LDAP vs. Active Directory: What's the Difference?

LDAP vs. Active Directory: What's the Difference?

Thousands of businesses across the globe save time and money with Okta. Find out what the impact of identity could be for your organisation.

LDAP vs. Active Directory: What's the Difference?

Learn why Top Industry Analysts consistently name Okta and Auth0 as the Identity Leader

Active Directory is a Microsoft product used to organise IT assets like users, computers, and printers. It integrates with most Microsoft Office and Server products.

Lightweight directory access protocol (LDAP) is a protocol, not a service. LDAP is used to talk to and query several different types of directories (including Active Directory).

What Is Active Directory?

Microsoft creates a lot of IT software, from Windows desktops to Windows Server, Exchange, Sharepoint, and more.

In the IT environment, users don’t want to use a separate password for each application they access. And IT admins want to be able to group people together and manage access to computers and printers.

Active Directory was created to ease the management of users and computers by storing information about them in a single directory.

Imagine working at a company without a directory:

  • You would have to keep providing a username and password for each application.
  • IT admins would have to manually assign you to every single application you need to access.
  • If you update your password or change your last name, you would have to do that in every application in which you have an account.

The directory brings together, in a central service, information about all the people, computers, and other assets