Need to find secure LDAP field.

Posted on 2011-05-04
Last Modified: 2012-08-14
I am looking for a field in Active Directory that only Domain Administrators can view. I would like to do this without modifying the schema. My goal is to put my user’s employee ID in active directory.
Question by:ntccps
    LVL 8

    Expert Comment

    Hi ntccps

    By default each user has control over their own object in AD, this is by design so they can change password etc... Also AD is read only to everyone so all fields are viewable.

    I have two questions:

    1. Who are you trying to hide the info from?
    2. How do these users view AD information?


    Author Comment

    I am not worried about the user being able to query their own information. I just need a field I can use that is not query able by all domain users.
    LVL 8

    Accepted Solution

    All fields can be queried by any user, you would need to change the scheme to add an additional field that only you knew what the name was.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    This is a little timesaver I have been using for setting up Microsoft Small Business Server (SBS) in the simplest possible way. It may not be appropriate for every customer. However, when you get a situation where the person who owns the server is i…
    This comprehensive conference-networking guide will help you prep, practice and pack for success, reach out with purpose and confidence, capitalize on connections, and turn all those new leads into long-term connections.
    This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
    With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now