What is the purpose of Lightweight Directory Access Protocol (LDAP)?

LDAP is designed to access and maintain distributed directory information services across a network. It provides a standardized way for clients to locate and retrieve attributes about directory entries—such as users, groups, and devices—stored in a directory like OpenLDAP or Active Directory. The directory is organized hierarchically, and LDAP supports efficient lookups, as well as adding, modifying, and deleting entries with appropriate access control. It also enables authentication and authorization workflows, making LDAP a central mechanism for centralized user management and lookups used by many applications. It isn’t meant for sending system logs, transferring web pages, or assigning IP addresses—those tasks fall to syslog, HTTP/HTTPS, and DHCP, respectively.