LDAP flow with Kerberos authentication

The LDAP sequence diagram describes authenticated LDAP directory lookup.

LDAP sequence diagram

The steps covered are:

1. TCP connection establishment with the LDAP server
2. Initial interaction to list the available services.
3. Authenticate with the Kerberos server and obtain a ticket to proceed with the authentication with the LDAP server.
4. Armed with the Kerberos ticket, the LDAP client uses bind to authenticate and initiate a secure connection.
5. Encrypted LDAP communication follows.

The LDAP message flow is presented as a context diagram as well.

LDAP context diagram