What is LDAP?
Solution 1:
I wrote this article a few years ago, which explains the basics of LDAP
Solution 2:
LDAP (Lightweight Directory Access Protocol) is an application level protocol that allows clients to interface with compliant directory services for the purposes of manipulating directory entities or querying the directory for information. One of its primary benefits is to provide a standardized interface for systems across multiple platforms.
On most directory systems LDAP is not the only interface available for communicating with the server. Other native interfaces usually exist which could provide performance and other benefits.
The standard concept behind an LDAP session is this:
- Connect to the LDAP compliant server
- Bind to the directory at some base level (called the BaseDN). This is usually a container object somewhere within the structure of the directory such as an OU. You may or may not be able to bind anonymously depending on whether or not the directory is configured to allow anonymous access
- Execute your query or statement
Queries can be executed as follows:
- within the same level in the structure that you are bound to (a Base scope query)
- within the same level or one level below where you are bound to (a One Level scope query)
- recursively down the entire structure beginning where you are bound (a Subtree sceop query)
Because directories can be very distributed and contain an inordinate amount of information, directory administrators are usually given the option to limit LDAP queries to a certain number of results (1000 is a common max for a result set).
Solution 3:
Think of it as a database that is organized in a tree, so for example you can have a typical structure of a company organized in a natural way. A top level company, with groups/departments under it and employees at the end, which themself can have multiple properties (like name, telephone, mail, address, etc.). Then tell him that it's also suitable for every other data that is organized in a similar way and that it is accessed by an open protocol from various platforms/languages.
Also, from wikipedia: "A directory is a set of objects with attributes organized in a logical and hierarchical manner. The most common example is the telephone directory, which consists of a series of names (either of persons or organizations) organized alphabetically, with each name having an address and phone number attached."
That's the most newbie friendly explanation i can think of, without going into technical details.