LDAP

Lightweight Directory Access Protocol(LDAP) is an open protocol used to store and retrieve data from a hierarchical directory structure. The lightweight is in reference to the previous leading standard for directory services, called X.500. The problem with X.500 was that it required the use of the OSI network stack and couldn’t use TCP/IP. 

 
which is based on client-server model and runs on a layer above the TCP/IP stack.

LDAP is a protocol used to communicate with a directory database to query, add or modify information.
data stored in LDAP is stored in objects. These objects contain a number of attributes, which are basically a set of key/value pairs.
The data itself in an LDAP system is mainly stored in elements called attributes. Attributes are basically key-value pairs.  

Setting the value for an attribute is done with the attribute name and the attribute value separated by a colon and a space.

mail: admin@example.com

ldap://: This is the basic LDAP protocol that allows for structured access to a directory service. 

ldaps://: This variant is used to indicate LDAP over SSL/TLS. Normal LDAP traffic is not  encrypted, although most LDAP implementations support this. If you are operating LDAP over an insecure network, encryption is strongly recommended.

Access to an LDAP Server



Clients can query and modify data in the Directory using commands.

An LDAP directory is organized in a simple "tree" hierarchy