Here's what we do:
1. Have a script that goes through all users in the FERPA OU and remove the
ACE for Authenticated Users.
2. The account provisiong system uses a GUID for the CN instead of the
standard First+Last or username. This is necessary because even with step 1
you can still list the
Couple of things to get you started down the right path:
1) ldap is not an authentication protocol. Remember that as there will be a test later.
2) NTDSUTIL is not the tool to test with. LDP.EXE or one of the joeware tools might be better. There are several freeware tools that are also out
for the reply.
Al
-Original Message-
From: Al Mulnick [mailto:[EMAIL PROTECTED]
Sent: Monday, July 24, 2006 12:59
PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] LDAP
Queries across WAN links
Couple of things to get you started down the right
path:
1) ldap
://www.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Al
GarrettSent: Monday, July 24, 2006 4:16 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] LDAP Queries
across WAN links
I should have answered
my own post, my apologies for being slack
Subject: RE: [ActiveDir] LDAP queries
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Harding, Devon
Sent: Thursday, May 11, 2006 3:03 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] LDAP queries
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Harding,
DevonSent: Thursday, May 11, 2006 3:03 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] LDAP
queries
Browser/editor, it returns only 1000 entries.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joe
Sent: Monday, May 08, 2006 5:22 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] LDAP queries
I am not familiar with the device, does
I'm using LDAP Browser/Editor (http://www-unix.mcs.anl.gov/~gawor/ldap/)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
Sent: Thursday, May 11, 2006 1:32 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] LDAP queries
Which browser
PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Monday, May 08, 2006 5:22 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] LDAP
queries
I am not familiar with
the device, does it pull the objects locally and keep in some sort of cache
: Monday, May 08, 2006 5:22
PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] LDAP
queries
I am not
familiar with the device, does it pull the objects locally and keep in some sort
of cache or ???
Note that
you will need to be searching the GC port to find anything since you have
, 2006 5:35 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] LDAP
queries
Is there a search limit
on Global Catalogs? The problem I could be having is that this Symantec
appliance is limited to a 10,000 object search.
When I use LDAP
Browser/editor, it returns only 1000 entries
Not an answer, but another question. Do any
of those queries find contact objects or do you not use them?
Bryan Lucas
Server Administrator
Texas Christian University
(817) 257-6971
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Harding, Devon
Sent:
] On Behalf Of Lucas, Bryan
Sent: Monday, May 08, 2006 4:48 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] LDAP
queries
Not an answer, but
another question. Do any of those queries find contact objects or do you
not use them?
Bryan
Lucas
I am not familiar with the device, does it pull the objects
locally and keep in some sort of cache or ???
Note that you will need to be searching the GC port to find
anything since you have stuff across multiple domains. So find the way to
specify port and say 3268 (or 3269 if you want SSL
Title: LDAP Queries
Here's
a good whitepaper from Microsoft.
http://www.microsoft.com/windows2000/techinfo/howitworks/activedirectory/ldap.asp
Also,
have a look at the LDAP section of the links page at http://www.activedir.org/links.htm
Tony
-Original Message-From:
[EMAIL
15 matches
Mail list logo