I have been looking at putting in LDAP myself. OpenLDAP is fine, but '389 Directory Server' (Formerly, Fedora Directory - a fork of ye olde Netscape Directory) seems to be the easiest to set up. Yes, it is a massive hunk of Java - but that is the only thing I have against it and even then I would still like to use it.