I did a lot of work with LDAP half a year ago, and the concept of ldap.js was the first thing that sprung to mind as a way to make the whole experience more developer-friendly. Only I was too lazy too actually go ahead and build it... kudos to Mark Cavage for pulling this off :-)
There's just something very wrong about having to use 90s database technology solely because people like (or are stuck with) the associated protocol.
For everything from applicant tracking systems to databases, I often think "at least it isn't an Oracle product." Seems like some other company could use this given enough of us already think it.
I know this will be down-voted for being a Reddit-esque comment, but it was worth it.
I wouldn't call LDAP "90s database technology" because a much better word choice would be "directory". The data is arranged in a tree, in very much the same way directories on your local filesystem are arranged in a tree.
I think the primary use case is to allow user records for a site to be very distributed, therefore fast and highly available. DNS for people/accounts, maybe.
It's even web friendly, in the sense that ldap:// identifiers are urls.
You might be able to argue that it was a NoSQL solution over a decade before NoSql was cool, however :)
"90s database technology" in the sense that it's hard to work with and the support costs are unnecessarily high. The protocol is hard to work with - which makes debugging less appealing and thus most people avoid trying - and no server I've seen with the arguable exception ActiveDirectory has well-designed logging for typical sysadmin needs.
Beyond that everyone other than Microsoft uses the OpenLDAP code, which has a number of basic errors and rough-edges. slapd has numerous deadlock conditions and the only backend which doesn't have a low risk of corrupting your data (MySQL) is discouraged. The client libraries had basic design failures for aeons - the most glaring being the assumption that the network is perfect and will never drop or delay packets (timeouts are checked after blocking operations return, which takes several days due to retries at multiple levels). This means that OS X, Linux, FreeBSD, etc. clients will become unusable if your LDAP server is less than perfect - and since slapd deadlocks under normal use, this will occur sporadically. The developers were largely in denial about this - my patch to set SO_RCVTIMEO / SO_SNDTIMEO was ignored with unproven claims that this would magically work in the bleeding-edge trunk version (untrue then, could have changed now) but the libpam-ldap maintain is more conscientious so the similar patch there was accepted a couple years ago so at least Linux clients actually attempt to failover.
You definitely have more detailed knowledge of LDAP than I do. Do you know if there is a better alternative? One which could serve as a user directory for most or all of the major desktop and mobile operating systems?
The problem is a massive network effect: almost everything supports LDAP - even Active Directory uses LDAP under the hood - and so there's a real network effect working against attempts to introduce something simpler. I was half-tempted to say "Facebook" since I'd lay even odds that LDAP won't be replaced by a similar network protocol rather than something which brings other selling points to increase the benefit of switching, and indeed it's becoming more and more common to use web-based authentication systems so that might be the eventual successor.
Something like ldap.js does seem like a good compromise: using a real database and a modern implementation without so much legacy baggage would probably be the best bet as you wouldn't be forced to upgrade every client just to get a working server.
Web(http)-based or not, I'm interested in network protocols that aren't tied to a specific website, or otherwise encumbered.
By now somebody must have designed a decent protocol mapping LDAP's data model directly onto a nice RESTful API that R. Fielding and TBL would be proud of.
For those interested, node-ldapauth covers a very small, specific set of use cases. I had to heavily modify it to work with my LDAP server. ldap.js looks much nicer and I wish it existed 6 months ago.
There's just something very wrong about having to use 90s database technology solely because people like (or are stuck with) the associated protocol.