I have a question regarding to the purpose of AD LDS.
Currently I am playing around with windows server infrastructure to have a better understanding of their inner workings and aim to build a simple test network. I have finished installing and setting up my domain controller (with AD DS, DHCP and DNS installed) and am now intending to build an external network(more commonly known as DMZ zone in the business world) that will probably contains a share Point or normal web application.
From what I have researched, I understand that I can use LDAP authentication to perform single sign on access on my web applications. I too understand that AD DS comes installed with LDAP port as well. My question is this, do i still require the use of an AD LDS in this situation
From what i understand about AD LDS, it allows me to synchronize user data from my active directory. With the synchronize data, I can then perform ldap authentication. However, the same can be achieve without the use of AD LDS right? I can still connect to the ldap port at my active directory and still achieve the same thing right?