Lightweight Directory Access Protocol (LDAP) is a open standard protocol for accessing directory services, such as corporate address books, across multiple platforms. LDAP supports TCP/IP, which is necessary for any type of Internet access. Because it's a simpler version of X.500, LDAP is sometimes called X.500-lite.
A CMS can access LDAP directories for Identity Management
? and
Access Control.
If other application programs use the same LDAP services, the organization has taken a step toward
Single Source Of Truth.
"
A typical LDAP server is a simple network-accessible database where an organization stores information about its authorized users and what privileges each user has. Thus rather than create a new employee an account on 50 different computers, the new employee is entered into LDAP and granted rights to those 50 systems. If the employee leaves, revoking all privileges is as simple as removing one entry in the LDAP directory. LDAP is a bit confusing because original implementations were presented as alternatives to Web and the relational database management system. Nowadays many LDAP servers are implemented using standard RDBMSes underneath and they talk to the rest of the world via XML documents served over HTTP."
Philip Greenspun
"