Active directory is ldap, for lack of a better was to explain it. You can't separate ldap from active directory.
Active directory is a tree hierarchy. The forest is the top level, then you can have sub domains under that to level to separate it further. This works with permissions and what not to easily give access to people without giving them the entire domain access. This also helps with putting people in certain areas. This isn't common practice though. Just about everything that you can do with child domains you can do with a single domain with less complexity....even assigning permissions to certain users to have access to certain ous. If planned out right it isn't a big deal at all.
Start small and work big.
Ok thanks man. You've been very helpful