[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 527
  • Last Modified:

Troubleshooting LDAP query tool

Hi All,

My domain is emea.kam.com, within the kam.com forest. We have another domain name us.kam.com

There is a universal security group that a department wants to get membership for repeatedly. One of their vendors has provided them with a tool to do this.

Unfortunately, the tool doesn't pull all the members from us.kam.com out for some reason.

The search root is: dc=kam, dc=com
LDAP server: ukgc1
Port: 3268

If I use the same settings on the another LDAP query tool (the brilliant Quest Powershell tool) then it works fine, so it's defo a problem with the original tool (Tool1).

One thing I notice on Tool1 is that I can view the search query 'area'...i.e. if I enter a DC, it bring ups up the DC graphically and it's OU's (as you see in ADUC)....however, the Naming Context is dc=emea., dc=kam, dc=com even though I am selecting the search root at the forest root. Is this to be expected?

Also, there is a drop down menu by the DC icon, and I can see, cn=configuration and cn=schema.

Should I be expecting to see cn=domain as well?

Just trying to figure out where the problem with Tool1 is!

Thanks for any help in advance!
0
kam_uk
Asked:
kam_uk
  • 2
1 Solution
 
Chris DentPowerShell DeveloperCommented:

> Should I be expecting to see cn=domain as well?

Nope :)

It does sound like it's incorrectly setting the search base. Do you have any DCs in a root domain (kam.com) you can select?

Chris
0
 
kam_ukAuthor Commented:
Thanks...will try this out.

Out of interest, why would we not be able to see cn=domain, but be able to see cn=schema and cn=configuration?
0
 
Chris DentPowerShell DeveloperCommented:

Because CN=domain doesn't exist whereas the other two do :)

The "domain" part of the directory resides under DC=kam,DC=com and so on for each domain.

Configuration and Schema are separate trees, and although they are named as subordinate to the root domain partition they're not.

Chris
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now