Share via

Directory access protocol

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Directory access protocol

Active Directory clients must communicate with domain controllers when logging on to the network and when searching for shared resources. Access to domain controllers and global catalogs is performed using the Lightweight Directory Access Protocol (LDAP).

Lightweight Directory Access Protocol

LDAP is a communication protocol designed for use on TCP/IP networks. LDAP defines how a directory client can access a directory server and how the client can perform directory operations and share directory data. LDAP standards are established by working groups of the Internet Engineering Task Force (IETF). Active Directory implements the LDAP attribute draft specifications and the IETF standards for LDAP versions 2 and 3.

As its name implies, LDAP is designed as an efficient method for accessing directory services without the complexity of other directory service protocols. Because LDAP defines what operations can be performed to query and modify information in a directory and how information in a directory can be securely accessed, you can use LDAP to find or enumerate directory objects and to query or administer Active Directory.

LDAP and interoperability

LDAP is an open Internet standard. By using LDAP, Active Directory enables interoperability with other vendor directory services. Active Directory support for LDAP includes an LDAP provider object as part of Active Directory Service Interfaces (ADSI). ADSI supports the C-binding application programming interfaces for LDAP. Other directory service applications can be easily modified to access information in Active Directory by using ADSI and LDAP.

For more information about LDAP, see the Internet Engineering Task Force at the Internet Engineering Task Force Web site.