LDAP and Active Directory
Often the hard part of connecting to AD using LDAP is determining the FDN of the user to login with.Active Directory Functional Levels
Microsoft Active Directory Cool Things
Microsoft Active Directory Anomalies
How to view and set LDAP policy in Active Directory by using Ntdsutil.exe
This step-by-step article describes how to manage Lightweight Directory Access Protocol (LDAP) policies by using the Ntdsutil.exe tool.
To make sure that domain controllers can support service-level guarantees, you must specify operational limits for a number of LDAP operations. These limits prevent specific operations from adversely affecting the performance of the server, and also make the server more resilient to some types of attacks.
LDAP policies are implemented by using objects of the queryPolicy class. Query Policy objects can be created in the Query Policies container, which is a child of the Directory Service container in the configuration naming context. For example: cn=Query-Policies, cn=Directory Service, cn=Windows NT, cn=Services configuration naming context.
LDAP Query Result Size, MaxPageSize, is one common setting that people have problems.
Active Directory Groups
Some information on AD GroupsUser-Account-Control Attribute
AD Ports
This is a short summary, for the full details see: Active Directory and Active Directory Domain Services Port Requirements
- 379: LDAP – Site Replication Service
- 389: LDAP
- 636: LDAP (SSL)
- 3268: LDAP – Global Catalog
- 3269: LDAP (SSL) – Global Catalog (SSL)
Ambiguous Name Resolution
How ANR works and how you can use it.LDAP Queries and Filters-AD
Often the hard part of using LDAP to connect to AD is determining the FDN of the user to login with.Once you get past that, it is just LDAP. But there are some special AD LDAP search filters that can help.