What is ldap
Last updated: April 1, 2026
Key Facts
- LDAP enables querying and modifying directory services over TCP/IP networks
- It is based on the X.500 directory standard but simpler and more widely implemented
- LDAP is commonly used with Microsoft Active Directory for managing users and permissions
- The protocol uses port 389 for standard connections and port 636 for secure SSL/TLS connections
- LDAP supports hierarchical directory structures organized in a tree format with distinguished names
Overview
LDAP (Lightweight Directory Access Protocol) is an open-source protocol designed for accessing and maintaining distributed directory information services over a network. It provides a standardized way for computers and applications to query and update directory information without requiring knowledge of how the data is physically stored or organized on the server.
How LDAP Works
LDAP operates by allowing clients to connect to an LDAP server and perform search operations. The protocol uses a simple query model where clients can search for information based on specific criteria. Directory entries are organized in a hierarchical tree structure, with each entry having a Distinguished Name (DN) that uniquely identifies it within the directory. Users can authenticate by providing their credentials, which the LDAP server validates before allowing access.
Common Applications
LDAP is widely used in enterprise environments for several purposes. Authentication and authorization is a primary use, where systems verify user identities and permissions. User and group management allows IT administrators to centrally manage user accounts and organizational structures. Email client configuration often uses LDAP to maintain address books. Many organizations integrate LDAP with other systems to maintain a single source of truth for user information, reducing the need for redundant data entry and improving security.
LDAP vs. Active Directory
While often mentioned together, LDAP and Active Directory serve different but related purposes. LDAP is a protocol—a set of rules for communication—while Active Directory is a Microsoft service that implements LDAP and adds additional features specific to Windows environments. Active Directory uses LDAP as one of its protocols and can be queried using LDAP clients.
Security Considerations
Standard LDAP connections transmit data without encryption, making them vulnerable to interception. To address this, LDAPS (LDAP over SSL/TLS) provides encrypted connections on port 636. Organizations should always use encrypted LDAP connections when handling sensitive information like passwords and should implement access controls to limit who can query the directory.
Related Questions
What is Active Directory?
Active Directory is a Microsoft service that manages user identities, permissions, and resources on Windows networks. It implements LDAP and adds directory-specific features like Group Policies and Kerberos authentication for enterprise environments.
How do I connect to an LDAP server?
You can connect to an LDAP server using an LDAP client tool or by configuring applications with the server's address, port, and credentials. Most applications provide LDAP integration through connection settings that require the LDAP server URL and authentication details.
What is the difference between LDAP and LDAPS?
LDAP transmits data unencrypted on port 389, while LDAPS (LDAP Secure) uses SSL/TLS encryption on port 636. LDAPS is more secure and is recommended for production environments handling sensitive user information.
More What Is in Daily Life
- What Is a Credit ScoreA credit score is a three-digit number, typically ranging from 300 to 850, that represents your cred…
- What Is CD rates make no sense based on length of time invested. Explain like I'm 5CD (Certificate of Deposit) rates often don't increase with longer lock-up times the way people expe…
- What is a phdA PhD (Doctor of Philosophy) is a doctoral degree earned after completing advanced academic research…
- What is a polymathA polymath is a person with deep knowledge and expertise across multiple different fields or academi…
- What is aarch64ARMv8-A (commonly called ARM64 or AArch64) is a 64-bit processor architecture developed by ARM Holdi…
- What is aaaAAA batteries are a standard cylindrical battery size measuring 10.5mm in diameter and 44.5mm in len…
- What is aacAAC (Advanced Audio Codec) is a digital audio compression format that provides better sound quality …
- What is aaa gameAAA games are high-budget video games developed by large studios with budgets typically exceeding $1…
- What is a proxyA proxy is a server that acts as an intermediary between your device and the internet, forwarding yo…
- What is advilAdvil is a brand name for ibuprofen, an over-the-counter nonsteroidal anti-inflammatory drug (NSAID)…
- What is affiliationAffiliation is a formal connection or association between entities, such as individuals joining orga…
- What is agoraphobiaAgoraphobia is an anxiety disorder characterized by intense fear of situations where escape might be…
- What is a jockA jock is an athlete, especially in high school or college, known for participation in sports. The t…
- What is a jesterA jester is a professional entertainer employed by royalty or nobility to provide humor, satire, and…
- What is a juxtapositionJuxtaposition is a literary and rhetorical technique of placing two contrasting things side by side …
- What is a juggernautA juggernaut is an unstoppable or overwhelming force, power, or person that crushes all opposition. …
- What is a jointA joint is an anatomical structure where two or more bones meet and connect, allowing movement and f…
- What is a jewA Jew is a person who practices Judaism, is of Jewish descent, or identifies with Jewish culture, et…
- What is alsALS, or Amyotrophic Lateral Sclerosis, is a progressive neurodegenerative disease that affects nerve…
- What is a joint ventureA joint venture is a business agreement where two or more companies collaborate on a specific projec…
Also in Daily Life
- How To Save Money
- Why are so many white supremacist and right wings grifters not white
- Does "I'm 20 out" mean youre 20 minutes away from where you left, or youre 20 minutes away from your destination
- Why are so many men convinced that they are ugly
- What does awol mean
- What does asl mean
- What does ad mean
- What does asap mean
- What does apex mean
- What does asmr stand for
- What does atp mean
- What causes autism
- What does abg mean
- What does am and pm mean
- What does a fox sound like
More "What Is" Questions
Trending on WhatAnswer
Browse by Topic
Browse by Question Type
Sources
- Wikipedia - LDAP CC-BY-SA-4.0
- RFC 4511 - LDAP Protocol IETF