Let me try to draw a parallel between a file system -you know, this place where you trustfully organize all your work documents, your family pictures and other music files- and a good old LDAP Directory Server.
- the structure is the same: it's a tree!
Above, Microsoft Windows folders (on NTFS)
Below, LDAP entries (UnboundID Directory Server 22.214.171.124)
- items can be manipulated the same way!
- in LDAP, every object can have children. That is, it's like every file could also be a folder.
- in LDAP, every object is characterized by a class. It is like the file type, except that a class can inherit characteristics from a parent class. Imagine that a WORD 2007 document inherited characteristics that are common to other documents like say, a revision number. Now another document, say an Excel spreadsheet could also have a revision number even though the word and excel documents contents are very different in nature, they share some characteristics that can be described in a common "structure". That's in essence what the hierarchy of object classes achieve.
- In a file system, files can be journaled or revisioned. I don't know of any LDAP server supporting this as-is but LDAP servers usually have some sort of a changelog that can keep track of data changes for some time. This usually allows strong replication, resolution of conflicts and repairing most administrative errors with respect to data handling. Think of it as an integrated time machine.
- LDAP allows extra mechanisms than a file system does, a big one is a strong authentication system that has effectively made Directory servers prime candidates for ... Operating system (and thus file system) authentication
- LDAP supports grouping mechanisms