DBAM) database kernel
  • Optimized for directory access, allowing sub-second response times and high throughput rates for parallel queries
  • Optimized for managing very large user groups and data sets
  • Provides state-of-the-art multi-threaded process architecture.

High availability and reliability

  • Supports floating master replication for high availability configurations and failover (a software solution instead of adding hardware clusters)
  • Supports full and differential saving in parallel with directory update operations for backup and recovery
  • Transaction processing in the database provides guaranteed recovery after crashes without data loss.

Identity management

  • Manages user and subscriber profiles, digital certificates for public key infrastructures (PKIs), authorization and authentication information, and access permissions
  • Manages other relevant attributes for users and subscribers that control access to information, network resources, or distributed services.


  • Supports SSL/TLS for LDAP server and client authentication, X.500 DAP authentication, authorized user access control, encrypted communication, and server-side policies for local security management
  • Permits the creation and enforcement of password policies to control how passwords are used and administered in an enterprise network
  • Supports policies for password complexity, aging, and reuse after expiration.


  • DBAM database kernel is designed to permit linear scalability in a single directory server
  • So Evidian Directory accommodates future growth on existing hardware configurations, and can scale rapidly to store huge numbers of users in an extranet or cloud deployment, and can scale from work-group to enterprise to e-business directory roles.


  • Offers powerful graphical and command-based scriptable tools for centralized administration of a distributed directory system, including monitoring and logging functions
  • Easy-to-use administration tools and excellent high performance audit capabilities for traffic analysis and accounting.

The challenge

Directory services are critical components in today’s interconnected business environment. They provide the foundation for identity and access management across ever-widening organizational boundaries, and can drive competitive advantage for the enterprise.
Within an intranet environment for example, a directory service can provide a global repository for shared information about employees, organizations and resources such as applications and network devices. In an extranet environment, a directory service might maintain profile information about customers, trading partners, and suppliers. Such a service might hold data from thousands up to millions of identities.
In both environments, the directory server plays a critical role. It must manage the identities, and control access to the information and services provided. It must make sure that access is fast, always available, authenticated and authorized; and it must ensure that the directory service is provided for a potentially very high number of users.

Our solution

Evidian Directory is a standards-compliant, high-performance, highly available, reliable and secure LDAP (Lightweight Directory Access Protocol) and X.500 directory server. It offers unlimited scalability with outstanding read and write performance.
Enterprise and carrier ready, Evidian Directory acts as the identity store for employees, customers, trading partners, subscribers, and other e-business entities.
Serving as a provisioning, access management and metadirectory repository, it provides a single point of access to information available in an enterprise network or cloud environment, within disparate and heterogeneous directories.


Evidian DirX Directory V8.9 is now available

DirX  Directory V8.9 offers an LDAP Proxy as an additional option for load balancing and fail-over, advanced support of applications and administration and enhanced security features.

With V8.9, customers benefit from the following new features:

  • Additional option for load balancing and fail-over
    • LDAP Proxy
  • Advanced support of applications and administration
    • Support of dynamic groups
  • Enhanced security
    • Additional LDAP user and LDAP group policies
  • Password Policy: Additional password quality properties
    • New mode to keep password policy states consistent in replication scenarios
  • New  dirxload option to apply schema as specified in LDIF schema file
  • STANDALONE LDIF agreements can handle replication area subtree specification
  • LDAP Extended Operation to change a user password as specified by RFC3062
  • Total update by media for synchronous shadow agreements
  • Additional OS platforms: Microsoft Windows Server 2016 and 2019