Question on LDAP

["Krassos, Michael" <mkrassos () MIAMI EDU>]

We are pondering whether or not to implement an LDAP architecture to
support authorization attributes.  This would be used to store
attributes for different applications for use upon successful
authentication against our Active Directory environment.  Does anyone
have any experience with this, or doing something similar?  Is this the
general direction people are taking or feel they should be taking?  Any
feedback appreciated.