RE: [ActiveDir] Active Directory and LDAP
I saw a couple of these given out by Gil himself at DEC Wednesday... I didn't get one though. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Hunter, Laura E. Sent: Sunday, March 13, 2005 9:10 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Late in replying - been at the Publisher's Conference this week. > > I recommend your book a lot as well, in fact there is at least one > list member that has been trying to buy the darn thing based on my > recommendation but can't find it anywhere I have pointed at a > couple of resources, it was actually ordered from one resource (ebay) > and the member got a note back saying, oh sorry, I haven't had that in > stock for over a year So get with it Gil! Reprints! And don't > forget about getting me royalties for people I send that way. ;oP > Uhhh...yeah, that list member would be me. :-) Reprints! Reprints! REPRINTS! :-) Laura List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: :: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP
> > AD: Help! I broke it, and I can't go home! > *scribbles down* *steals for future usage* :-) Laura List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
Late in replying - been at the Publisher's Conference this week. > > I recommend your book a lot as well, in fact there is at > least one list member that has been trying to buy the darn > thing based on my recommendation but can't find it > anywhere I have pointed at a couple of resources, it was > actually ordered from one resource (ebay) and the member got > a note back saying, oh sorry, I haven't had that in stock for > over a year So get with it Gil! Reprints! And don't > forget about getting me royalties for people I send that way. ;oP > Uhhh...yeah, that list member would be me. :-) Reprints! Reprints! REPRINTS! :-) Laura List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: :: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP
Hey that is pretty snazzy for a title. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich MilburnSent: Tuesday, March 08, 2005 6:31 PMTo: ActiveDir@mail.activedir.orgSubject: RE: :: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP Active Directory – The Sorcerer’s Guide OR AD: Help! I broke it, and I can’t go home! Rich -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joeSent: Tuesday, March 08, 2005 5:07 PMTo: ActiveDir@mail.activedir.orgSubject: RE: :: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP LOL. I have been gathering all of the various ideas together over the years for applications into one place. I am sort of gathering ideas and posts I have written too in hopes I can slap that stuff together and come up with some sort of book. I don't expect writing a techy book is the way to riches and fame though. I doubt I will get the penetration in the market of say a Da Vinci Code or a Harry Potter though maybe if I tried to call it Harry Potter and the miracle of Active Directory joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Tuesday, March 08, 2005 9:18 AM To: ActiveDir@mail.activedir.org Subject: :: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP 1,000,000.00 - 3.00 = the first step taken and a down payment on a Starbuck's coffee :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Tuesday, March 08, 2005 9:07 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Joe - Write. A. Book. Your own. I'll buy it, if no one else will :p Rich --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 --- "I am always doing that which I can not do, in order that I may learn how to do it." - Pablo Picasso -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 9:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP What can I say... I didn't win the Lotto. :) It seems more and more like I am going to have to actually earn my first million. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Monday, March 07, 2005 10:14 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP " The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it" Here we go again -rtk P.S :p -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others
RE: [ActiveDir] Active Directory and LDAP
Ah ok. I think an easy way to configure that then would be in AD/AM. You could set up each domain as a root in a single AD/AM directory. For instance You have an empty ADAM directory C:\WINDOWS\ADAM>adfind -h . -config -rb cn=partitions -s one ncname AdFind V01.26.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 Using server: fastmofo.joe.com Directory: Active Directory Application Mode Base DN: cn=partitions,CN=Configuration,CN={E28AE3C2-1228-4F6B-917C-56B9757DB796} dn:CN=Enterprise Configuration,CN=Partitions,CN=Configuration,CN={E28AE3C2-1228-4F6B-917C-56B 9757DB796} >nCName: CN=Configuration,CN={E28AE3C2-1228-4F6B-917C-56B9757DB796} dn:CN=Enterprise Schema,CN=Partitions,CN=Configuration,CN={E28AE3C2-1228-4F6B-917C-56B9757DB7 96} CN=Schema,CN=Configuration,CN={E28AE3C2-1228-4F6B-917C-56B9757DB796} 2 Objects returned You add your two domain roots C:\WINDOWS\ADAM>admod -h . -betaadd -b dc=etherpunk,dc=com objectclass::domaindns instancetype::5 AdMod V01.03.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 DN Count: 1 Using server: fastmofo.joe.com Adding specified objects... DN: dc=etherpunk,dc=com... The command completed successfully C:\WINDOWS\ADAM>admod -h . -betaadd -b dc=set-con,dc=org objectclass::domaindns instancetype::5 AdMod V01.03.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 DN Count: 1 Using server: fastmofo.joe.com Adding specified objects... DN: dc=set-con,dc=org... The command completed successfully So now they are there for use: C:\WINDOWS\ADAM>adfind -h . -config -rb cn=partitions -s one ncname AdFind V01.26.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 Using server: fastmofo.joe.com Directory: Active Directory Application Mode Base DN: cn=partitions,CN=Configuration,CN={E28AE3C2-1228-4F6B-917C-56B9757DB796} dn:CN=6ef70b45-31ab-4fc5-9b7a-4d296ede6370,CN=Partitions,CN=Configuration,CN ={E28AE3C2-1228-4F6B-917C-56B9757DB796} >nCName: DC=set-con,DC=org dn:CN=a33cec78-fead-46f3-9242-d9de46b69fdd,CN=Partitions,CN=Configuration,CN ={E28AE3C2-1228-4F6B-917C-56B9757DB796} >nCName: DC=etherpunk,DC=com dn:CN=Enterprise Configuration,CN=Partitions,CN=Configuration,CN={E28AE3C2-1228-4F6B-917C-56B 9757DB796} >nCName: CN=Configuration,CN={E28AE3C2-1228-4F6B-917C-56B9757DB796} dn:CN=Enterprise Schema,CN=Partitions,CN=Configuration,CN={E28AE3C2-1228-4F6B-917C-56B9757DB7 96} >nCName: CN=Schema,CN=Configuration,CN={E28AE3C2-1228-4F6B-917C-56B9757DB796} 4 Objects returned C:\WINDOWS\ADAM>adfind -h . -b dc=etherpunk,dc=com -s one -dn AdFind V01.26.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 Using server: fastmofo.joe.com Directory: Active Directory Application Mode dn:CN=LostAndFound,DC=etherpunk,DC=com dn:CN=NTDS Quotas,DC=etherpunk,DC=com dn:CN=Roles,DC=etherpunk,DC=com 3 Objects returned C:\WINDOWS\ADAM>adfind -h . -b dc=set-con,dc=org -s one -dn AdFind V01.26.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 Using server: fastmofo.joe.com Directory: Active Directory Application Mode dn:CN=LostAndFound,DC=set-con,DC=org dn:CN=NTDS Quotas,DC=set-con,DC=org dn:CN=Roles,DC=set-con,DC=org 3 Objects returned -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Tuesday, March 08, 2005 9:52 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP By domain I mean domain names. Two of which are etherpunk.com and set-con.org (just to give some examples). To be honest, I really don't know what I'm after. I'm kinda just playing around doing two things. Making my life easier to manage these things for my friends / family and learning stuff that (hopefully) will get me experience at corporate level stuff. Wow, AD/AM seems *really* cool and worth a couple weeks of play time. =) Thanks! Kenny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 9:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Oh Kenny, something I intended to mention but forgot to... You mention your "hobby" of spinning up new domains, etc. By domain do you mean a new Windows NT Authentication Realm or Kerberos Realm or just a new LDAP Hierarchy? If the latter, AD/AM can be quite useful here as well since you can have multiple writeable partitions with completely different roots. In AD if you need a new root, you need to spin up another domain tree which means a whole other machine (virtual or real). For instance, here is one of my Adam test instances F:\Dev\CPP\AdMod>adfind -h . -b -s base namingcontexts AdFind V01.26.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 Using server: 2k38500 Directory: Active Directory Application Mode dn: >namingContexts: >CN=Configuration,CN={3BF96A23-C621-442F-8FA4-46452D708C97} >namingContexts: CN=Schema,CN=Configuration,CN={3BF96A23-C6
RE: [ActiveDir] Active Directory and LDAP
I'd buy it, too. But, only if I get to review it. I know joe well enough that I know the difference between uggh, and ugh. I can interpret the grunts fairly accurately. -rtk -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Tuesday, March 08, 2005 8:07 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Joe - Write. A. Book. Your own. I'll buy it, if no one else will :p Rich --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 --- "I am always doing that which I can not do, in order that I may learn how to do it." - Pablo Picasso -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 9:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP What can I say... I didn't win the Lotto. :) It seems more and more like I am going to have to actually earn my first million. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Monday, March 07, 2005 10:14 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP " The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it" Here we go again -rtk P.S :p -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as t
Re: :: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP
