[acdha]

The problem is a massive network effect: almost everything supports LDAP - even Active Directory uses LDAP under the hood - and so there's a real network effect working against attempts to introduce something simpler. I was half-tempted to say "Facebook" since I'd lay even odds that LDAP won't be replaced by a similar network protocol rather than something which brings other selling points to increase the benefit of switching, and indeed it's becoming more and more common to use web-based authentication systems so that might be the eventual successor.

Something like ldap.js does seem like a good compromise: using a real database and a modern implementation without so much legacy baggage would probably be the best bet as you wouldn't be forced to upgrade every client just to get a working server.

[charlieok]

Web(http)-based or not, I'm interested in network protocols that aren't tied to a specific website, or otherwise encumbered.

By now somebody must have designed a decent protocol mapping LDAP's data model directly onto a nice RESTful API that R. Fielding and TBL would be proud of.

That should make for a good upgrade path, no?