A directory service (DS) is a software application or a set of applications that stores and organizes information about a computer network’s users and network resources, and that allows network administrators to manage users’ access to the resources.
Additionally, directory services act as an abstraction layer between users and shared resources.
A directory service should not be confused with the directory repository itself; which is the database that holds information about named objects that are managed in the directory service. In the case of the X.500 distributed directory services model, one or more namespaces (forests and trees of objects) are used to form the directory service.
The directory service provides the access interface to the data that is contained in one or more directory namespaces. The directory service interface acts as a central/common authority that can securely authenticate the system resources that manage the directory data.
Like a database, a directory service is highly optimized for reads and provides advanced search possibilities on many different attributes that can be associated with objects in a directory.
The data that is stored in the directory is defined by an extendible and modifiable schema. Directory services use a distributed model for storing their information and that information is usually replicated between directory servers.