From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Thursday, 30 August 2012 10:35 PM
To: NT System Admin Issues
Subject: RE: LDAP authentication across external trust
Yes Ken you have summed it up correctly. Never had to do something like this
before, but find it odd that this
;
>
>
>
>
>
>
> From: Ken Schaefer
> To:"NT System Admin Issues" >
> Date:08/29/2012 10:09 PM
> Subject:RE: LDAP authentication across external trust
> --
>
>
>
> Unless I’m reading your setu
ngineering Services
Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com
The Guardian Life Insurance Company of America
www.guardianlife.com
From: Ken Schaefer
To: "NT System Admin Issues"
Date: 08/29/2012 10:09 PM
Subject:RE:
c.com]
Sent: Thursday, 30 August 2012 7:16 AM
To: NT System Admin Issues
Subject: Re: LDAP authentication across external trust
Sorry ... separate forests. (acme.com and widgets.com)
Christopher Bodnar
Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture
and Engine
If it's a pure-LDAP application, you'll want to point it to a Domain A DC,
using a Domain A service account for the administrative bind.
Do *not* use the round-robin domain name A record for a plain-old-LDAP
application unless you have only one site with DCs in it.
I've set up (and programmed) ma
Insurance Company of America
www.guardianlife.com
From: Don Kuhlman
To: "NT System Admin Issues"
Date: 08/29/2012 04:59 PM
Subject: Re: LDAP authentication across external trust
Hi Chris. Are they in the same Forest or separate ? eg
domaina.compa
Hi Chris. Are they in the same Forest or separate ? eg domaina.company.com and domainb.company.com or domaina.com an domainb.com ?Don KFrom: Christopher Bodnar To: NT System Admin Issues Sent: Wednesday, August 29, 2012 2:08 PM Subject: LDAP authentication across external trust
We h
that depends to a certain degree how you are going to do it.
for example, using OpenDSObject() would just fail if the passed username and
password aren't proper.
but a strict answer to your question is "read" i believe.
From: Kennedy, Jim [kennedy...@elyriaschoo
PROTECTED]
Sent: Wednesday, 8 October 2008 8:53 AM
To: NT System Admin Issues
Subject: RE: LDAP authentication failures / logging
Thanks! FWIW I just tried ADFIND and forced it to fail, but it produced no
logging in my machine application log (or any other) logs on my local system.
Dave
From: Michae
Thanks! FWIW I just tried ADFIND and forced it to fail, but it produced no
logging in my machine application log (or any other) logs on my local system.
Dave
From: Michael B. Smith [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 07, 2008 2:12 PM
To: NT System Admin Issues
Subject: RE: LDAP
, October 07, 2008 4:12 PM
To: NT System Admin Issues
Subject: RE: LDAP authentication failures / logging
No, it's not a DC level error, it's an application level error. The
application should log the error, not the DC.
You can use netmon or wireshark to monitor ldap traffic.
I
No, it's not a DC level error, it's an application level error. The
application should log the error, not the DC.
You can use netmon or wireshark to monitor ldap traffic.
I think you can turn up LDAP debugging to such a ridiculous level that those
get logged, but you'll flood your DCs.
12 matches
Mail list logo