joe wrote: I don't expect writing a techy book is the way to riches and fame though. I doubt I will get the penetration in the market of say a Da Vinci Code or a Harry Potter though maybe if I tried to call it Harry Potter and the miracle of Active Directory write it - I'll buy it :) and then will study for five years at AD Hoghwart :) -- Tomasz Onyszko [MVP] [EMAIL PROTECTED] http://www.w2k.pl List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: :: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP
Active Directory – The Sorcerer’s Guide OR AD: Help! I broke it, and I can’t go home! Rich -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Tuesday, March 08, 2005 5:07 PM To: ActiveDir@mail.activedir.org Subject: RE: :: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP LOL. I have been gathering all of the various ideas together over the years for applications into one place. I am sort of gathering ideas and posts I have written too in hopes I can slap that stuff together and come up with some sort of book. I don't expect writing a techy book is the way to riches and fame though. I doubt I will get the penetration in the market of say a Da Vinci Code or a Harry Potter though maybe if I tried to call it Harry Potter and the miracle of Active Directory joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Tuesday, March 08, 2005 9:18 AM To: ActiveDir@mail.activedir.org Subject: :: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP 1,000,000.00 - 3.00 = the first step taken and a down payment on a Starbuck's coffee :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Tuesday, March 08, 2005 9:07 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Joe - Write. A. Book. Your own. I'll buy it, if no one else will :p Rich --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 --- "I am always doing that which I can not do, in order that I may learn how to do it." - Pablo Picasso -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 9:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP What can I say... I didn't win the Lotto. :) It seems more and more like I am going to have to actually earn my first million. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Monday, March 07, 2005 10:14 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP " The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it" Here we go again -rtk P.S :p -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replicat
RE: :: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP
LOL. I have been gathering all of the various ideas together over the years for applications into one place. I am sort of gathering ideas and posts I have written too in hopes I can slap that stuff together and come up with some sort of book. I don't expect writing a techy book is the way to riches and fame though. I doubt I will get the penetration in the market of say a Da Vinci Code or a Harry Potter though maybe if I tried to call it Harry Potter and the miracle of Active Directory joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Tuesday, March 08, 2005 9:18 AM To: ActiveDir@mail.activedir.org Subject: :: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP 1,000,000.00 - 3.00 = the first step taken and a down payment on a Starbuck's coffee :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Tuesday, March 08, 2005 9:07 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Joe - Write. A. Book. Your own. I'll buy it, if no one else will :p Rich --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 --- "I am always doing that which I can not do, in order that I may learn how to do it." - Pablo Picasso -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 9:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP What can I say... I didn't win the Lotto. :) It seems more and more like I am going to have to actually earn my first million. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Monday, March 07, 2005 10:14 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP " The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it" Here we go again -rtk P.S :p -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec
RE: [ActiveDir] Active Directory and LDAP
Agreed, and with ADAM and MIIS in the mix, I am sure solutions that incorporate them as well would be useful. Robbie was looking for suggestions on an ADAM Cookbook or Missing Manual. Could be an interesting collaboration, of course that would require the 28th hour of the day. Todd -Original Message- From: Gil Kirkpatrick [mailto:[EMAIL PROTECTED] Sent: Monday, March 07, 2005 4:28 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Yeah, I don't own the rights , but I might be able to get them. I'll have to look into it. -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 2:22 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Probably depends on his agreement with the publisher on whether he can do it or not. Gil may not own the rights to the book to do this even if he wants to. Personally I think he should update it and sell it. The first time around it was pretty early in the AD world without a huge number of adopters. Different market now. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Kaiser Sent: Monday, March 07, 2005 2:44 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP If it's out of print, Gil should just make the PDF available free to list members online... :-) Unless of course, he's planning to actually DO those reprints and make some money off of them... ** Charlie Kaiser MCSE, CCNA Systems Engineer Essex Credit / Brickwalk 510 595 5083 ** > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of joe > Sent: Monday, March 07, 2005 9:39 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > I recommend your book a lot as well, in fact there is at least one > list member that has been trying to buy the darn thing based on my > recommendation but can't find it anywhere I have pointed at a > couple of resources, it was actually ordered from one resource (ebay) > and the member got a note back saying, oh sorry, I haven't had that in > stock for over a year So get with it Gil! Reprints! And don't > forget about getting me royalties for people I send that way. ;oP > > Anyway, for this person, I am not sure throwing them into AD > programming book is the best course at least initially. :o) It is > like someone who wants to use kerberos and you point them at the MIT > dist. > > joe > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Gil > Kirkpatrick > Sent: Monday, March 07, 2005 12:19 PM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Aww, man... How come my book isn't up there? > > -gil > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of joe > Sent: Monday, March 07, 2005 10:11 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Hey now... Don't forget about Alistair. He did that first edition > himself and did it well. :) > > The Cat Book rocks. Actually I should get royalties for that one too, > I have made a bunch of people buy it and have bought and given away > multiple copies myself. I still have my first copy though it is quite > dog-eared and I put laminating plastic on the covers so they wouldn't > get too torn up. > > Here is the actual AD Org Books link - > http://www.activedir.org/Books.aspx , actually it would be kind of > cool if we could rate them. How about it Tony? > Have a couple of fields for each, number of people who have the book, > number of people who recommend it, number of people who don't > recommend it. > > I am surprised AD Developers Reference Library by Iseminger is on the > list. > That is a great book but wouldn't expect a lot of the list users to > have read it. I recall reading it back in like 2001 or so and getting > a bit scared at what a really pissed off AD programmer could pull off. > > > joe > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al > Sent: Monday, March 07, 2005 11:58 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Personally? I like to think of AD as a GUI to Microsoft's > implementation of LDAP. That simplifies a lot of things for me. > However, there is more to it than that and the books you ordered > should help in clarify
RE: [ActiveDir] Active Directory and LDAP
By domain I mean domain names. Two of which are etherpunk.com and set-con.org (just to give some examples). To be honest, I really don't know what I'm after. I'm kinda just playing around doing two things. Making my life easier to manage these things for my friends / family and learning stuff that (hopefully) will get me experience at corporate level stuff. Wow, AD/AM seems *really* cool and worth a couple weeks of play time. =) Thanks! Kenny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 9:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Oh Kenny, something I intended to mention but forgot to... You mention your "hobby" of spinning up new domains, etc. By domain do you mean a new Windows NT Authentication Realm or Kerberos Realm or just a new LDAP Hierarchy? If the latter, AD/AM can be quite useful here as well since you can have multiple writeable partitions with completely different roots. In AD if you need a new root, you need to spin up another domain tree which means a whole other machine (virtual or real). For instance, here is one of my Adam test instances F:\Dev\CPP\AdMod>adfind -h . -b -s base namingcontexts AdFind V01.26.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 Using server: 2k38500 Directory: Active Directory Application Mode dn: >namingContexts: >CN=Configuration,CN={3BF96A23-C621-442F-8FA4-46452D708C97} >namingContexts: CN=Schema,CN=Configuration,CN={3BF96A23-C621-442F-8FA4-46452D708C97} >namingContexts: DC=adam,DC=joeware2,DC=net >namingContexts: DC=joe,DC=local >namingContexts: CN=testcontainer 1 Objects returned You will note the standard config and schema NCs. But I also have 3 other writeable NCs each with a different root. DC=adam,DC=joeware2,DC=net - DC=joe,DC=local - CN=testcontainer. That last "CN=testcontainer" can't be done on AD. To create a new NC you simply do an object add. I believe you can use any container type objectclass for the NC root. So I could spin up a new NC that was say an organizational unit on a given server and port like so admod -h server:port -b ou=newroot objectclass::organizationalunit instancetype::5 -betaadd F:\Dev\CPP\AdMod>admod -h 2k38500:389 -b ou=newroot objectclass::organizationalunit instancetype::5 -betaadd AdMod V01.03.