[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 218
  • Last Modified:

Accessing LDAP on windows 2000 server problem

Hiya we are running windows 2000 SBS, and use active directory, we have a spam filter for for our exchange which can connect to active directory to deny any email automatically to an address which doesnt match AD. This doesnt appear to work. So i did a test by on my workstation going to ldap://sbs200 (server name) and popped up the search name, and i get an error when i hit search saying could not be performed blah blah operation error.. If anybody could help me to make sure its working ok and not the filters problems. I run ISA server 2000 could that be causing a problem with LDAP axxs??

I run both isa, PDC on the same Machine.

Regards

Adept22
0
adept22
Asked:
adept22
  • 5
  • 3
1 Solution
 
markoidCommented:
Dont worry about that ldap test...
If you use the ldp command and connect from a remote machine you can connect to your directory ok

Here is how to look up a user using ldp.exe http://support.microsoft.com/?kbid=224543

Do you have a third party spam filter or do you use exchange ?
If it is a third party app how do you tell it where to get its directory info ?

0
 
adept22Author Commented:
OK i didnt know bout the LDP command. i tried that and connected to the server but it didnt work

ld = ldap_open("sbs2000", 389);
Error <0x0>: Fail to connect to sbs2000.

AD is obviously working coz logons work ok and computersa re connected to domain etc. seems to be a problem  connecting to it.

I use a ORFilter, in the options you enter your LDAP:\\sbs2000 string to tell it where to get the info from.

thats why i was thinking it might be isa server blocking the request but its over the lan so it should be trusted for that  range of ip's.. Im stuffed.
0
 
markoidCommented:
if you ping sbs2000 you get a reply right ?
Wat about connecting using the IP
if you telnet to the port ie - telnet sbs2000 389 does it tell you connection refused or does it just sit and do nothing ?

Try the IP in ORFilter of the FQDN ie -  sbs2000.abc.com
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

 
markoidCommented:
Your isa server maybe blocking port 389 which is used for LDAP

common ports for exchange

UDP/TCP 53 (DNS)
UDP/TCP 88 (Kerberos authentication)
TCP 123 (Network Time Protocol—NTP) This is necessary only to synchronize the time of the Exchange server with your internal network, which is required for Kerberos authentication.
TCP 135 (DEC Endpoint Resolution, also known as RPC Endpoint Mapper)
UDP/TCP 389 (LDAP Access)
TCP 445 (Microsoft Directory Service)
TCP 3268 (LDAP to global catalog servers)
0
 
adept22Author Commented:
How do i ensure they are enabled? is the the packet filters for isa i need to be checking?

Cheers
Adept22
0
 
markoidCommented:
Try telnetting to each port if it says connection refused you know the port is blocked.

from a cmd line type TELNET SBS2000 53

That will telnet to port 53....If it is open it will probably not do alot except maybe sit with a flashing couser(spelling) If it it blocked it will say connection refused.
0
 
adept22Author Commented:
Ok ive telnetted into the box and all the ports are open. it comes up with just the flashing cursor.
0
 
markoidCommented:
ok

Should the \\ after LDAP not be // slashes does this make a difference ?
Have you tried the IP address of the server in ORfilter ie -  LDAP://***.***.***.***
Have you tried the FQDN of the server in ORfilter ie -  LDAP://SBS200.abc.com

Another tool you may find useful to query ports is here
http://support.microsoft.com/default.aspx?kbid=832919
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now