What Permission Are Needed to Query LDAP

A web developer in our organization wants to query our AD and authenicate users in a web app.  What is the minimum permissions I can assign his account to accomplish this task?  We have Windows 2003 SP2 -- will have Windows 2008 R2 soon.  Is it recommended to allow web apps to authenicate against AD?  Is this secure?

Who is Participating?
Mike ThomasConnect With a Mentor ConsultantCommented:
And yes that does apply to 2003 before you ask, but some more info for you

Log on to a dc

run adsiedit.msc connect to domain and expan it and you will see

DC=yourdomainname,DC=com (or whatever you have)

It's that folder you right click on for properties, then security etc.
Mike ThomasConsultantCommented:
Here you go. ;)


An no it's not really an issue if you trust the source.
apsutechteamAuthor Commented:
Thanks for you reply.  However, I just want to give a 'specific' user minimum access.  The article you supplied suggests that Anonymous queries weakens AD security -- and I would think it would.  I'm on a college campus -- so our network isn't too private.
apsutechteamAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.