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 DN Count: 1 Using server: 2k38500 Adding specified objects... DN: ou=newroot... The command completed successfully [Mon 03/07/2005 22:46:59.73] F:\Dev\CPP\AdMod>adfind -h . -b -s base namingcontexts AdFind V01.26.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 Using server: 2k38500 Directory: Active Directory Application Mode dn: >namingContexts: >CN=Configuration,CN={3BF96A23-C621-442F-8FA4-46452D708C97} >namingContexts: CN=Schema,CN=Configuration,CN={3BF96A23-C621-442F-8FA4-46452D708C97} >namingContexts: DC=adam,DC=joeware2,DC=net >namingContexts: DC=joe,DC=local >namingContexts: CN=testcontainer >namingContexts: OU=newroot 1 Objects returned [Mon 03/07/2005 22:47:05.60] F:\Dev\CPP\AdMod>adfind -h . -b ou=newroot -dn AdFind V01.26.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 Using server: 2k38500 Directory: Active Directory Application Mode dn:OU=newroot dn:CN=LostAndFound,OU=newroot dn:CN=NTDS Quotas,OU=newroot dn:CN=Roles,OU=newroot dn:CN=Administrators,CN=Roles,OU=newroot dn:CN=Users,CN=Roles,OU=newroot dn:CN=Readers,CN=Roles,OU=newroot 7 Objects returned [Mon 03/07/2005 22:47:26.52] F:\Dev\CPP\AdMod> joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 4:20 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP AD/AM is primarily just the LDAP directory part of AD. It doesn't do kerberos nor the NSPI stuff. So if you want to play say with Exchange you have to go to AD. If you want to kerberize authentications, you need AD. If you are simply playing with adding/removing/reading/querying data for users in a directory, AD/AM should be fine for you. It is generally easier to play with because you don't have the DNS requirements behind it and there is basically less to break down and cause issues. It is really nice because you don't have much worry about updating the schema as you can quickly wipe out the instance and rebuild it or you could have multiple instances running on one single machine listening on different ports, etc. If you want to learn all about Windows domain functionality, load AD. If you just want to learn the LDAP pieces, get AD/AM. joe -Original Message From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 2:33 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active
:: Horribly OT :: RE: [ActiveDir] Active Directory and LDAP
1,000,000.00 - 3.00 = the first step taken and a down payment on a Starbuck's coffee :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Tuesday, March 08, 2005 9:07 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Joe - Write. A. Book. Your own. I'll buy it, if no one else will :p Rich --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 --- "I am always doing that which I can not do, in order that I may learn how to do it." - Pablo Picasso -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 9:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP What can I say... I didn't win the Lotto. :) It seems more and more like I am going to have to actually earn my first million. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Monday, March 07, 2005 10:14 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP " The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it" Here we go again -rtk P.S :p -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Per
RE: [ActiveDir] Active Directory and LDAP
Joe - Write. A. Book. Your own. I'll buy it, if no one else will :p Rich --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 --- "I am always doing that which I can not do, in order that I may learn how to do it." - Pablo Picasso -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 9:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP What can I say... I didn't win the Lotto. :) It seems more and more like I am going to have to actually earn my first million. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Monday, March 07, 2005 10:14 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP " The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it" Here we go again -rtk P.S :p -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info
RE: [ActiveDir] Active Directory and LDAP
I'm glad to hear that it's finally dawned on you that you're more like the rest of us than you want to admit Actually have to EARN your first million Yeah. I suspect you're closer than I am. Yur killin' me, joe. ;o) -rtk -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 9:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP What can I say... I didn't win the Lotto. :) It seems more and more like I am going to have to actually earn my first million. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Monday, March 07, 2005 10:14 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP " The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it" Here we go again -rtk P.S :p -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive:
RE: [ActiveDir] Active Directory and LDAP
Ahh, my ego has been assuaged... :) You're welcome! From: [EMAIL PROTECTED] on behalf of Rick Kingslan Sent: Mon 3/7/2005 8:25 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Oh, and mine's signed! Thanks again, Gil! :) -rtk -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Monday, March 07, 2005 9:16 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP It's the best Nuts and bolts book on programming to AD that I've got on the shelf. "Active Directory Programming" by Gil Kirkpatrick -rtk -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 11:19 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archi
RE: [ActiveDir] Active Directory and LDAP
What can I say... I didn't win the Lotto. :) It seems more and more like I am going to have to actually earn my first million. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Monday, March 07, 2005 10:14 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP " The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it" Here we go again -rtk P.S :p -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
Oh Kenny, something I intended to mention but forgot to... You mention your "hobby" of spinning up new domains, etc. By domain do you mean a new Windows NT Authentication Realm or Kerberos Realm or just a new LDAP Hierarchy? If the latter, AD/AM can be quite useful here as well since you can have multiple writeable partitions with completely different roots. In AD if you need a new root, you need to spin up another domain tree which means a whole other machine (virtual or real). For instance, here is one of my Adam test instances F:\Dev\CPP\AdMod>adfind -h . -b -s base namingcontexts AdFind V01.26.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 Using server: 2k38500 Directory: Active Directory Application Mode dn: >namingContexts: CN=Configuration,CN={3BF96A23-C621-442F-8FA4-46452D708C97} >namingContexts: CN=Schema,CN=Configuration,CN={3BF96A23-C621-442F-8FA4-46452D708C97} >namingContexts: DC=adam,DC=joeware2,DC=net >namingContexts: DC=joe,DC=local >namingContexts: CN=testcontainer 1 Objects returned You will note the standard config and schema NCs. But I also have 3 other writeable NCs each with a different root. DC=adam,DC=joeware2,DC=net - DC=joe,DC=local - CN=testcontainer. That last "CN=testcontainer" can't be done on AD. To create a new NC you simply do an object add. I believe you can use any container type objectclass for the NC root. So I could spin up a new NC that was say an organizational unit on a given server and port like so admod -h server:port -b ou=newroot objectclass::organizationalunit instancetype::5 -betaadd F:\Dev\CPP\AdMod>admod -h 2k38500:389 -b ou=newroot objectclass::organizationalunit instancetype::5 -betaadd AdMod V01.03.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 DN Count: 1 Using server: 2k38500 Adding specified objects... DN: ou=newroot... The command completed successfully [Mon 03/07/2005 22:46:59.73] F:\Dev\CPP\AdMod>adfind -h . -b -s base namingcontexts AdFind V01.26.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 Using server: 2k38500 Directory: Active Directory Application Mode dn: >namingContexts: CN=Configuration,CN={3BF96A23-C621-442F-8FA4-46452D708C97} >namingContexts: CN=Schema,CN=Configuration,CN={3BF96A23-C621-442F-8FA4-46452D708C97} >namingContexts: DC=adam,DC=joeware2,DC=net >namingContexts: DC=joe,DC=local >namingContexts: CN=testcontainer >namingContexts: OU=newroot 1 Objects returned [Mon 03/07/2005 22:47:05.60] F:\Dev\CPP\AdMod>adfind -h . -b ou=newroot -dn AdFind V01.26.00cpp Joe Richards ([EMAIL PROTECTED]) February 2005 Using server: 2k38500 Directory: Active Directory Application Mode dn:OU=newroot dn:CN=LostAndFound,OU=newroot dn:CN=NTDS Quotas,OU=newroot dn:CN=Roles,OU=newroot dn:CN=Administrators,CN=Roles,OU=newroot dn:CN=Users,CN=Roles,OU=newroot dn:CN=Readers,CN=Roles,OU=newroot 7 Objects returned [Mon 03/07/2005 22:47:26.52] F:\Dev\CPP\AdMod> joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 4:20 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP AD/AM is primarily just the LDAP directory part of AD. It doesn't do kerberos nor the NSPI stuff. So if you want to play say with Exchange you have to go to AD. If you want to kerberize authentications, you need AD. If you are simply playing with adding/removing/reading/querying data for users in a directory, AD/AM should be fine for you. It is generally easier to play with because you don't have the DNS requirements behind it and there is basically less to break down and cause issues. It is really nice because you don't have much worry about updating the schema as you can quickly wipe out the instance and rebuild it or you could have multiple instances running on one single machine listening on different ports, etc. If you want to learn all about Windows domain functionality, load AD. If you just want to learn the LDAP pieces, get AD/AM. joe -Original Message From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 2:33 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP I'll probably want programmer side later, when I understand what I'm doing. BTW, someone posted this link: http://www.microsoft.com/windowsserver2003/adam/default.mspx Here is Microsoft's definition: Windows Server 2003 Active Directory Application Mode For organizations that require flexible support for directory-enabled applications, Microsoft has developed Active Directory(r) Application Mode (ADAM). ADAM is a Lightweight Directory Access Protocol (LDAP) directory service that runs as a user service, rather than as a system service. Active Directory Application Mode represents a breakthrough in directory services technology that provides flexibil
