Episode 79: Directory Services: LDAP, Active Directory

Directory services are centralized databases that store and manage user credentials, permissions, and group memberships. In this episode, we explore how Lightweight Directory Access Protocol (LDAP) and Microsoft Active Directory (AD) function as the backbone of identity infrastructure. Topics include directory hierarchies, schema design, authentication flows, and integration with Kerberos. We also discuss common attacks on directories—like privilege escalation and replication abuse—and how to defend against them. For CISSPs, understanding directory services is essential for building scalable, secure access management systems.