LDAP is now an Internet standard for directory services that run over TCP/IP. One or more LDAP servers contain the data that make up the LDAP directory tree. An LDAP client connects to an LDAP server and submits a query to request information or submits information to be updated. If access rights for the client are granted, the server responds with an answer or possibly with a referral to another LDAP server where the client can have the query serviced.

An LDAP server is not simply a form of database, but a specialized server for directories. A directory can be distinguished from a general-purpose database by the usage pattern. A directory contains information that is often searched but rarely modified. Host names or user names, for example, are assigned once and then looked up thousands of times. LDAP servers are tuned for this type of usage, whereas relational databases are much more geared toward maintaining data that's constantly changing.

Another difference is that relational databases store information in rows of tables, whereas LDAP uses object-oriented hierarchies of entries.

Being designed for this usage pattern, current directory servers with a million or more entries can respond to hundreds of search requests per second from a single server. Replication is also possible, which makes LDAP very scalable.

Directories are tuned to give quick-response to high-volume lookup or search operations. They may have the ability to replicate information widely in order to increase availability and reliability, while reducing response time. When directory information is replicated, temporary inconsistencies between the replicas may be OK, as long as they get in sync eventually.

There are many different ways to provide a directory service. Different methods allow different kinds of information to be stored in the directory, place different requirements on how that information can be referenced, queried and updated, how it is protected from unauthorized access, etc. Some directory services are local, providing service to a restricted context (e.g., the finger service on a single machine). Other services are global, providing service to a much broader context.

Features

LDAP has many advantages, like.... Universal Access - Internet directory standard, widely adopted and implemented by numerous vendors and open source software solutions Simple - a relatively simple, high-level protocol with a straightforward API Extensible - easily extended and adapted Access Control and Security - connections can be authenticated and secured layered Internet security mechanism Multi-Platform Development - C/C++, Perl, Java, JavaScript, Python, PHP and other APIs are available, making LDAP services accessible from virtually any language, platform, or development environment Allows for multiple independent directories. Runs directly over TCP/IP & SSL Has broad industry support. Structured Data Standard query mechanism Fine grain access control Integration with PKI (Public Key Infrastructure)

Linux LDAP can be customized for specific client needs and we can write migration tools to migrate from existing system. 

If you have something typical on your mind, and not mentioned here, do share it with us and we will translate it into a working project.