RE: [ActiveDir] Active Directory and LDAP
Oh, and mine's signed! Thanks again, Gil! :) -rtk -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Monday, March 07, 2005 9:16 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP It's the best Nuts and bolts book on programming to AD that I've got on the shelf. "Active Directory Programming" by Gil Kirkpatrick -rtk -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 11:19 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activ
RE: [ActiveDir] Active Directory and LDAP
It's the best Nuts and bolts book on programming to AD that I've got on the shelf. "Active Directory Programming" by Gil Kirkpatrick -rtk -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 11:19 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
" The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it" Here we go again -rtk P.S :p -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
Yeah, I don't own the rights , but I might be able to get them. I'll have to look into it. -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 2:22 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Probably depends on his agreement with the publisher on whether he can do it or not. Gil may not own the rights to the book to do this even if he wants to. Personally I think he should update it and sell it. The first time around it was pretty early in the AD world without a huge number of adopters. Different market now. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Kaiser Sent: Monday, March 07, 2005 2:44 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP If it's out of print, Gil should just make the PDF available free to list members online... :-) Unless of course, he's planning to actually DO those reprints and make some money off of them... ** Charlie Kaiser MCSE, CCNA Systems Engineer Essex Credit / Brickwalk 510 595 5083 ** > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of joe > Sent: Monday, March 07, 2005 9:39 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > I recommend your book a lot as well, in fact there is at least one > list member that has been trying to buy the darn thing based on my > recommendation but can't find it anywhere I have pointed at a > couple of resources, it was actually ordered from one resource (ebay) > and the member got a note back saying, oh sorry, I haven't had that in > stock for over a year So get with it Gil! Reprints! And don't > forget about getting me royalties for people I send that way. ;oP > > Anyway, for this person, I am not sure throwing them into AD > programming book is the best course at least initially. :o) It is > like someone who wants to use kerberos and you point them at the MIT > dist. > > joe > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Gil > Kirkpatrick > Sent: Monday, March 07, 2005 12:19 PM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Aww, man... How come my book isn't up there? > > -gil > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of joe > Sent: Monday, March 07, 2005 10:11 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Hey now... Don't forget about Alistair. He did that first edition > himself and did it well. :) > > The Cat Book rocks. Actually I should get royalties for that one too, > I have made a bunch of people buy it and have bought and given away > multiple copies myself. I still have my first copy though it is quite > dog-eared and I put laminating plastic on the covers so they wouldn't > get too torn up. > > Here is the actual AD Org Books link - > http://www.activedir.org/Books.aspx , actually it would be kind of > cool if we could rate them. How about it Tony? > Have a couple of fields for each, number of people who have the book, > number of people who recommend it, number of people who don't > recommend it. > > I am surprised AD Developers Reference Library by Iseminger is on the > list. > That is a great book but wouldn't expect a lot of the list users to > have read it. I recall reading it back in like 2001 or so and getting > a bit scared at what a really pissed off AD programmer could pull off. > > > joe > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al > Sent: Monday, March 07, 2005 11:58 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Personally? I like to think of AD as a GUI to Microsoft's > implementation of LDAP. That simplifies a lot of things for me. > However, there is more to it than that and the books you ordered > should help in clarifying that. > > You don't need to know LDAP to make AD work, but it helps. > It's a great > help to me to understand the differences between Microsoft's AD and > Sun's implementation of LDAP or IBM's implementation or any of the > others for the basics. > > When you start getting into managing the directory and the objects in > the directory, Microsoft really differentiates itself with GPO's and > the multi-master repl
RE: [ActiveDir] Active Directory and LDAP
Probably depends on his agreement with the publisher on whether he can do it or not. Gil may not own the rights to the book to do this even if he wants to. Personally I think he should update it and sell it. The first time around it was pretty early in the AD world without a huge number of adopters. Different market now. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Kaiser Sent: Monday, March 07, 2005 2:44 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP If it's out of print, Gil should just make the PDF available free to list members online... :-) Unless of course, he's planning to actually DO those reprints and make some money off of them... ** Charlie Kaiser MCSE, CCNA Systems Engineer Essex Credit / Brickwalk 510 595 5083 ** > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of joe > Sent: Monday, March 07, 2005 9:39 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > I recommend your book a lot as well, in fact there is at least one > list member that has been trying to buy the darn thing based on my > recommendation but can't find it anywhere I have pointed at a > couple of resources, it was actually ordered from one resource (ebay) > and the member got a note back saying, oh sorry, I haven't had that in > stock for over a year So get with it Gil! Reprints! And don't > forget about getting me royalties for people I send that way. ;oP > > Anyway, for this person, I am not sure throwing them into AD > programming book is the best course at least initially. :o) It is > like someone who wants to use kerberos and you point them at the MIT > dist. > > joe > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Gil > Kirkpatrick > Sent: Monday, March 07, 2005 12:19 PM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Aww, man... How come my book isn't up there? > > -gil > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of joe > Sent: Monday, March 07, 2005 10:11 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Hey now... Don't forget about Alistair. He did that first edition > himself and did it well. :) > > The Cat Book rocks. Actually I should get royalties for that one too, > I have made a bunch of people buy it and have bought and given away > multiple copies myself. I still have my first copy though it is quite > dog-eared and I put laminating plastic on the covers so they wouldn't > get too torn up. > > Here is the actual AD Org Books link - > http://www.activedir.org/Books.aspx , actually it would be kind of > cool if we could rate them. How about it Tony? > Have a couple of fields for each, number of people who have the book, > number of people who recommend it, number of people who don't > recommend it. > > I am surprised AD Developers Reference Library by Iseminger is on the > list. > That is a great book but wouldn't expect a lot of the list users to > have read it. I recall reading it back in like 2001 or so and getting > a bit scared at what a really pissed off AD programmer could pull off. > > > joe > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al > Sent: Monday, March 07, 2005 11:58 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Personally? I like to think of AD as a GUI to Microsoft's > implementation of LDAP. That simplifies a lot of things for me. > However, there is more to it than that and the books you ordered > should help in clarifying that. > > You don't need to know LDAP to make AD work, but it helps. > It's a great > help to me to understand the differences between Microsoft's AD and > Sun's implementation of LDAP or IBM's implementation or any of the > others for the basics. > > When you start getting into managing the directory and the objects in > the directory, Microsoft really differentiates itself with GPO's and > the multi-master replication and the tools to support the > infrastructure. > > As you're looking at this, remember that name resolution is one of the > most important things you can deal with when making AD a solid > enterprise app. > > The book from O'Reilly sounds like Robbie's book. I haven't re
RE: [ActiveDir] Active Directory and LDAP
