Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

LDAP Vs Active Directory

Posted on 2013-06-08
7
Medium Priority
?
678 Views
Last Modified: 2013-07-11
Hi,

Can anyone clarify the difference between and LDAP server and Active directory, its my understanding that LDAP is the protocol used for to interact with Active directory database and LDAP can also be a separate entity and a database in its own right.

Thanks
0
Comment
Question by:simonphoenix10
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 6

Expert Comment

by:Kiran Ch
ID: 39231417
An LDAP is a protocol and which means standards to keep up while developing a software.
But an Active Directory is the microsoft's implementation works and uses LDAP in its poprietary software. AD has been developed providing a lot more functionality than just a directory.
There are many softwares that use LDAP not only just AD.
http://en.wikipedia.org/wiki/Active_Directory
http://en.wikipedia.org/wiki/List_of_LDAP_software
The above links from Wiki may give you a picture and may give you idea about what each other is for.
0
 
LVL 7

Expert Comment

by:msifox
ID: 39231465
Active Directory is Microsofts version of LDAP. They did what they often do: take something which has already proved to be good, add custom extensions that make it at least partially incompatible, and ask PR to come up with a great new name for it. Ok, maybe this was a bit unfair. They added a lot, and the result is really good. But the things that they added are mostly highly specificly for use in domains of windows servers.
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39231686
both are directory services having centralized repository of all objects like users and groups
LDAP is opensource anyone can use, MS ADDS is paid one.

"Linux is only free, if your time has no value"

Cheers
SA
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:simonphoenix10
ID: 39232797
Thanks all  msifox:

When you say Active Directory is MS version of LDAP does this mean it does not use the standard based version of the LDAP or Active Directory encompasses a protocol based on LDAP but has been adapted
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39237782
Ok, you need to distinguish between a directory service - for which examples are Active Directory, eDirectory, and Yellow Pages (unix) - and the protocol used to access it - LDAP (lightweight directory access protocol).

By analogy, AD is like a database server - MS SQL, ORACLE, MYSQL etc - and LDAP is like ODBC - its a method of access to the server, with a specific defined language and format, but the server may support other protocols too.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 2000 total points
ID: 39240051
AD is able to be Queried and Administered using the standard LDAP protocol, for the most part. There are additions that M$ has added that go beyond the LDAP RFC's (4510 and 4511)
Think of Ldap as an excel spreadsheet or simple database, with a standard method of searching and updating, with standard columns, rows and tables. Then think of AD as adding additional pages, as well as tables, columns and rows. A query against a Linux/Unix Ldap service and one against AD can both be identical in many instances, and there is no OS dependance to make the query, as long as they speak the "jive... turkey" :)
An analogy might be, HTML is a language, with standards, rules and procedures, and those can be extended further should a browser maker wish to, but it's likely to be proprietary, not everyone will implement the extensions, but other than that, the rest is well established and understood. AD is ldap that goes to eleven :)
-rich
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39240361
I think the most interesting changes MS have made to LDAP are in the field of authentication, but they aren't required - the standard methods still work (so you can do everything you could want from, for example, Apache Directory Studio)
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out the latest tech news, community articles, and expert highlights in August's newsletter.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question