Solved

Accessing LDAP on windows 2000 server problem

Posted on 2004-09-23
8
201 Views
Last Modified: 2010-04-14
Hiya we are running windows 2000 SBS, and use active directory, we have a spam filter for for our exchange which can connect to active directory to deny any email automatically to an address which doesnt match AD. This doesnt appear to work. So i did a test by on my workstation going to ldap://sbs200 (server name) and popped up the search name, and i get an error when i hit search saying could not be performed blah blah operation error.. If anybody could help me to make sure its working ok and not the filters problems. I run ISA server 2000 could that be causing a problem with LDAP axxs??

I run both isa, PDC on the same Machine.

Regards

Adept22
0
Comment
Question by:adept22
  • 5
  • 3
8 Comments
 
LVL 3

Expert Comment

by:markoid
ID: 12140668
Dont worry about that ldap test...
If you use the ldp command and connect from a remote machine you can connect to your directory ok

Here is how to look up a user using ldp.exe http://support.microsoft.com/?kbid=224543

Do you have a third party spam filter or do you use exchange ?
If it is a third party app how do you tell it where to get its directory info ?

0
 

Author Comment

by:adept22
ID: 12140772
OK i didnt know bout the LDP command. i tried that and connected to the server but it didnt work

ld = ldap_open("sbs2000", 389);
Error <0x0>: Fail to connect to sbs2000.

AD is obviously working coz logons work ok and computersa re connected to domain etc. seems to be a problem  connecting to it.

I use a ORFilter, in the options you enter your LDAP:\\sbs2000 string to tell it where to get the info from.

thats why i was thinking it might be isa server blocking the request but its over the lan so it should be trusted for that  range of ip's.. Im stuffed.
0
 
LVL 3

Expert Comment

by:markoid
ID: 12140818
if you ping sbs2000 you get a reply right ?
Wat about connecting using the IP
if you telnet to the port ie - telnet sbs2000 389 does it tell you connection refused or does it just sit and do nothing ?

Try the IP in ORFilter of the FQDN ie -  sbs2000.abc.com
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 3

Expert Comment

by:markoid
ID: 12140827
Your isa server maybe blocking port 389 which is used for LDAP

common ports for exchange

UDP/TCP 53 (DNS)
UDP/TCP 88 (Kerberos authentication)
TCP 123 (Network Time Protocol—NTP) This is necessary only to synchronize the time of the Exchange server with your internal network, which is required for Kerberos authentication.
TCP 135 (DEC Endpoint Resolution, also known as RPC Endpoint Mapper)
UDP/TCP 389 (LDAP Access)
TCP 445 (Microsoft Directory Service)
TCP 3268 (LDAP to global catalog servers)
0
 

Author Comment

by:adept22
ID: 12150024
How do i ensure they are enabled? is the the packet filters for isa i need to be checking?

Cheers
Adept22
0
 
LVL 3

Expert Comment

by:markoid
ID: 12150192
Try telnetting to each port if it says connection refused you know the port is blocked.

from a cmd line type TELNET SBS2000 53

That will telnet to port 53....If it is open it will probably not do alot except maybe sit with a flashing couser(spelling) If it it blocked it will say connection refused.
0
 

Author Comment

by:adept22
ID: 12177484
Ok ive telnetted into the box and all the ports are open. it comes up with just the flashing cursor.
0
 
LVL 3

Accepted Solution

by:
markoid earned 75 total points
ID: 12188427
ok

Should the \\ after LDAP not be // slashes does this make a difference ?
Have you tried the IP address of the server in ORfilter ie -  LDAP://***.***.***.***
Have you tried the FQDN of the server in ORfilter ie -  LDAP://SBS200.abc.com

Another tool you may find useful to query ports is here
http://support.microsoft.com/default.aspx?kbid=832919
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Block EXEs from running on shared NTFS folder 3 429
Windows server 2000 : Windows cannot access the specified device, path or file 5 831
Windows 16 350
windows explorer 21 179
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Use Windows Task Scheduler to print a Word document weekly so your printer ink won't dry out.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question