I like database user accounts, being an Old School DBA and all, but scalability is an issue. Managing 500 users across 10 databases is easy. If you have 50,000 users in your organization and they have mixed access to several hundred data sources ... time for an LDAP server to centrally manage the users. When you learn that user X is stealing corporate secrets, how do you lock his account in all databases in a reasonable amount of time? When someone retires, can you find all of the database that person had accounts in? In theory a LDAP would save time and money. Of course, it takes a lot of time and money to setup an LDAP. There's a financial equilibrium point to consider in your planning.