AD/AM is primarily just the LDAP directory part of AD. It doesn't do kerberos nor the NSPI stuff. So if you want to play say with Exchange you have to go to AD. If you want to kerberize authentications, you need AD. If you are simply playing with adding/removing/reading/querying data for users in a directory, AD/AM should be fine for you. It is generally easier to play with because you don't have the DNS requirements behind it and there is basically less to break down and cause issues. It is really nice because you don't have much worry about updating the schema as you can quickly wipe out the instance and rebuild it or you could have multiple instances running on one single machine listening on different ports, etc. If you want to learn all about Windows domain functionality, load AD. If you just want to learn the LDAP pieces, get AD/AM. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 2:33 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP I'll probably want programmer side later, when I understand what I'm doing. BTW, someone posted this link: http://www.microsoft.com/windowsserver2003/adam/default.mspx Here is Microsoft's definition: Windows Server 2003 Active Directory Application Mode For organizations that require flexible support for directory-enabled applications, Microsoft has developed Active Directory(r) Application Mode (ADAM). ADAM is a Lightweight Directory Access Protocol (LDAP) directory service that runs as a user service, rather than as a system service. Active Directory Application Mode represents a breakthrough in directory services technology that provides flexibility and helps organizations avoid increased infrastructure costs. My interpreation is: We use LDAP and some other common nifty stuff, but also have our usual secret sauce that makes it special. So, I would then assume that LDAP is a specific section of AD and other parts can (and probably are/will) be included in most domains. I guess my next step is to get a 2k3 active directory book and figure out the different parts of it and get more books from there as needed. Right now I'm assuming I don't know jack about AD aside from what the GUI shows (and even then...) and I know AD is allot more powerful that what I'm using it for where I work. /curious george mode engages As for my personal hobby at home, I just want the easiest thing to manage. I sometimes add a domain, sometimes a user, sometimes an alias. The reason LDAP appealed to me was that a domain is the root. A user is under that, and the user's special things (like having SSH access, or their own website) could be implemented easily through that (given I wrote some code or did some special things...). Kenny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 11:56 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Stella has been scrounging the dusty antiquarian bookshops in New York and London and has managed to snag a few copies. We'll have a handful of my books available at DEC. For some reason Pearson never wanted to do a 2nd edition. What a bunch of poopy-heads (according to my 4 year old). Yeah, it doesn't sound like Kenny is looking for the programmers end of things. -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:39 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP I recommend your book a lot as well, in fact there is at least one list member that has been trying to buy the darn thing based on my recommendation but can't find it anywhere I have pointed at a couple of resources, it was actually ordered from one resource (ebay) and the member got a note back saying, oh sorry, I haven't had that in stock for over a year So get with it Gil! Reprints! And don't forget about getting me royalties for people I send that way. ;oP Anyway, for this person, I am not sure throwing them into AD programming book is the best course at least initially. :o) It is like someone who wants to use kerberos and you point them at the MIT dist. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 12:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edi
RE: [ActiveDir] Active Directory and LDAP
Ah, thank you for pointing that out. I did confused them. Kenny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 2:31 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hmm... Although based on the same technology, don't confuse ADAM with AD. ADAM is the lightweight version of AD technology. I.E. it's an LDAP server vs. an identification, authentication, and authorization infrastructure (aka special sauce ingredients). Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 2:33 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP I'll probably want programmer side later, when I understand what I'm doing. BTW, someone posted this link: http://www.microsoft.com/windowsserver2003/adam/default.mspx Here is Microsoft's definition: Windows Server 2003 Active Directory Application Mode For organizations that require flexible support for directory-enabled applications, Microsoft has developed Active Directory(r) Application Mode (ADAM). ADAM is a Lightweight Directory Access Protocol (LDAP) directory service that runs as a user service, rather than as a system service. Active Directory Application Mode represents a breakthrough in directory services technology that provides flexibility and helps organizations avoid increased infrastructure costs. My interpreation is: We use LDAP and some other common nifty stuff, but also have our usual secret sauce that makes it special. So, I would then assume that LDAP is a specific section of AD and other parts can (and probably are/will) be included in most domains. I guess my next step is to get a 2k3 active directory book and figure out the different parts of it and get more books from there as needed. Right now I'm assuming I don't know jack about AD aside from what the GUI shows (and even then...) and I know AD is allot more powerful that what I'm using it for where I work. /curious george mode engages As for my personal hobby at home, I just want the easiest thing to manage. I sometimes add a domain, sometimes a user, sometimes an alias. The reason LDAP appealed to me was that a domain is the root. A user is under that, and the user's special things (like having SSH access, or their own website) could be implemented easily through that (given I wrote some code or did some special things...). Kenny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 11:56 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Stella has been scrounging the dusty antiquarian bookshops in New York and London and has managed to snag a few copies. We'll have a handful of my books available at DEC. For some reason Pearson never wanted to do a 2nd edition. What a bunch of poopy-heads (according to my 4 year old). Yeah, it doesn't sound like Kenny is looking for the programmers end of things. -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:39 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP I recommend your book a lot as well, in fact there is at least one list member that has been trying to buy the darn thing based on my recommendation but can't find it anywhere I have pointed at a couple of resources, it was actually ordered from one resource (ebay) and the member got a note back saying, oh sorry, I haven't had that in stock for over a year So get with it Gil! Reprints! And don't forget about getting me royalties for people I send that way. ;oP Anyway, for this person, I am not sure throwing them into AD programming book is the best course at least initially. :o) It is like someone who wants to use kerberos and you point them at the MIT dist. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 12:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too
RE: [ActiveDir] Active Directory and LDAP
Hmm... Although based on the same technology, don't confuse ADAM with AD. ADAM is the lightweight version of AD technology. I.E. it's an LDAP server vs. an identification, authentication, and authorization infrastructure (aka special sauce ingredients). Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 2:33 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP I'll probably want programmer side later, when I understand what I'm doing. BTW, someone posted this link: http://www.microsoft.com/windowsserver2003/adam/default.mspx Here is Microsoft's definition: Windows Server 2003 Active Directory Application Mode For organizations that require flexible support for directory-enabled applications, Microsoft has developed Active Directory(r) Application Mode (ADAM). ADAM is a Lightweight Directory Access Protocol (LDAP) directory service that runs as a user service, rather than as a system service. Active Directory Application Mode represents a breakthrough in directory services technology that provides flexibility and helps organizations avoid increased infrastructure costs. My interpreation is: We use LDAP and some other common nifty stuff, but also have our usual secret sauce that makes it special. So, I would then assume that LDAP is a specific section of AD and other parts can (and probably are/will) be included in most domains. I guess my next step is to get a 2k3 active directory book and figure out the different parts of it and get more books from there as needed. Right now I'm assuming I don't know jack about AD aside from what the GUI shows (and even then...) and I know AD is allot more powerful that what I'm using it for where I work. /curious george mode engages As for my personal hobby at home, I just want the easiest thing to manage. I sometimes add a domain, sometimes a user, sometimes an alias. The reason LDAP appealed to me was that a domain is the root. A user is under that, and the user's special things (like having SSH access, or their own website) could be implemented easily through that (given I wrote some code or did some special things...). Kenny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 11:56 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Stella has been scrounging the dusty antiquarian bookshops in New York and London and has managed to snag a few copies. We'll have a handful of my books available at DEC. For some reason Pearson never wanted to do a 2nd edition. What a bunch of poopy-heads (according to my 4 year old). Yeah, it doesn't sound like Kenny is looking for the programmers end of things. -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:39 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP I recommend your book a lot as well, in fact there is at least one list member that has been trying to buy the darn thing based on my recommendation but can't find it anywhere I have pointed at a couple of resources, it was actually ordered from one resource (ebay) and the member got a note back saying, oh sorry, I haven't had that in stock for over a year So get with it Gil! Reprints! And don't forget about getting me royalties for people I send that way. ;oP Anyway, for this person, I am not sure throwing them into AD programming book is the best course at least initially. :o) It is like someone who wants to use kerberos and you point them at the MIT dist. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 12:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who do
