The most obvious difference is that ADAM is set up to run as a standalone application service; it isn't part of the system-level service NETLOGON. This means that instead of the LDAP functions being handled by the LSASS.EXE process, they instead run from the DSAMAIN.EXE process. The not-so-obvious upshot of this is that ADAM can be stopped or started on demand without having to reboot the machine. It also means ADAM can be updated as needed, again without rebooting the machine. Anytime you had to go anywhere near the LDAP functionality of a domain controller, you were pretty much guaranteed a reboot and had concerns of it restarting properly and users being impacted. All of these concerns are dramatically reduced now because Active Directory in Application Mode is just an application.

In addition to the benefit of stopping and starting on command, the new service implementation allows you to set up multiple instances of ADAM on a single machine each under a different service. So instead of having a single Active Directory instance on a machine responding to requests on port 389, you can have multiple ADAM instances on a machine listening on various ports ...