> 3. Support an embedded mode
>    * But who will ever use DNS or other services without LDAP
> provider?  The only advantage of the embedded access is the small
> performance gain which might not be that important in distributed
> directory services.

We really need this embeded mode. Many application will benefit from it
: no more complicated firwall configuration to let LDAP go through, no
more need to start the server before the application, etc. It's a little
bit like Jetty. Sometime, it's better to embrace everything in a simple

Well, if two run in the same machine, the client will use a loopback device to connect to the server, so firewall shouldn't be that much a problem.  I agree with you that embedded mode is useful, but we can still run both in the same VM and use loopback device.  Direct method invocation can come later.  
 +1 for "embedded" (whatever that is).  We're using it just as we would an embedded Jetty or Tomcat - we want to start it in the same JVM as our application and have the application have control over the LDAP server's lifecycle.  Direct method invocation isn't nearly as important as lifecycle control, in our situation.  So, I guess it depends on what you call "embedded".  :)  In our case it means tightly integrated, but not invisible.
Best Regards,