RE: [ActiveDir] Active Directory and LDAP
If it's out of print, Gil should just make the PDF available free to list members online... :-) Unless of course, he's planning to actually DO those reprints and make some money off of them... ** Charlie Kaiser MCSE, CCNA Systems Engineer Essex Credit / Brickwalk 510 595 5083 ** > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of joe > Sent: Monday, March 07, 2005 9:39 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > I recommend your book a lot as well, in fact there is at > least one list > member that has been trying to buy the darn thing based on my > recommendation > but can't find it anywhere I have pointed at a couple of > resources, it > was actually ordered from one resource (ebay) and the member > got a note back > saying, oh sorry, I haven't had that in stock for over a > year So get > with it Gil! Reprints! And don't forget about getting me royalties for > people I send that way. ;oP > > Anyway, for this person, I am not sure throwing them into AD > programming > book is the best course at least initially. :o) It is like > someone who > wants to use kerberos and you point them at the MIT dist. > > joe > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Gil > Kirkpatrick > Sent: Monday, March 07, 2005 12:19 PM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Aww, man... How come my book isn't up there? > > -gil > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of joe > Sent: Monday, March 07, 2005 10:11 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Hey now... Don't forget about Alistair. He did that first > edition himself > and did it well. :) > > The Cat Book rocks. Actually I should get royalties for that > one too, I have > made a bunch of people buy it and have bought and given away > multiple copies > myself. I still have my first copy though it is quite > dog-eared and I put > laminating plastic on the covers so they wouldn't get too torn up. > > Here is the actual AD Org Books link - > http://www.activedir.org/Books.aspx , > actually it would be kind of cool if we could rate them. How > about it Tony? > Have a couple of fields for each, number of people who have > the book, number > of people who recommend it, number of people who don't recommend it. > > I am surprised AD Developers Reference Library by Iseminger > is on the list. > That is a great book but wouldn't expect a lot of the list > users to have > read it. I recall reading it back in like 2001 or so and getting a bit > scared at what a really pissed off AD programmer could pull off. > > > joe > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al > Sent: Monday, March 07, 2005 11:58 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Active Directory and LDAP > > Personally? I like to think of AD as a GUI to Microsoft's > implementation of > LDAP. That simplifies a lot of things for me. However, > there is more to it > than that and the books you ordered should help in clarifying that. > > You don't need to know LDAP to make AD work, but it helps. > It's a great > help to me to understand the differences between Microsoft's > AD and Sun's > implementation of LDAP or IBM's implementation or any of the > others for the > basics. > > When you start getting into managing the directory and the > objects in the > directory, Microsoft really differentiates itself with GPO's and the > multi-master replication and the tools to support the > infrastructure. > > As you're looking at this, remember that name resolution is > one of the most > important things you can deal with when making AD a solid > enterprise app. > > The book from O'Reilly sounds like Robbie's book. I haven't > read it, but > have heard good things about it (what can I say Robbie, I don't have a > budget for it :) If it's not Robbie's book for AD, then it > would be a good > idea to grab that one as well. > http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 > > Sakari Kouti also has written a good book, called, "Inside > Active Directory" > that would be worth picking up. http://www.kouti.com/ >
RE: [ActiveDir] Active Directory and LDAP
I'll probably want programmer side later, when I understand what I'm doing. BTW, someone posted this link: http://www.microsoft.com/windowsserver2003/adam/default.mspx Here is Microsoft's definition: Windows Server 2003 Active Directory Application Mode For organizations that require flexible support for directory-enabled applications, Microsoft has developed Active Directory(r) Application Mode (ADAM). ADAM is a Lightweight Directory Access Protocol (LDAP) directory service that runs as a user service, rather than as a system service. Active Directory Application Mode represents a breakthrough in directory services technology that provides flexibility and helps organizations avoid increased infrastructure costs. My interpreation is: We use LDAP and some other common nifty stuff, but also have our usual secret sauce that makes it special. So, I would then assume that LDAP is a specific section of AD and other parts can (and probably are/will) be included in most domains. I guess my next step is to get a 2k3 active directory book and figure out the different parts of it and get more books from there as needed. Right now I'm assuming I don't know jack about AD aside from what the GUI shows (and even then...) and I know AD is allot more powerful that what I'm using it for where I work. /curious george mode engages As for my personal hobby at home, I just want the easiest thing to manage. I sometimes add a domain, sometimes a user, sometimes an alias. The reason LDAP appealed to me was that a domain is the root. A user is under that, and the user's special things (like having SSH access, or their own website) could be implemented easily through that (given I wrote some code or did some special things...). Kenny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 11:56 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Stella has been scrounging the dusty antiquarian bookshops in New York and London and has managed to snag a few copies. We'll have a handful of my books available at DEC. For some reason Pearson never wanted to do a 2nd edition. What a bunch of poopy-heads (according to my 4 year old). Yeah, it doesn't sound like Kenny is looking for the programmers end of things. -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:39 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP I recommend your book a lot as well, in fact there is at least one list member that has been trying to buy the darn thing based on my recommendation but can't find it anywhere I have pointed at a couple of resources, it was actually ordered from one resource (ebay) and the member got a note back saying, oh sorry, I haven't had that in stock for over a year So get with it Gil! Reprints! And don't forget about getting me royalties for people I send that way. ;oP Anyway, for this person, I am not sure throwing them into AD programming book is the best course at least initially. :o) It is like someone who wants to use kerberos and you point them at the MIT dist. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 12:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir
RE: [ActiveDir] Active Directory and LDAP
One sorta word for you Gil... PDF Toddler -Original Message- From: Gil Kirkpatrick [mailto:[EMAIL PROTECTED] Sent: Monday, March 07, 2005 12:56 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Stella has been scrounging the dusty antiquarian bookshops in New York and London and has managed to snag a few copies. We'll have a handful of my books available at DEC. For some reason Pearson never wanted to do a 2nd edition. What a bunch of poopy-heads (according to my 4 year old). Yeah, it doesn't sound like Kenny is looking for the programmers end of things. -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:39 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP I recommend your book a lot as well, in fact there is at least one list member that has been trying to buy the darn thing based on my recommendation but can't find it anywhere I have pointed at a couple of resources, it was actually ordered from one resource (ebay) and the member got a note back saying, oh sorry, I haven't had that in stock for over a year So get with it Gil! Reprints! And don't forget about getting me royalties for people I send that way. ;oP Anyway, for this person, I am not sure throwing them into AD programming book is the best course at least initially. :o) It is like someone who wants to use kerberos and you point them at the MIT dist. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 12:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP a
RE: [ActiveDir] Active Directory and LDAP
Stella has been scrounging the dusty antiquarian bookshops in New York and London and has managed to snag a few copies. We'll have a handful of my books available at DEC. For some reason Pearson never wanted to do a 2nd edition. What a bunch of poopy-heads (according to my 4 year old). Yeah, it doesn't sound like Kenny is looking for the programmers end of things. -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:39 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP I recommend your book a lot as well, in fact there is at least one list member that has been trying to buy the darn thing based on my recommendation but can't find it anywhere I have pointed at a couple of resources, it was actually ordered from one resource (ebay) and the member got a note back saying, oh sorry, I haven't had that in stock for over a year So get with it Gil! Reprints! And don't forget about getting me royalties for people I send that way. ;oP Anyway, for this person, I am not sure throwing them into AD programming book is the best course at least initially. :o) It is like someone who wants to use kerberos and you point them at the MIT dist. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 12:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book
