All user accounts have the necessary access, assuming it's only doing inquiries.
You PROBABLY need to use either the UPN or the DOMAIN\USERNAME syntax to connect. Some really stupid appliances require you to specify the entire distinguishedName to the user object. For example CN=ldapReader,CN=Users,DC=Example,DC=COM. The search base is either your domain (DC=Example,DC=COM) or the OU where you EXCLUSIVELY put users (OU=MyUsers,OU=SBS,DC=Example,DC=COM). Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Steve Hart [mailto:sh...@wrightbg.com] Sent: Thursday, December 16, 2010 1:18 PM To: MS-Exchange Admin Issues Subject: Connecting to LDAP I'm setting up a spam appliance that needs to talk to AD for recipient verification and login authentication. So far, the only user name that I've been able to connect with is administrator. Is there a built in user account that has the right permissions short of administrator? On the other hand, what permissions are necessary in a user account? What should the LDAP search base be? --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist