The Lightweight Directory Access Protocol (LDAP ) is an application protocol for querying and modifying data of directory services implemented in Internet Protocol (IP) networks. The application allows greater IT Administration configuration and control over user security and accessibility.
Enterprise Client Use
Enterprise clients can use LDAP to allow 'certain' user groups access to certain environments (using Windows AD roles ). E.g. based on a users AD account setup, users can be restricted from a specific Enterprise Org.
LDAP makes use of a Enterprise Users' domain profile; i.e. domain user login and password. The network domain account usurps control of the Enterprise login page; an Enterprise user name must match exactly the Win AD account and will allow entry when the netowrk domain password is entered, NOT the password saved in Enterprise.
Clients may use this technology if their IT policy require non-ambiguous user accounts; e.g. TWAppadmin cannot be an active users. Since the Domain User "TWAppadmin" cannot technically exist.
There are options around this feature for Admin users that make use of the SecurityURL User Preference.