RE: [ActiveDir] Active Directory and LDAP
Potatoe/Potato sort of thing. It is LDAP and it is an upgrade path from legacy systems such as WINNT. How you use it plays a part. If you use it as a LDAP directory, then it *is* a LDAP directory right? If you use it as a WINNT 5.x domain, then it *is* a WINNT 5.x domain. To say it's a GUI for ldap is one way to look at it as Gil alluded to; you can maintain AD 95% of the time with command line (using built in tools) vs. GUI. It is LDAP at it's core with a lot of other features added on to make it useable for new as well as legacy apps. Kind of like Apple OS is a GUI for BSD ;) Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Monday, March 07, 2005 12:36 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP joe wrote: > O'Reilly's Active Directory book is a good primer. That is the first > AD book I read (it was first edition back then though). Once you have > the basics down I would recommend moving into Active Directory > Cookbook also by O'Reilly and Inside Active Directory, 2e from > Addison-Wesley; both excellent books with very different goals. The > cookbook gives you "recipes" for getting common tasks done. Inside AD > is a great book for understanding a lot of the details. It is probably > the only book I have tech reviewed where I was often saying... "Wow, I > didn't know that" followed quickly by, "How did Mika and Sakari get > this info?". > It was my impression that AD is MS's version of a ldap dir sevice with certain properitary schema to allow for MS specific objects/attributes and Kerberos realms in place of domains to allow for transisitve trusts and mutal auth with support for external domain trusts and ntlm only for backwards compatibilty. And aside from the schema additions and a different replication topolgy and the way the dir is sliced and diced(config namming context,domain namming context,etc), its a true ldap server no different from NDS or Open-LDAP. Esp since win2k3 and the InterOrgPerson. Am I totally off base here? Its def not a gui for ldap but just a ldap server with those changes/mods > Active Directory is the implementation of the Windows Domain > environment. It incorporates Kerberos and LDAP and other technologies > to provide domain and directory services. > > I guess I can see where people could come to the same conclusion that > AD is simply a GUI, but it is much more than that and in fact, you > don't even have to use GUI tools to work on it, though for many it is > much easier to do so. I spend most of my AD time not in the GUI, > though others spend all of their AD time in the GUI. Depends on the > person and what they have to accomplish and what tools they have in > their toolbox to accomplish it. > > joe > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann > Sent: Monday, March 07, 2005 11:41 AM > To: ActiveDir@mail.activedir.org > Subject: [ActiveDir] Active Directory and LDAP > > I don't understand LDAP and Active Directory as much as I should. > So, I've ordered 2 LDAP books (O'Reilly and another) to learn. > I'm curious as to how much LDAP and Active Directory have in common. > Is AD just a GUI for LDAP? > Perhaps there is a book everyone here recommends or will my LDAP books > hopefully cover enough so I could be able to feel my way around Active > Directory good enough? > > Doing a search with the word 'book' gives a ton of irrelvent searches > in the archives. > I saw one book but it's out of print. > > Kenny Mann > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
Certainly didn't want to imply... Maybe it's time for the next book? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 12:37 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Yeah, well there's that... But that doesn't mean it isn't *good* :) -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 10:28 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP The one that's out of print? http://www.amazon.com/gp/product/product-description/0672315874/103-8355 416-0173405?_encoding=UTF8&n=283155 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 12:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ
RE: [ActiveDir] Active Directory and LDAP
Simple to think out You doing mostly reads of string data, go LDAP. You doing mostly writes go SQL. You want fast complicated adhoc queries, business rules, triggers, searching of binary data, etc, go SQL. To play with AD, you don't need to spin up a domain controller, go grab AD/AM and play with it. The bar is much lower to play with it though the tools to work with it aren't quite as nice yet - i.e. no ADUC. http://www.microsoft.com/windowsserver2003/adam/default.mspx joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 12:24 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Ahh, thank you very much (both of you). Strange. Ad.org's site seems to noe be responding. Here's the story. As a personal hobby I run a a few domains. I used the Gentoo Virtual Hosts setup. I'm currently writing my own but that's besides the point. It uses MySQL as a database. I get curious and start poking around LDAP wondering if LDAP would be better than MySQL. I have a Windows 2003 AD at my place of employment, so I start poking around to see some stuff and realize that any changes I make could break things. So, I'm going to setup a Linux and Windows 2k3 test lab at home to play with it. Now I know I should get books on both LDAP and AD. Since I have some LDAP, I'll start looking at AD books. I really don't know what career I want in life, so I'm currently poking and stabbing thigns just to learn and see what I like. I really appreicate your advice! Kenny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common
RE: [ActiveDir] Active Directory and LDAP
I recommend your book a lot as well, in fact there is at least one list member that has been trying to buy the darn thing based on my recommendation but can't find it anywhere I have pointed at a couple of resources, it was actually ordered from one resource (ebay) and the member got a note back saying, oh sorry, I haven't had that in stock for over a year So get with it Gil! Reprints! And don't forget about getting me royalties for people I send that way. ;oP Anyway, for this person, I am not sure throwing them into AD programming book is the best course at least initially. :o) It is like someone who wants to use kerberos and you point them at the MIT dist. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 12:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-arc
RE: [ActiveDir] Active Directory and LDAP
Yeah, well there's that... But that doesn't mean it isn't *good* :) -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 10:28 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP The one that's out of print? http://www.amazon.com/gp/product/product-description/0672315874/103-8355 416-0173405?_encoding=UTF8&n=283155 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 12:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http:/
RE: [ActiveDir] Active Directory and LDAP
joe wrote: > O'Reilly's Active Directory book is a good primer. That is the first > AD book I read (it was first edition back then though). Once you have > the basics down I would recommend moving into Active Directory > Cookbook also by O'Reilly and Inside Active Directory, 2e from > Addison-Wesley; both excellent books with very different goals. The > cookbook gives you "recipes" for getting common tasks done. Inside AD > is a great book for understanding a lot of the details. It is > probably the only book I have tech reviewed where I was often > saying... "Wow, I didn't know that" followed quickly by, "How did > Mika and Sakari get this info?". > It was my impression that AD is MS's version of a ldap dir sevice with certain properitary schema to allow for MS specific objects/attributes and Kerberos realms in place of domains to allow for transisitve trusts and mutal auth with support for external domain trusts and ntlm only for backwards compatibilty. And aside from the schema additions and a different replication topolgy and the way the dir is sliced and diced(config namming context,domain namming context,etc), its a true ldap server no different from NDS or Open-LDAP. Esp since win2k3 and the InterOrgPerson. Am I totally off base here? Its def not a gui for ldap but just a ldap server with those changes/mods > Active Directory is the implementation of the Windows Domain > environment. It incorporates Kerberos and LDAP and other technologies > to provide domain and directory services. > > I guess I can see where people could come to the same conclusion that > AD is simply a GUI, but it is much more than that and in fact, you > don't even have to use GUI tools to work on it, though for many it is > much easier to do so. I spend most of my AD time not in the GUI, > though others spend all of their AD time in the GUI. Depends on the > person and what they have to accomplish and what tools they have in > their toolbox to accomplish it. > > joe > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann > Sent: Monday, March 07, 2005 11:41 AM > To: ActiveDir@mail.activedir.org > Subject: [ActiveDir] Active Directory and LDAP > > I don't understand LDAP and Active Directory as much as I should. > So, I've ordered 2 LDAP books (O'Reilly and another) to learn. > I'm curious as to how much LDAP and Active Directory have in common. > Is AD just a GUI for LDAP? > Perhaps there is a book everyone here recommends or will my LDAP books > hopefully cover enough so I could be able to feel my way around Active > Directory good enough? > > Doing a search with the word 'book' gives a ton of irrelvent searches > in the archives. > I saw one book but it's out of print. > > Kenny Mann > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
