We have a single domain/forest running Windows 2008 and 2008R2 AD servers. We have a web hosted product that connects to one of our 2008R2 AD servers using a domain user account through LDAP. I restricted access to this account to only two user OUs (using the AD Computers and Users) and would like to limit the information it can search through ldap to only six attributes. Additionally, I would like to limit the ldap searches to only these two OUs.
Would you either provide me details on doing this or point me to a Microsoft page?