LDAP setup question

Posted on 2008-11-04
Last Modified: 2009-01-12
I finally managed to get rid of that bastardized bunch o bits that has been plaguing admins for years, Exchange.  But, the users have grown attached to the GAL, and are whining about the notion of maintaining their own address books.  So, I enabled LDAP on our 2003 x64 domain controller with active directory.  

When I configure a client to look at "users", nothing appears in the address lookups.  I created another group in AD called Contacts, and placed a couple of dummy, test users in there.  They show when the client is set to look at "contacts".

Is there something keeping LDAP and the clients from reading/seeing/using "users"?  With the turnover rate in a non-profit, particularly one as seasonally active as a zoo, it would be great if I didn't have to do double duty creating the user entries twice, so I'd really like to be able to use the "user" group in AD.

Clients are Outlook 2003/2007 and Thunderbird, if it matters.
Question by:knoxzoo
    LVL 76

    Expert Comment

    by:David Lee
    Hi, knoxzoo.

    Two questions.

    1.  Do the users have sufficient permissions to see Users?
    2.  What does the LDAP connection string look like?
    LVL 11

    Author Comment

    Right now I'm testing it out on my machine, and have my intern testing on his.  Both users have full admin privies for the domain, and do most of the domain admin stuff from our workstations.

    (generic names used below)

    In Thunderbird:

    Hostname - server.domain.suffix
    Port - 389
    Bind DN - MyUsername@domain.suffix

    This works...

    This doesn't...

    I'm using Thunderbird exclusively on my machine (hate Outleak), so my intern's doing the Outleak thing, along with Thunderbird.  I'll have to get the Outleak stuff from him.  Unfortunately, he's in class today, so it'll have to wait.
    LVL 76

    Expert Comment

    by:David Lee
    For Users, isn't the LDAP path
    LVL 11

    Author Comment

    That didn't work either.
    LVL 11

    Accepted Solution

    I found it.

    The instructions in here did it.  It seems to me that we'd tried everything shown here before, but for some reason, this all worked.

    Thanks for trying folks.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
    Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now