Active Directory is Microsoft’s implementation of a Directory Service. A Directory is similar to a database, but typically contains more descriptive, attribute-based data; that is, data read more often than it is written. A Directory Service is a network service that identifies all resources on a network and makes them accessible to users and applications. Resources include e-mail addresses, computers, and peripheral devices such as printers.
Active Directory uses LDAP for Authorization and Kerberos for Authentication.
LDAP or Lightweight Directory Access Protocol is an open, vendor-neutral, industry standard protocol for accessing Directory services in order to retrieve data or write data. In more simpler terms LDAP is an application protocol that queries or modifies specified information from the Active Directory’s global catalog.
Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. It works on the basis of ‘tickets’ to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.