Excerpts from this posting... good stuff...
http://360tek.blogspot.com/2006_03_01_360tek_archive.html
"
- Protocol Translation
- Web Service Enablement
- Multi-Repository Search
- Joined Identity View
- Permission-Based Results
- Dynamic DIT
- Authentication
- Real-Time Data Access
Virtual Directory technologies eliminate boundaries. Hassles related to LDAP object types, attribute definitions and other schema-related issues are eliminated by virtualizing the view into the backend identity stores. You're no longer limited by the existing data format or database branding. There's no requirement to migrate the data from a relational database into an LDAP directory in order to make the data LDAP- or Web Service- accessible."
He talks about these issues quickly, but don't think they are not HUGE issues in deployment.
Also, some virtual directories offer more interfaces than standard just LDAP, he alludes to this fact as "web service- accessible", but still implies the use of LDAP for the web service. Some virtual directories could present information by other protocols such as DSML (for web services), SQL, SOAP, SAML, etc. Make sure the virtual directory you use supports different protocols for application access.