Solved

Accessing LDAP on windows 2000 server problem

Posted on 2004-09-23
8
198 Views
Last Modified: 2010-04-14
Hiya we are running windows 2000 SBS, and use active directory, we have a spam filter for for our exchange which can connect to active directory to deny any email automatically to an address which doesnt match AD. This doesnt appear to work. So i did a test by on my workstation going to ldap://sbs200 (server name) and popped up the search name, and i get an error when i hit search saying could not be performed blah blah operation error.. If anybody could help me to make sure its working ok and not the filters problems. I run ISA server 2000 could that be causing a problem with LDAP axxs??

I run both isa, PDC on the same Machine.

Regards

Adept22
0
Comment
Question by:adept22
  • 5
  • 3
8 Comments
 
LVL 3

Expert Comment

by:markoid
ID: 12140668
Dont worry about that ldap test...
If you use the ldp command and connect from a remote machine you can connect to your directory ok

Here is how to look up a user using ldp.exe http://support.microsoft.com/?kbid=224543

Do you have a third party spam filter or do you use exchange ?
If it is a third party app how do you tell it where to get its directory info ?

0
 

Author Comment

by:adept22
ID: 12140772
OK i didnt know bout the LDP command. i tried that and connected to the server but it didnt work

ld = ldap_open("sbs2000", 389);
Error <0x0>: Fail to connect to sbs2000.

AD is obviously working coz logons work ok and computersa re connected to domain etc. seems to be a problem  connecting to it.

I use a ORFilter, in the options you enter your LDAP:\\sbs2000 string to tell it where to get the info from.

thats why i was thinking it might be isa server blocking the request but its over the lan so it should be trusted for that  range of ip's.. Im stuffed.
0
 
LVL 3

Expert Comment

by:markoid
ID: 12140818
if you ping sbs2000 you get a reply right ?
Wat about connecting using the IP
if you telnet to the port ie - telnet sbs2000 389 does it tell you connection refused or does it just sit and do nothing ?

Try the IP in ORFilter of the FQDN ie -  sbs2000.abc.com
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 3

Expert Comment

by:markoid
ID: 12140827
Your isa server maybe blocking port 389 which is used for LDAP

common ports for exchange

UDP/TCP 53 (DNS)
UDP/TCP 88 (Kerberos authentication)
TCP 123 (Network Time Protocol—NTP) This is necessary only to synchronize the time of the Exchange server with your internal network, which is required for Kerberos authentication.
TCP 135 (DEC Endpoint Resolution, also known as RPC Endpoint Mapper)
UDP/TCP 389 (LDAP Access)
TCP 445 (Microsoft Directory Service)
TCP 3268 (LDAP to global catalog servers)
0
 

Author Comment

by:adept22
ID: 12150024
How do i ensure they are enabled? is the the packet filters for isa i need to be checking?

Cheers
Adept22
0
 
LVL 3

Expert Comment

by:markoid
ID: 12150192
Try telnetting to each port if it says connection refused you know the port is blocked.

from a cmd line type TELNET SBS2000 53

That will telnet to port 53....If it is open it will probably not do alot except maybe sit with a flashing couser(spelling) If it it blocked it will say connection refused.
0
 

Author Comment

by:adept22
ID: 12177484
Ok ive telnetted into the box and all the ports are open. it comes up with just the flashing cursor.
0
 
LVL 3

Accepted Solution

by:
markoid earned 75 total points
ID: 12188427
ok

Should the \\ after LDAP not be // slashes does this make a difference ?
Have you tried the IP address of the server in ORfilter ie -  LDAP://***.***.***.***
Have you tried the FQDN of the server in ORfilter ie -  LDAP://SBS200.abc.com

Another tool you may find useful to query ports is here
http://support.microsoft.com/default.aspx?kbid=832919
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Learn how the use of a bunch of disparate tools requiring a lot of manual attention led to a series of unfortunate backup events for one company.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now