LDAP (abbreviation for Lightweight Directory Access Protocol) is an open standard, vendor agnostic, industry standard protocol for retrieving and maintaining directory information services over IP network. Also that LDAP is a protocol which defines the “language” used for client programs to talk to servers (and servers to servers, too). LDAP is a way of speaking to Active Directory.
AD (Active Directory) is a directory service developed by Microsoft and provides a number of network related services using standardized protocols. AD optionally support Kerberos based authentication and supports LDAP versions 2 and 3. Also, it provides DNS based services. Active Directory provides the ability for the administrator to manage the administration and security tasks from a central location. It stores all information and configuration details in a centralized database.AD manages Windows devices through Group Policy Objects (GPOs).It is a centralized hierarchical directory database which contains information of all user accounts in the network.
BELOW TABLE ENUMERATES KEY DIFFERENCES BETWEEN LDAP AND AD –
|Abbreviation for||Lightweight Directory Access Protocol||Active Directory|
|Philosophy||LDAP is an application protocol for querying and modifying items in directory service providers like Active Directory.||Active Directory is a database based system that provides authentication, directory, policy, and other services in a Windows environment. It is a centralized hierarchical directory database|
|Functionality||LDAP is one of the protocols you can use to communicate with Active directory||AD is a directory services database|
|Standard||LDAP is an open standard||AD is Microsoft’s proprietary|
|Supported platforms||Focussed on the Linux / Unix environment.||Microsoft’s AD is largely a directory for Windows users, devices, and applications|