LDAP (Lightweight Directory Access Protocol) is basically a way of organizing information and providing access to it. It's commonly used for user, service and machine information, and it's incredibly useful. The Linux version is OpenLDAP. It will handle authentication as well as information (so the password aspect of login as well as looking up who the user is, where his home directory is, and so on). However, it's not as secure as it could be by default connections are unencrypted, so your password is being sent out in the open.
Previously, you could deal with this using SSL tunneling, but that has been deprecated since the retirement of LDAPv2 (in 2003). TLS is another option, but even using that, LDAP still has security problems.
For security, your best option is Kerberos. Kerberos is specifically designed to handle authentication. It will not do the information lookup that LDAP does. It avoids password security problems and enables single-sign-on (a very useful feature!).
So the ideal situation is to use both Kerberos and LDAP: one for authentication and one for information organization and access. In fact, they do play quite nicely together, but information about on how to achieve this is limited. If you do want to set them up, check out this two-part article I wrote (requires registration but is free) a while back which is still relevant. You can also get more information from the LDAP and Kerberos web pages.
This article was first published on ServerWatch.com.
One of the ways around the issues of security and control that make some businesses wary of cloud computing is to build a private cloud -- one that remains within the corporate firewall and is wholly controlled internally. Private clouds also increase the agility of IT an organization's IT infrastructure and make it easier to roll out new technology projects. Download this eBook to get the facts behind the private cloud and learn how your organization can get started.