“In LDAP, authentication of users and machine access is very
secure. For machines, the LDAP client can be configured to need a
certificate before it’s allowed access. User authentication is done
by binding to the LDAP server as the user, over SSL. If the bind
succeeds, the user’s password was good, and he is authenticated.
The great news is that most applications support LDAP
authentication mechanisms.“Manageability is the main reason to switch.”