Solved

Active Directory LDAP Query

Posted on 2014-10-16
3
105 Views
Last Modified: 2014-10-23
Hi

I am in the process of configuring LDAP as we have a third party application that needs to query AD users.  I have created an AD account for this function, the only group membership is Domain users and using LDAP Administrator I can now browse AD.

I would like to lock this down so the application can only see certain OU.  Is there a simple way to do this ?

Thanks
0
Comment
Question by:bains1000
  • 2
3 Comments
 
LVL 16

Accepted Solution

by:
Joshua Grantom earned 500 total points
ID: 40385374
remove them from Domain Users, create a new group (ex. AD Read Only) add that account to that group.

Now in ADUC, go to the OU that you want them to be able to read, right click, go to properties, security, and only give that group (AD Read Only) rights to read child objects of that OU.

Repeat this for each OU you want it to be able to read.
0
 

Author Closing Comment

by:bains1000
ID: 40399631
Thanks worked a treat
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40399634
Glad to help!
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

806 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question