Active Directory Services

What is Active Directory?

Active Directory (AD) is a directory service that Microsoft developed for Windows

domain networks. It is included in most Windows Server operating systems as a 

set of processes and services.

A server running Active Directory Domain Services (AD DS) is called a domain 

controller. It authenticates and authorizes all users and computers in a Windows 

domain type network assigning and enforcing security policies for all computers 

and installing or updating software. For example, when a user logs into a computer

that is part of a Windows domain, Active Directory checks the submitted password 

and determines whether the user is a system administrator or normal user.  

Also, it allows management and storage of information, provides authentication and 

authorization mechanisms, and establishes a framework to deploy other related 

services: Certificate Services, Federated Services, Lightweight Directory Services 

and Rights Management Services

What is LDAP?

The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, 

industry standard application protocol for accessing and maintaining distributed 

directory information services over an Internet Protocol (IP) network. Directory 

services play an important role in developing intranet and Internet applications by

allowing the sharing of information about users, systems, networks, services, and 

applications throughout the network. As examples, directory services may provide

any organized set of records, often with a hierarchical structure, such as a corporate 

email directory.

A common use of LDAP is to provide a central place to store usernames and passwords. 

This allows many different applications and services to connect to the LDAP server to 

validate users

Available Active Directory servers 

1. Microsoft Active Directory - by Windows:

Active Directory is Microsoft's trademarked directory service, an integral part 

of the Windows 2000 architecture. Active Directory is a centralized and 

standardized system that automates network management of user data, security,

and distributed resources, and enables interoperation with other directories. 

Active Directory is designed especially for distributed networking environments.

2. OpenLDAP - by community developed(OpenLDAP foundation)

OpenLDAP is a free, open source implementation of the Lightweight Directory 

Access Protocol (LDAP) developed by the OpenLDAP Project. It is released 

under its own BSD-style license called the OpenLDAP Public License.

LDAP is a platform-independent protocol. Several common Linux distributions 

include OpenLDAP Software for LDAP support. The software also runs on 

BSD-variants, as well as AIX, Android, HP-UX, macOS, Solaris, Microsoft 

Windows (NT and derivatives, e.g. 2000, XP, Vista, Windows 7, etc.), and z/OS.

3. FreeIPA - an upstream open-source project for Red Hat Identity Manager

FreeIPA is an Identity management system. It aims to provide an easily managed 

Identity, Policy, and Audit (IPA). Its features are Integrated security information 

management solution combining Linux (Fedora), 389 Directory Server, MIT

Kerberos, NTP, DNS, Dogtag certificate system, SSSD and others, built on

 top of well known Open Source components and standard protocols, strong 

focus on ease of management and automation of installation and configuration 

tasks, full multi master replication for higher redundancy and scalability, 

extensible management interfaces (CLI, Web UI, XMLRPC and JSONRPC 

API) and Python SDK

4. ApacheDS - by Apache

ApacheDS™ is an extensible and embeddable directory server entirely written

in Java, which has been certified LDAPv3 compatible by the Open Group. 

Besides LDAP it supports Kerberos 5 and the Change Password Protocol. 

It has been designed to introduce triggers, stored procedures, queues and 

views to the world of LDAP which has lacked these rich constructs.

5. OpenDJ - by Oracle, ForgeRock

OpenDJ is a directory server which implements a wide range of Lightweight 

Directory Access Protocol and related standards, including full compliance with

LDAPv3 but also support for Directory Service Markup Language (DSMLv2).  

Written in Java, OpenDJ offers multi-master replication, access control, and 

many extensions.

6. 389 Directory - by Red Hat

The enterprise-class Open Source LDAP server for Linux. It is hardened by 

real-world use, is full-featured, supports multi-master replication, and already 

handles many of the largest LDAP deployments in the world. 

The 389 Directory Server can be downloaded for free, and set up in less 

than an hour.

Open Source LDAP Directory Servers 

1. OpenLDAP based on LDAP

2. FreeIPA based on 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag, LDAPv3

3. ApacheDS based on LDAP and Kerberos

4. OpenDJ based on LDAPv3

5. 389 Directory - based on LDAP

Licensed Open Source LDAP Directory Server 

1. OpenLDAP - OpenLdap Public Licence

2. ApacheDS - under Apache License

3. OpenDJ - under the CDDL(Common Development and Distribution License)

4. FreeIPA - under the GNU General Public License v3

5. 389 Directory Server - GPL License