Great way to do it. For what it's worth, anytime you're trying to decide between SQL-type DB's and LDAP, the usual differentiator is how you intend to use it. LDAP is highly-optimized for read access. SQL db's typically are more read/write (compared) optimized since you inject data into them and then process it. SQL db's also are useful for reporting and such. They're both DB's in the truest sense of the word. Different intended uses. Good luck, Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 12:24 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Ahh, thank you very much (both of you). Strange. Ad.org's site seems to noe be responding. Here's the story. As a personal hobby I run a a few domains. I used the Gentoo Virtual Hosts setup. I'm currently writing my own but that's besides the point. It uses MySQL as a database. I get curious and start poking around LDAP wondering if LDAP would be better than MySQL. I have a Windows 2003 AD at my place of employment, so I start poking around to see some stuff and realize that any changes I make could break things. So, I'm going to setup a Linux and Windows 2k3 test lab at home to play with it. Now I know I should get books on both LDAP and AD. Since I have some LDAP, I'll start looking at AD books. I really don't know what career I want in life, so I'm currently poking and stabbing thigns just to learn and see what I like. I really appreicate your advice! Kenny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is
RE: [ActiveDir] Active Directory and LDAP
Sorry, all three of you :-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:24 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Ahh, thank you very much (both of you). Strange. Ad.org's site seems to noe be responding. Here's the story. As a personal hobby I run a a few domains. I used the Gentoo Virtual Hosts setup. I'm currently writing my own but that's besides the point. It uses MySQL as a database. I get curious and start poking around LDAP wondering if LDAP would be better than MySQL. I have a Windows 2003 AD at my place of employment, so I start poking around to see some stuff and realize that any changes I make could break things. So, I'm going to setup a Linux and Windows 2k3 test lab at home to play with it. Now I know I should get books on both LDAP and AD. Since I have some LDAP, I'll start looking at AD books. I really don't know what career I want in life, so I'm currently poking and stabbing thigns just to learn and see what I like. I really appreicate your advice! Kenny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http
RE: [ActiveDir] Active Directory and LDAP
The one that's out of print? http://www.amazon.com/gp/product/product-description/0672315874/103-8355416- 0173405?_encoding=UTF8&n=283155 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Monday, March 07, 2005 12:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
Ahh, thank you very much (both of you). Strange. Ad.org's site seems to noe be responding. Here's the story. As a personal hobby I run a a few domains. I used the Gentoo Virtual Hosts setup. I'm currently writing my own but that's besides the point. It uses MySQL as a database. I get curious and start poking around LDAP wondering if LDAP would be better than MySQL. I have a Windows 2003 AD at my place of employment, so I start poking around to see some stuff and realize that any changes I make could break things. So, I'm going to setup a Linux and Windows 2k3 test lab at home to play with it. Now I know I should get books on both LDAP and AD. Since I have some LDAP, I'll start looking at AD books. I really don't know what career I want in life, so I'm currently poking and stabbing thigns just to learn and see what I like. I really appreicate your advice! Kenny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 11:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http:/
RE: [ActiveDir] Active Directory and LDAP
Aww, man... How come my book isn't up there? -gil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 10:11 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
Didn't forget, just haven't heard of it. I will remember now though :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, March 07, 2005 12:11 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
Hey now... Don't forget about Alistair. He did that first edition himself and did it well. :) The Cat Book rocks. Actually I should get royalties for that one too, I have made a bunch of people buy it and have bought and given away multiple copies myself. I still have my first copy though it is quite dog-eared and I put laminating plastic on the covers so they wouldn't get too torn up. Here is the actual AD Org Books link - http://www.activedir.org/Books.aspx , actually it would be kind of cool if we could rate them. How about it Tony? Have a couple of fields for each, number of people who have the book, number of people who recommend it, number of people who don't recommend it. I am surprised AD Developers Reference Library by Iseminger is on the list. That is a great book but wouldn't expect a lot of the list users to have read it. I recall reading it back in like 2001 or so and getting a bit scared at what a really pissed off AD programmer could pull off. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, March 07, 2005 11:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Active Directory and LDAP Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
To get a basic understanding of what AD is and how it relates to LDAP, see But briefly, Active Directory is a multi-master directory service that is tightly integrated with the Windows security system. LDAP is a standardized protocol that defines how programs on a network can communicate with a directory server. Active Directory supports the LDAP protocol, along with several other protocols, e.g. Kerberos, NTLM, etc. Active Directory ships with several GUI based management programs, but Active Directory is certainly not a "GUI for LDAP". The "What is Active Directory" section of this doc: http://www.microsoft.com/WindowsServer2003/techinfo/overview/adsmallbiz. mspx is a pretty good overview. This document describes Active Directory's LDAP compliance: http://download.microsoft.com/download/d/c/8/dc83e0b8-fc2c-4af4-bd27-45b 5963ad98d/AD%20LDAP%20Compliance.doc. -gil Gil Kirkpatrick CTO, NetPro "To fly, flip away backhanded. Flat flip flies straight. Tilted flip curves. Experiment!" -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 9:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
O'Reilly's Active Directory book is a good primer. That is the first AD book I read (it was first edition back then though). Once you have the basics down I would recommend moving into Active Directory Cookbook also by O'Reilly and Inside Active Directory, 2e from Addison-Wesley; both excellent books with very different goals. The cookbook gives you "recipes" for getting common tasks done. Inside AD is a great book for understanding a lot of the details. It is probably the only book I have tech reviewed where I was often saying... "Wow, I didn't know that" followed quickly by, "How did Mika and Sakari get this info?". Active Directory is the implementation of the Windows Domain environment. It incorporates Kerberos and LDAP and other technologies to provide domain and directory services. I guess I can see where people could come to the same conclusion that AD is simply a GUI, but it is much more than that and in fact, you don't even have to use GUI tools to work on it, though for many it is much easier to do so. I spend most of my AD time not in the GUI, though others spend all of their AD time in the GUI. Depends on the person and what they have to accomplish and what tools they have in their toolbox to accomplish it. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory and LDAP
Personally? I like to think of AD as a GUI to Microsoft's implementation of LDAP. That simplifies a lot of things for me. However, there is more to it than that and the books you ordered should help in clarifying that. You don't need to know LDAP to make AD work, but it helps. It's a great help to me to understand the differences between Microsoft's AD and Sun's implementation of LDAP or IBM's implementation or any of the others for the basics. When you start getting into managing the directory and the objects in the directory, Microsoft really differentiates itself with GPO's and the multi-master replication and the tools to support the infrastructure. As you're looking at this, remember that name resolution is one of the most important things you can deal with when making AD a solid enterprise app. The book from O'Reilly sounds like Robbie's book. I haven't read it, but have heard good things about it (what can I say Robbie, I don't have a budget for it :) If it's not Robbie's book for AD, then it would be a good idea to grab that one as well. http://www.amazon.com/exec/obidos/ASIN/0596004664/103-8355416-0173405 Sakari Kouti also has written a good book, called, "Inside Active Directory" that would be worth picking up. http://www.kouti.com/ You should be able to find some other information about books at http://www.activedir.org Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenny Mann Sent: Monday, March 07, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Active Directory and LDAP I don't understand LDAP and Active Directory as much as I should. So, I've ordered 2 LDAP books (O'Reilly and another) to learn. I'm curious as to how much LDAP and Active Directory have in common. Is AD just a GUI for LDAP? Perhaps there is a book everyone here recommends or will my LDAP books hopefully cover enough so I could be able to feel my way around Active Directory good enough? Doing a search with the word 'book' gives a ton of irrelvent searches in the archives. I saw one book but it's out of print. Kenny Mann List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/