Active Directory is a whole bunch of stuff build on top of something that looks like LDAP except less sucky, and it lets you do many things from setting permissions to sharing printers and deploying software. It's not something to be installed during a lazy Friday afternoon following a 'AD 101' tutorial though.

Yup. Basically, apps that do MS-specific LDAP queries to AD or something emulating it (Samba). It's also often useful for apps to be allow admin users to tweak the actual LDAP queries in case they have a custom enterprise-wise schema. Stanford, for example, used AD as the "single source of truth" with another LDAP setup for *NIX. (In addition to a modified version of MIT Krb5 with AFS integrations.)