views:

8679

answers:

9

what are the differences between ldap and active directory?

+19  A: 

Active Directory is a database based system that provides authentication, directory, policy, and other services in a Windows environment

LDAP (Lightweight Directory Access Protocol) is an application protocol for querying and modifying items in directory service providers like Active Directory, which supports a form of LDAP.

Short answer: AD is a directory services database, and LDAP is one of the protocols you can use to talk to it.

JohnFx
+8  A: 

LDAP is a standard, AD is Microsoft's (proprietory) implementation (and more). Wikipedia has a good article that delves into the specifics. I found this document on Wikipedia with a very detailed evaluation of AD from an LDAP perspective.

cdonner
+4  A: 

LDAP is a protocol specification for directory data.

Active Directory is Microsoft's Implementation of an LDAP based directory server.

AD also has custom extensions ontop of the LDAP v3 spec such as account lockout, password expiration, etc.

Alan
A: 

There are lots of systems that support LDAP to talk to them, not just Active Directory.

Sun, IBM, Novell all have directory services that are very effective as LDAP servers.

geoffc
A: 

Hey I just started out on this and this small clarification had made many things clear to me. Just want to make sure, in .net are the system.services assembly and its functions that are used to access the Active directory on windows/linux machines using the LDAP protocol?

ana
A: 

Active Directory isn't just an implementation of LDAP by Microsoft, that is only a small part of what AD is. Active Directory is (in an overly simplified way) a service that provides LDAP based authentication with Kerberos based Authorization.

Of course their LDAP and Kerberos implementations in AD are not exactly 100% interoperable with other LDAP/Kerberos implementations...

Redbeard 0x0A
A: 

active directory is the directory service database to store the organizational based data,policy,authentication etc whereas ldap is the protocol used to talk to the directory service database that is ad or adam.

mansi
A: 

Active directory is a directory service provider, where you can add new user to a directory, remove or modify, specify privilages, assign policy etc. Its just like a phone directory where every person have a unique contact number. Every thing in AD(Active Directory) are considered as Objects and every object is given a Unique ID.(similar to a unique contact number in a phone directory.

Ldap is a protocol specially designed for directory service providers. Windows server OS uses AD as a directory server, AIX which is a linux version of IBM uses Tivoli directory server. Both of them uses LDAP protocol for interacting with directory.

Apart from protocol there are LDAP servers, LDAP browsers too.

Shrikanth
A: 

Great Article

Regards, Webmaster Puneet Verma

Puneet Verma