The Benefits of LDAP/X.500 Directories. Information on people, computer resources, and access privileges can be put in many types of data stores. Quite often, it's put in a data store accessed through LDAP or X.500 protocols.

The benefits of using LDAP- or X.500-accessible directories are:

• The open protocol access of LDAP, combined with common core schema, is useful in many situations, particularly in support of products with LDAP support (PKI, email, Radius, etc.).
• Schema extensibility. It is easy and natural to extend an LDAP/X.500 core schema.
• Performance/scaling is hard to achieve with other approaches.
• The directory can be distributed (e.g., for U.S. eGov PKI).
• There's good support for various real-world authorization and delegation models in a hierarchical structure. So directories are suitable for representing identities, groups, and policies. Applications can extend authentication mechanisms to include PKI, biometrics, and tokens.

Irrespective of the choice of an X.500 or non-X.500 back end, LDAP is the most common form of access. X.500 DAP is sometimes required, particularly for high security where signed operations are desirable (not available in LDAP) ... David Ferris, With thanks to Isode's Steve Kille and Persistent Systems' Sameer Karmarkar